Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PItpb0sM0FEaOcvUz6eNLX3n3HU.roa
File:                     PItpb0sM0FEaOcvUz6eNLX3n3HU.roa (raw, json)
Hash identifier:          isI9kBkC5XOYH7XPB/HE1N3teH9eBQJDpqeOYFpNWtQ=
Subject key identifier:   3C:8B:69:6F:4B:0C:D0:51:1A:39:CB:D4:CF:A7:8D:2D:7D:E7:DC:75
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE62E304CD30AA47B02E0F059812EB9
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PItpb0sM0FEaOcvUz6eNLX3n3HU.roa
Signing time:             Sun 01 Jan 2023 10:35:02 +0000
ROA not before:           Sun 01 Jan 2023 10:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398395
IP address blocks:        45.67.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Feb 2023 14:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:2e:30:4c:d3:0a:a4:7b:02:e0:f0:59:81:2e:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3c8b696f4b0cd0511a39cbd4cfa78d2d7de7dc75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2a:0a:7e:c6:5a:0f:02:aa:2b:11:ca:3b:16:
                    c9:f7:46:a2:56:9e:19:f7:3d:58:98:82:6d:a8:ec:
                    1c:2c:00:d7:5e:8b:92:1f:dd:80:8b:3c:98:7d:0b:
                    48:70:68:30:85:db:c6:8f:c9:ef:1b:e0:d2:53:56:
                    b0:4a:f6:89:c6:ba:7c:13:d4:9b:5b:e3:80:bf:2b:
                    67:86:bb:21:72:8a:28:81:44:6c:24:7f:44:de:bc:
                    39:96:67:76:ad:b1:1d:60:83:b6:5f:d2:ea:8c:5a:
                    b4:47:ed:30:f8:74:af:c4:7a:46:40:1d:70:8e:b2:
                    2d:8b:30:70:e7:a8:76:56:56:f9:be:7f:a9:0e:56:
                    f7:13:14:79:62:66:53:90:98:94:4a:05:a7:2a:83:
                    04:c4:08:73:fe:65:ab:21:75:71:93:f1:4b:bf:20:
                    8d:9c:c3:62:5f:60:1a:6b:7e:eb:17:66:ac:95:28:
                    98:96:1a:65:09:5d:c6:36:8c:ef:4e:6e:78:1e:46:
                    54:3d:94:99:fb:fd:50:9e:ab:4f:f0:b4:07:85:e3:
                    9b:5f:7f:a0:44:c5:8c:f5:70:42:92:52:b8:46:13:
                    40:f4:1f:6f:d9:4e:6c:41:9c:25:ad:ab:0b:41:74:
                    c2:d4:d8:4f:9b:d5:ee:79:8b:e7:61:0e:13:89:60:
                    16:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:8B:69:6F:4B:0C:D0:51:1A:39:CB:D4:CF:A7:8D:2D:7D:E7:DC:75
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PItpb0sM0FEaOcvUz6eNLX3n3HU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:d2:eb:8f:2c:c0:30:32:ad:36:ec:8d:59:98:8b:a1:7c:aa:
         d3:84:55:12:2f:5c:3e:90:e2:f4:38:0b:12:c9:88:be:e7:d9:
         ea:7c:8f:a3:08:5a:d4:e8:80:31:cc:b7:c0:0f:f5:eb:04:91:
         73:e4:cb:1a:73:c2:88:bf:c6:ef:96:78:b1:8d:11:b0:4a:dd:
         b1:49:a9:17:a7:72:c4:71:cf:a9:f4:97:c9:26:76:a3:db:15:
         26:38:43:82:68:80:c2:61:ec:73:91:76:7c:d9:d3:22:bf:1f:
         bf:30:df:3c:b0:b6:e8:e5:5c:fb:9d:d7:aa:9d:6d:de:0a:5c:
         ab:8a:54:02:3c:19:37:02:ab:56:97:a2:cd:fb:ad:e9:22:7c:
         f0:72:ea:58:13:62:27:9d:9b:87:8a:4d:80:5d:10:c3:23:5d:
         e5:f0:7e:86:af:df:a7:c5:61:e4:51:a0:6b:b5:95:82:49:27:
         2d:33:88:af:43:6e:d7:d7:81:e0:35:a5:b8:c0:f8:40:ef:c0:
         44:c1:6e:76:2d:a5:d3:5b:86:00:3c:b2:09:7d:58:93:11:01:
         7f:7d:3f:6f:54:c8:e3:13:76:04:45:26:2a:50:ad:47:dd:c7:
         4d:19:b6:60:34:b6:7b:c5:1d:98:f3:86:12:d4:9e:8c:7e:9f:
         f8:cf:78:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5i4wTNMKpHsC4PBZgS65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzhiNjk2ZjRiMGNkMDUxMWEzOWNiZDRjZmE3OGQyZDdkZTdkYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCoKfsZaDwKqKxHKOxbJ90aiVp4Z
9z1YmIJtqOwcLADXXouSH92AizyYfQtIcGgwhdvGj8nvG+DSU1awSvaJxrp8E9Sb
W+OAvytnhrshcooogURsJH9E3rw5lmd2rbEdYIO2X9LqjFq0R+0w+HSvxHpGQB1w
jrItizBw56h2Vlb5vn+pDlb3ExR5YmZTkJiUSgWnKoMExAhz/mWrIXVxk/FLvyCN
nMNiX2Aaa37rF2aslSiYlhplCV3GNozvTm54HkZUPZSZ+/1QnqtP8LQHheObX3+g
RMWM9XBCklK4RhNA9B9v2U5sQZwlrasLQXTC1NhPm9XueYvnYQ4TiWAWKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyLaW9LDNBRGjnL1M+njS1959x1MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvUEl0cGIwc00wRkVhT2N2VXo2ZU5MWDNuM0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUNXMA0G
CSqGSIb3DQEBCwUAA4IBAQAS0uuPLMAwMq027I1ZmIuhfKrThFUSL1w+kOL0OAsS
yYi+59nqfI+jCFrU6IAxzLfAD/XrBJFz5Msac8KIv8bvlnixjRGwSt2xSakXp3LE
cc+p9JfJJnaj2xUmOEOCaIDCYexzkXZ82dMivx+/MN88sLbo5Vz7ndeqnW3eClyr
ilQCPBk3AqtWl6LN+63pInzwcupYE2InnZuHik2AXRDDI13l8H6Gr9+nxWHkUaBr
tZWCSSctM4ivQ27X14HgNaW4wPhA78BEwW52LaXTW4YAPLIJfViTEQF/fT9vVMjj
E3YERSYqUK1H3cdNGbZgNLZ7xR2Y84YS1J6Mfp/4z3gV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org