Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/ZgW8xgTUAqV2z39IkKyYp4UZkxQ.roa
File:                     ZgW8xgTUAqV2z39IkKyYp4UZkxQ.roa (raw, json)
Hash identifier:          TOzC6s2VPHFwJoDNsBKNpSzYlO1VXeegVsBJLhXNxzc=
Subject key identifier:   66:05:BC:C6:04:D4:02:A5:76:CF:7F:48:90:AC:98:A7:85:19:93:14
Certificate issuer:       /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial:       018D4A7C5920458623E5C92B8A7CADC3CB82
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/ZgW8xgTUAqV2z39IkKyYp4UZkxQ.roa
Signing time:             Sat 27 Jan 2024 10:34:39 +0000
ROA not before:           Sat 27 Jan 2024 10:34:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47430
IP address blocks:        45.139.8.0/24 maxlen: 24
                          45.139.9.0/24 maxlen: 24
                          194.180.209.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Feb 2024 11:16:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:4a:7c:59:20:45:86:23:e5:c9:2b:8a:7c:ad:c3:cb:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
        Validity
            Not Before: Jan 27 10:34:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6605bcc604d402a576cf7f4890ac98a785199314
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:da:e2:d5:11:b4:76:4d:4d:4e:39:56:82:73:
                    16:e9:a8:0d:0d:80:9f:9a:a4:46:90:8c:d7:c3:b8:
                    5e:6a:a2:4b:18:5a:a5:f0:82:f7:a5:74:a6:bd:34:
                    4e:38:19:c4:eb:a3:ff:a8:21:a3:17:27:55:4c:dd:
                    2c:78:77:cc:9c:06:34:1f:c2:f5:55:20:6f:02:8a:
                    48:5c:c7:85:17:fc:81:2b:5f:6f:53:93:57:85:c3:
                    a8:ff:93:4b:a0:66:21:d5:da:5d:b0:af:8f:9d:62:
                    42:9c:91:64:58:7b:8b:c7:98:e7:16:14:d5:31:24:
                    4f:7b:c5:d5:4e:94:c6:dc:34:ac:fe:6a:d1:03:a2:
                    61:43:35:2a:1a:48:92:45:ad:e4:35:25:60:a8:5b:
                    5f:48:de:1a:f0:67:db:7c:36:70:8e:1d:ed:70:fa:
                    b5:16:26:a7:06:fb:98:ac:a5:28:cc:2c:0d:83:62:
                    ba:2e:a8:56:49:87:61:33:07:9b:b3:3c:3d:1e:f5:
                    d3:de:69:30:67:b3:5b:dc:d0:52:43:74:c5:b4:55:
                    9e:1a:3d:6d:3f:ba:f1:fa:27:5a:a2:a9:41:4b:10:
                    63:25:77:30:f6:43:58:93:72:7c:92:8f:3c:32:f4:
                    5f:67:4e:2d:21:51:33:ad:27:fc:60:b5:22:19:e7:
                    2a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:05:BC:C6:04:D4:02:A5:76:CF:7F:48:90:AC:98:A7:85:19:93:14
            X509v3 Authority Key Identifier:
                keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/ZgW8xgTUAqV2z39IkKyYp4UZkxQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.8.0/23
                  194.180.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:fc:7f:e5:82:a3:7e:4a:0e:19:17:11:f1:5f:78:d8:d7:fd:
         4c:40:63:1e:9c:04:ad:82:42:51:80:c9:93:a7:e8:c6:f2:41:
         30:f6:bc:62:4d:8f:4d:15:f1:ce:97:41:08:dc:92:cc:bf:1d:
         71:85:01:14:16:1a:73:f9:0b:f1:2b:76:6d:4f:62:54:53:77:
         c7:73:61:91:91:bf:37:49:d4:5d:a1:2c:d7:7d:d5:59:50:7c:
         2a:89:2a:30:c4:b1:1d:74:cc:de:c9:7d:7e:b2:7b:07:6e:1f:
         e8:30:13:37:ef:48:7b:e7:a2:7b:df:19:a3:99:ee:ad:59:90:
         b3:b6:ab:61:f6:00:2a:1c:ae:db:da:60:aa:9c:aa:22:a7:9c:
         21:c4:4c:65:fa:5b:c5:e4:c2:aa:18:7a:cb:62:c5:1d:20:b7:
         16:c3:8c:9e:f0:2e:1b:56:8d:a7:02:26:ce:77:3a:32:05:73:
         d8:46:00:b1:8a:a6:e2:de:46:20:a6:f9:8f:bc:a7:b7:2e:c8:
         79:7c:12:d1:5b:83:1a:84:2b:33:75:d0:ae:b1:b8:00:6b:17:
         ee:d8:2a:56:3f:2b:4a:0e:ab:45:17:e5:1d:36:9d:a1:7e:c1:
         4e:0f:44:ac:55:34:22:ca:19:6d:6e:8f:49:ce:13:ae:c9:76:
         d0:2c:13:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1KfFkgRYYj5ckrinytw8uCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMTI3MTAzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjA1YmNjNjA0ZDQwMmE1NzZjZjdmNDg5MGFjOThhNzg1MTk5MzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNri1RG0dk1NTjlWgnMW6agNDYCf
mqRGkIzXw7heaqJLGFql8IL3pXSmvTROOBnE66P/qCGjFydVTN0seHfMnAY0H8L1
VSBvAopIXMeFF/yBK19vU5NXhcOo/5NLoGYh1dpdsK+PnWJCnJFkWHuLx5jnFhTV
MSRPe8XVTpTG3DSs/mrRA6JhQzUqGkiSRa3kNSVgqFtfSN4a8GfbfDZwjh3tcPq1
FianBvuYrKUozCwNg2K6LqhWSYdhMwebszw9HvXT3mkwZ7Nb3NBSQ3TFtFWeGj1t
P7rx+idaoqlBSxBjJXcw9kNYk3J8ko88MvRfZ04tIVEzrSf8YLUiGecqOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGYFvMYE1AKlds9/SJCsmKeFGZMUMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvWmdXOHhnVFVBcVYyejM5SWtLeVlwNFVaa3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYsIAwQA
wrTRMA0GCSqGSIb3DQEBCwUAA4IBAQA4/H/lgqN+Sg4ZFxHxX3jY1/1MQGMenASt
gkJRgMmTp+jG8kEw9rxiTY9NFfHOl0EI3JLMvx1xhQEUFhpz+QvxK3ZtT2JUU3fH
c2GRkb83SdRdoSzXfdVZUHwqiSowxLEddMzeyX1+snsHbh/oMBM370h756J73xmj
me6tWZCztqth9gAqHK7b2mCqnKoip5whxExl+lvF5MKqGHrLYsUdILcWw4ye8C4b
Vo2nAibOdzoyBXPYRgCxiqbi3kYgpvmPvKe3Lsh5fBLRW4MahCszddCusbgAaxfu
2CpWPytKDqtFF+UdNp2hfsFOD0SsVTQiyhltbo9JzhOuyXbQLBMm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:15 2024 by rpki-client on console-ams.rpki-client.org