Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/HXgc5asXddIInPOLQdHw4hwMpII.roa
File:                     HXgc5asXddIInPOLQdHw4hwMpII.roa (raw, json)
Hash identifier:          p4o7IDl2opfarwScUQS+aMYsPxfZlI330+fImCnpmPI=
Subject key identifier:   1D:78:1C:E5:AB:17:75:D2:08:9C:F3:8B:41:D1:F0:E2:1C:0C:A4:82
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       018CC94E3CA7A54067019086EF7D99C30598
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/HXgc5asXddIInPOLQdHw4hwMpII.roa
Signing time:             Tue 02 Jan 2024 08:33:16 +0000
ROA not before:           Tue 02 Jan 2024 08:33:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200229
IP address blocks:        45.137.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 10:06:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:3c:a7:a5:40:67:01:90:86:ef:7d:99:c3:05:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  2 08:33:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1d781ce5ab1775d2089cf38b41d1f0e21c0ca482
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:e6:5c:e9:21:2f:ec:0a:04:6d:88:23:c6:23:
                    86:8d:51:80:81:72:85:3d:ff:1a:fe:ad:5a:0e:d0:
                    ef:1f:60:d4:c8:85:8b:85:be:b7:03:4e:39:c0:10:
                    b2:2d:11:db:2e:54:7f:9d:7f:d3:1a:37:52:96:3b:
                    bf:30:c2:d8:70:9d:97:72:a3:56:5e:41:e3:3d:ec:
                    00:85:b7:a7:7c:b4:d5:e3:da:fc:8e:24:eb:43:ac:
                    50:db:bf:45:be:f6:9e:5b:cd:d5:fd:e5:ff:6b:bc:
                    8e:aa:a1:48:6f:a1:b7:c7:16:90:94:08:06:78:53:
                    ad:8d:72:48:42:1d:37:89:f8:a2:84:db:f8:c8:a5:
                    2b:8d:44:61:2d:3c:f8:59:8d:43:b3:51:46:23:fe:
                    d4:70:b0:25:f7:26:56:b9:42:c3:23:a8:66:09:d4:
                    f0:d4:a5:af:e5:58:db:e2:a6:b4:cb:de:b0:bc:a4:
                    5d:03:5e:b8:20:00:f6:1e:bf:6d:a4:bf:7f:fa:7a:
                    24:ed:df:7a:35:ae:9a:e5:a5:c0:1c:53:0c:6b:24:
                    7a:6b:3c:c9:34:d5:51:49:3b:5b:63:e1:93:5d:bb:
                    7f:82:cc:f0:85:c8:60:45:41:e9:a9:d1:50:d2:6c:
                    36:4c:77:de:12:c0:cb:1d:76:10:48:1f:27:d7:92:
                    55:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:78:1C:E5:AB:17:75:D2:08:9C:F3:8B:41:D1:F0:E2:1C:0C:A4:82
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/HXgc5asXddIInPOLQdHw4hwMpII.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:ce:26:01:56:42:8d:2c:3d:67:29:8d:59:4b:47:75:f9:a4:
         7f:94:15:a1:72:30:2b:98:47:51:9c:73:e4:b4:68:78:46:bb:
         57:29:c1:83:71:1b:6b:dc:0b:84:d9:21:a8:0c:25:04:92:d0:
         5a:60:d8:a8:ad:c8:e1:d3:bf:77:23:17:6e:b4:ed:d6:9f:88:
         dc:b1:2c:25:3b:ad:39:3d:0e:17:94:d0:dd:f3:0d:0d:24:9e:
         72:45:3d:2c:2f:d5:e1:89:b3:4e:db:ee:45:a5:4c:2c:3b:00:
         11:a3:e0:b8:b9:5d:8f:30:f3:e7:d6:d8:34:70:58:ac:59:46:
         9c:f4:3f:58:e6:c6:a2:64:cc:f5:d9:ae:3f:2b:ab:0a:8b:3d:
         92:ff:f1:ca:be:1e:3e:9c:06:e0:9c:4e:41:ee:d4:d9:17:79:
         8a:9c:db:27:cc:f5:bc:c6:b7:15:0e:be:e3:ed:ed:6f:4f:d3:
         02:be:86:c0:12:56:20:59:2c:1c:b1:77:22:7d:82:ba:29:c9:
         21:b4:88:c6:c8:41:5c:06:6c:0a:52:ca:ec:a3:ab:af:88:16:
         e3:98:91:12:35:9c:93:2e:75:d4:70:9b:06:78:20:3e:d4:13:
         27:df:bc:a7:42:98:cf:f0:0b:10:56:22:08:91:59:93:23:ea:
         f8:a6:94:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTjynpUBnAZCG732ZwwWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc4MWNlNWFiMTc3NWQyMDg5Y2YzOGI0MWQxZjBlMjFjMGNhNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+Zc6SEv7AoEbYgjxiOGjVGAgXKF
Pf8a/q1aDtDvH2DUyIWLhb63A045wBCyLRHbLlR/nX/TGjdSlju/MMLYcJ2XcqNW
XkHjPewAhbenfLTV49r8jiTrQ6xQ279FvvaeW83V/eX/a7yOqqFIb6G3xxaQlAgG
eFOtjXJIQh03ifiihNv4yKUrjURhLTz4WY1Ds1FGI/7UcLAl9yZWuULDI6hmCdTw
1KWv5Vjb4qa0y96wvKRdA164IAD2Hr9tpL9/+nok7d96Na6a5aXAHFMMayR6azzJ
NNVRSTtbY+GTXbt/gszwhchgRUHpqdFQ0mw2THfeEsDLHXYQSB8n15JVWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB14HOWrF3XSCJzzi0HR8OIcDKSCMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvSFhnYzVhc1hkZElJblBPTFFkSHc0aHdNcElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYlGMA0G
CSqGSIb3DQEBCwUAA4IBAQAJziYBVkKNLD1nKY1ZS0d1+aR/lBWhcjArmEdRnHPk
tGh4RrtXKcGDcRtr3AuE2SGoDCUEktBaYNiorcjh0793IxdutO3Wn4jcsSwlO605
PQ4XlNDd8w0NJJ5yRT0sL9XhibNO2+5FpUwsOwARo+C4uV2PMPPn1tg0cFisWUac
9D9Y5saiZMz12a4/K6sKiz2S//HKvh4+nAbgnE5B7tTZF3mKnNsnzPW8xrcVDr7j
7e1vT9MCvobAElYgWSwcsXcifYK6KckhtIjGyEFcBmwKUsrso6uviBbjmJESNZyT
LnXUcJsGeCA+1BMn37ynQpjP8AsQViIIkVmTI+r4ppQ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org