Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0tlNfl6yo5Ss9B2SluckgYo0NIM.roa
File:                     0tlNfl6yo5Ss9B2SluckgYo0NIM.roa (raw, json)
Hash identifier:          SXIXTbVM+aHJ3axQtQCxexUJM0O69K5XHeA7weUXsvM=
Subject key identifier:   D2:D9:4D:7E:5E:B2:A3:94:AC:F4:1D:92:96:E7:24:81:8A:34:34:83
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       0189F32510BA89435FAAE66CDFB85FAEBA78
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0tlNfl6yo5Ss9B2SluckgYo0NIM.roa
Signing time:             Mon 14 Aug 2023 08:23:59 +0000
ROA not before:           Mon 14 Aug 2023 08:23:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197071
IP address blocks:        185.117.0.0/24 maxlen: 24
                          45.67.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 15:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f3:25:10:ba:89:43:5f:aa:e6:6c:df:b8:5f:ae:ba:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Aug 14 08:23:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d2d94d7e5eb2a394acf41d9296e724818a343483
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:61:a6:34:0d:a1:6d:b9:d6:0f:fe:9d:b8:02:
                    64:6d:5a:83:81:54:72:b5:22:ff:93:b3:49:61:61:
                    13:18:84:c2:96:f1:80:79:ee:06:6d:f8:c1:c7:fe:
                    dc:f9:ec:12:ea:02:b7:f0:3f:07:39:73:be:99:e4:
                    83:88:cd:55:12:f0:b9:cf:05:b2:40:d7:18:8a:b5:
                    1d:19:14:da:aa:7d:1f:01:fa:73:11:98:56:17:ad:
                    ba:69:9e:38:da:59:b7:b4:6f:f7:4d:c9:07:29:ac:
                    fb:bf:14:bd:e0:b6:6c:35:22:76:7c:07:35:10:8d:
                    a7:94:12:39:72:ee:c5:af:aa:c5:c2:44:77:b4:04:
                    19:a2:ec:38:8f:09:76:b4:e8:cb:64:59:c5:4e:30:
                    cb:90:1f:7e:3c:c5:5f:24:6a:81:c0:28:f7:91:9d:
                    ee:e5:11:1b:3d:fe:80:7c:0b:af:6d:cd:2e:c9:dc:
                    94:f2:6c:d5:b8:d6:ce:40:0a:62:4c:46:05:bb:6f:
                    26:bf:19:8d:47:25:af:98:f1:2e:bc:2b:af:5e:45:
                    f3:fe:69:81:3e:9b:6d:67:32:17:28:97:a0:5d:9e:
                    35:d3:23:a7:76:4e:93:6a:5d:16:41:2b:fa:e4:4a:
                    8d:1a:31:e0:29:db:89:da:9b:b5:7b:eb:46:90:c3:
                    04:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:D9:4D:7E:5E:B2:A3:94:AC:F4:1D:92:96:E7:24:81:8A:34:34:83
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0tlNfl6yo5Ss9B2SluckgYo0NIM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.139.0/24
                  185.117.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:28:67:23:27:e8:70:66:6c:d9:5d:2a:33:f9:bc:05:5a:ae:
         6b:a1:70:02:47:93:0e:68:77:c7:b7:64:77:f9:3a:fb:b6:48:
         e3:19:34:be:e2:5c:4e:2a:01:65:bc:94:c0:c2:d3:7a:ae:6e:
         94:f5:89:1b:98:91:bf:98:fd:c6:ca:07:8d:ac:40:aa:9f:d7:
         43:24:7b:3c:d8:29:d1:dc:31:25:aa:4b:63:f8:de:0c:39:d5:
         63:13:24:85:7b:18:69:00:cb:b2:4f:aa:4d:08:7b:5e:5d:ac:
         6a:e8:bc:9a:95:20:9f:84:0d:b4:8c:ae:4b:d5:77:d0:ab:48:
         8e:c8:93:14:b4:55:22:16:f6:e1:84:8d:1c:53:ed:bf:f1:76:
         9b:b0:12:a2:9c:24:e5:ba:5c:1f:26:3b:73:9c:f8:60:2a:54:
         dc:76:f6:17:b0:32:64:97:a9:af:40:a5:d4:fe:1f:1a:2f:f5:
         b7:2f:b8:08:fc:73:66:4c:6b:f9:45:fb:b3:06:1b:66:c8:0e:
         72:03:63:64:ad:99:d3:d3:ae:25:81:e3:dd:7a:06:82:51:e2:
         40:b0:a3:3b:a1:29:ed:1c:95:43:a1:a3:2c:c9:a3:b5:6d:47:
         d2:a0:b5:59:41:28:a3:bd:30:6d:f0:11:f1:e3:3e:1a:b8:c0:
         ce:4d:87:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnzJRC6iUNfquZs37hfrrp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwODE0MDgyMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQ5NGQ3ZTVlYjJhMzk0YWNmNDFkOTI5NmU3MjQ4MThhMzQzNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmGmNA2hbbnWD/6duAJkbVqDgVRy
tSL/k7NJYWETGITClvGAee4GbfjBx/7c+ewS6gK38D8HOXO+meSDiM1VEvC5zwWy
QNcYirUdGRTaqn0fAfpzEZhWF626aZ442lm3tG/3TckHKaz7vxS94LZsNSJ2fAc1
EI2nlBI5cu7Fr6rFwkR3tAQZouw4jwl2tOjLZFnFTjDLkB9+PMVfJGqBwCj3kZ3u
5REbPf6AfAuvbc0uydyU8mzVuNbOQApiTEYFu28mvxmNRyWvmPEuvCuvXkXz/mmB
PpttZzIXKJegXZ410yOndk6Tal0WQSv65EqNGjHgKduJ2pu1e+tGkMMEmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNLZTX5esqOUrPQdkpbnJIGKNDSDMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMHRsTmZsNnlvNVNzOUIyU2x1Y2tnWW8wTklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUOLAwQA
uXUAMA0GCSqGSIb3DQEBCwUAA4IBAQCWKGcjJ+hwZmzZXSoz+bwFWq5roXACR5MO
aHfHt2R3+Tr7tkjjGTS+4lxOKgFlvJTAwtN6rm6U9YkbmJG/mP3GygeNrECqn9dD
JHs82CnR3DElqktj+N4MOdVjEySFexhpAMuyT6pNCHteXaxq6LyalSCfhA20jK5L
1XfQq0iOyJMUtFUiFvbhhI0cU+2/8XabsBKinCTlulwfJjtznPhgKlTcdvYXsDJk
l6mvQKXU/h8aL/W3L7gI/HNmTGv5RfuzBhtmyA5yA2NkrZnT064lgePdegaCUeJA
sKM7oSntHJVDoaMsyaO1bUfSoLVZQSijvTBt8BHx4z4auMDOTYc2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org