Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/DvJaX8DK48dXuKCk_gqVpMIKKOM.roa
File:                     DvJaX8DK48dXuKCk_gqVpMIKKOM.roa (raw, json)
Hash identifier:          Ec2SeFHih1/liYSsibXuryl6yPD+mHgSOy8S3syVJXk=
Subject key identifier:   0E:F2:5A:5F:C0:CA:E3:C7:57:B8:A0:A4:FE:0A:95:A4:C2:0A:28:E3
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE62751C3F4D91C464DC484830EA07B
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/DvJaX8DK48dXuKCk_gqVpMIKKOM.roa
Signing time:             Sun 01 Jan 2023 10:35:00 +0000
ROA not before:           Sun 01 Jan 2023 10:35:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210542
IP address blocks:        45.142.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Jun 2023 10:32:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:27:51:c3:f4:d9:1c:46:4d:c4:84:83:0e:a0:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:35:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ef25a5fc0cae3c757b8a0a4fe0a95a4c20a28e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e8:5e:b5:0c:40:c6:9b:fd:dc:f2:90:41:17:
                    78:b5:81:60:e6:4d:52:4a:a5:27:ca:ad:c4:b5:89:
                    58:fa:48:17:f2:84:4f:f6:d7:d3:3b:4c:d7:02:87:
                    41:b2:8a:78:22:41:9b:52:44:8c:7b:ad:01:9b:db:
                    35:76:fd:16:d7:c2:9b:44:8a:17:d2:31:70:9c:17:
                    b3:b8:7f:63:87:ed:61:07:89:82:98:ee:d8:18:18:
                    88:b9:b0:5b:1a:79:92:34:a3:9f:65:da:28:3d:89:
                    06:e7:82:49:70:8d:e3:74:f5:e4:ef:75:8b:86:d0:
                    7d:75:4a:df:fd:0c:74:7c:0e:7a:07:fa:2f:d8:79:
                    54:14:ce:77:9f:ee:31:63:4b:b2:2d:a4:ff:9b:60:
                    2c:ef:75:7d:54:5a:48:08:eb:0a:43:b1:d9:a7:1a:
                    d8:ee:bb:8f:e9:c5:20:a6:c7:39:e2:64:2b:dd:07:
                    bc:b9:c4:28:75:56:e8:59:e4:77:1c:45:70:38:7d:
                    dd:69:c5:63:9c:8a:18:74:64:ce:62:d5:a4:2e:aa:
                    69:8d:3a:3f:b4:98:28:d0:40:db:0b:49:69:7f:a2:
                    84:79:0a:af:10:dc:5f:7f:c1:fc:b0:0a:45:aa:45:
                    b9:70:5f:76:09:bf:78:11:e8:b1:e6:83:b4:16:4f:
                    ab:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:F2:5A:5F:C0:CA:E3:C7:57:B8:A0:A4:FE:0A:95:A4:C2:0A:28:E3
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/DvJaX8DK48dXuKCk_gqVpMIKKOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:ed:26:ee:64:24:cb:ed:5a:b6:b2:b4:11:57:ee:a8:af:85:
         7c:b7:b3:e9:93:ab:6e:ea:58:75:d7:b7:44:92:ac:c7:44:8e:
         38:2b:26:86:51:ec:61:16:d3:77:c1:a4:e2:88:2d:57:45:9f:
         b0:67:cd:21:e2:25:36:34:d6:41:54:85:3a:f6:f9:33:18:c4:
         7d:86:f6:f8:c7:44:da:b7:b3:a2:5f:52:90:0a:a6:c0:d4:67:
         8f:f8:06:2f:fa:09:71:0b:c8:44:a6:51:6d:50:61:5d:3c:73:
         df:ff:fb:49:20:a7:89:b5:25:5b:94:20:c5:8f:20:5e:60:25:
         9b:66:a6:89:0a:53:82:a1:2a:86:7e:c1:59:ec:35:cc:2f:dd:
         ed:f7:b0:f3:7f:0a:81:3e:68:01:f6:81:43:13:fb:cf:d8:95:
         a5:dc:4f:69:97:4c:36:3c:78:ac:7b:bd:ce:40:64:4e:fa:87:
         e6:60:9d:c9:09:60:55:85:7d:d9:ba:c6:25:cc:e3:ba:ec:56:
         98:49:68:bf:1f:b1:c4:40:35:d4:2c:0f:21:93:19:4b:81:26:
         b0:fd:c5:05:bf:6e:59:a3:ae:f1:7e:9f:df:2d:bc:d0:df:cc:
         2d:61:c1:75:a1:67:43:9e:d6:90:15:67:2c:f8:06:68:2e:58:
         9e:db:22:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5idRw/TZHEZNxISDDqB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWYyNWE1ZmMwY2FlM2M3NTdiOGEwYTRmZTBhOTVhNGMyMGEyOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+hetQxAxpv93PKQQRd4tYFg5k1S
SqUnyq3EtYlY+kgX8oRP9tfTO0zXAodBsop4IkGbUkSMe60Bm9s1dv0W18KbRIoX
0jFwnBezuH9jh+1hB4mCmO7YGBiIubBbGnmSNKOfZdooPYkG54JJcI3jdPXk73WL
htB9dUrf/Qx0fA56B/ov2HlUFM53n+4xY0uyLaT/m2As73V9VFpICOsKQ7HZpxrY
7ruP6cUgpsc54mQr3Qe8ucQodVboWeR3HEVwOH3dacVjnIoYdGTOYtWkLqppjTo/
tJgo0EDbC0lpf6KEeQqvENxff8H8sApFqkW5cF92Cb94Eeix5oO0Fk+rnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7yWl/AyuPHV7igpP4KlaTCCijjMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvRHZKYVg4REs0OGRYdUtDa19ncVZwTUlLS09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY5qMA0G
CSqGSIb3DQEBCwUAA4IBAQB07SbuZCTL7Vq2srQRV+6or4V8t7Ppk6tu6lh117dE
kqzHRI44KyaGUexhFtN3waTiiC1XRZ+wZ80h4iU2NNZBVIU69vkzGMR9hvb4x0Ta
t7OiX1KQCqbA1GeP+AYv+glxC8hEplFtUGFdPHPf//tJIKeJtSVblCDFjyBeYCWb
ZqaJClOCoSqGfsFZ7DXML93t97DzfwqBPmgB9oFDE/vP2JWl3E9pl0w2PHise73O
QGRO+ofmYJ3JCWBVhX3ZusYlzOO67FaYSWi/H7HEQDXULA8hkxlLgSaw/cUFv25Z
o67xfp/fLbzQ38wtYcF1oWdDntaQFWcs+AZoLlie2yKb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org