Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PLyzgtDGLxZd7wqERER9rcohKzY.roa
File:                     PLyzgtDGLxZd7wqERER9rcohKzY.roa (raw, json)
Hash identifier:          klHpDQqVvzlkN0CoE7hqDVSIiAgEl86pyzUPftfjzzw=
Subject key identifier:   3C:BC:B3:82:D0:C6:2F:16:5D:EF:0A:84:44:44:7D:AD:CA:21:2B:36
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE615105281C13722C23AFB5FBB2B12
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PLyzgtDGLxZd7wqERER9rcohKzY.roa
Signing time:             Sun 01 Jan 2023 10:34:56 +0000
ROA not before:           Sun 01 Jan 2023 10:34:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38001
IP address blocks:        45.67.136.0/24 maxlen: 24
                          45.67.137.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 10:15:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:15:10:52:81:c1:37:22:c2:3a:fb:5f:bb:2b:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:34:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3cbcb382d0c62f165def0a8444447dadca212b36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c0:af:db:78:7f:70:b3:ab:88:2d:43:39:51:
                    c5:4d:1c:1b:46:2f:86:6a:c4:58:a8:f9:ef:ea:65:
                    e7:eb:ef:7e:44:53:54:41:59:77:c1:00:37:dd:0f:
                    aa:71:66:f6:f3:18:e0:d1:33:f2:01:46:f2:67:ae:
                    5b:2b:0d:f9:da:64:05:70:cb:b2:61:7a:c9:05:6d:
                    63:19:84:41:2c:4b:17:87:02:ad:e4:14:c4:67:8a:
                    fc:bf:15:a4:f7:27:a9:cd:83:ce:e3:32:c7:0b:8b:
                    7a:0e:c6:d0:ad:82:f2:73:49:a0:b7:90:c6:8f:e6:
                    29:a7:6d:17:45:1e:81:9b:55:6c:3a:7e:ca:e3:ae:
                    12:41:fa:d5:4f:b5:22:15:44:63:4f:55:92:f0:f1:
                    43:6a:c0:ca:0e:9f:e2:59:18:4d:0f:41:fb:b2:de:
                    ee:84:fb:d4:52:f8:ef:17:70:8b:f9:e1:d8:72:c6:
                    43:ea:fa:f2:f4:41:08:4e:e3:5f:72:d7:9b:dd:d3:
                    bd:a4:35:fa:8c:4e:bd:0d:90:30:73:77:83:37:4c:
                    82:c6:ed:25:dd:a7:78:75:3c:ed:b0:8f:41:e9:5d:
                    e7:56:80:a3:4c:c2:89:9b:d0:f3:e5:21:fd:32:44:
                    b4:a4:84:37:78:d1:fb:62:2a:64:ae:f2:35:c2:57:
                    2d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:BC:B3:82:D0:C6:2F:16:5D:EF:0A:84:44:44:7D:AD:CA:21:2B:36
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PLyzgtDGLxZd7wqERER9rcohKzY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         44:ad:99:05:b6:df:10:46:08:e4:57:a6:a6:a7:e6:16:bc:e5:
         b2:38:b9:9b:84:a8:84:4c:e1:2c:2f:4e:06:1e:58:a6:bf:6b:
         40:29:e0:4a:91:70:6c:e7:b3:ac:85:11:4f:6b:1d:a4:02:4f:
         09:55:d4:9a:ab:b3:12:f0:9a:9c:bf:76:81:24:dc:33:52:d4:
         13:8e:4f:67:a4:ab:54:93:3a:36:ba:93:de:52:57:74:96:be:
         7b:b8:86:d7:9f:66:c1:bd:80:01:fd:53:af:8c:77:6d:94:3e:
         8f:4d:2d:e5:8e:26:d0:74:da:3f:06:cb:fb:dd:e0:ed:65:66:
         44:b1:e3:db:eb:1b:3a:d0:dd:e4:11:a7:6d:ff:99:69:32:ea:
         a2:b1:58:92:ad:58:4e:ec:d4:c0:5b:c1:33:88:92:03:ad:52:
         cf:b9:75:af:c1:db:a8:bc:91:b8:ac:93:af:03:5b:dd:9f:c1:
         88:25:2c:03:df:76:7d:f7:bf:19:a4:93:54:48:24:07:ee:58:
         c0:69:ac:e9:6a:fc:f6:8b:e4:e2:7b:82:bc:66:52:85:7e:9e:
         48:2a:62:21:44:7f:cc:ee:99:e7:1f:03:f2:c7:74:84:b5:e2:
         ad:bf:a2:e1:3a:3d:24:4c:89:f3:ad:1e:ec:82:d6:36:86:43:
         f3:0c:3d:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5hUQUoHBNyLCOvtfuysSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2JjYjM4MmQwYzYyZjE2NWRlZjBhODQ0NDQ0N2RhZGNhMjEyYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsCv23h/cLOriC1DOVHFTRwbRi+G
asRYqPnv6mXn6+9+RFNUQVl3wQA33Q+qcWb28xjg0TPyAUbyZ65bKw352mQFcMuy
YXrJBW1jGYRBLEsXhwKt5BTEZ4r8vxWk9yepzYPO4zLHC4t6DsbQrYLyc0mgt5DG
j+Ypp20XRR6Bm1VsOn7K464SQfrVT7UiFURjT1WS8PFDasDKDp/iWRhND0H7st7u
hPvUUvjvF3CL+eHYcsZD6vry9EEITuNfcteb3dO9pDX6jE69DZAwc3eDN0yCxu0l
3ad4dTztsI9B6V3nVoCjTMKJm9Dz5SH9MkS0pIQ3eNH7YipkrvI1wlct/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDy8s4LQxi8WXe8KhEREfa3KISs2MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvUEx5emd0REdMeFpkN3dxRVJFUjlyY29oS3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUOIMA0G
CSqGSIb3DQEBCwUAA4IBAQBErZkFtt8QRgjkV6amp+YWvOWyOLmbhKiETOEsL04G
Hlimv2tAKeBKkXBs57OshRFPax2kAk8JVdSaq7MS8Jqcv3aBJNwzUtQTjk9npKtU
kzo2upPeUld0lr57uIbXn2bBvYAB/VOvjHdtlD6PTS3ljibQdNo/Bsv73eDtZWZE
sePb6xs60N3kEadt/5lpMuqisViSrVhO7NTAW8EziJIDrVLPuXWvwduovJG4rJOv
A1vdn8GIJSwD33Z9978ZpJNUSCQH7ljAaazpavz2i+Tie4K8ZlKFfp5IKmIhRH/M
7pnnHwPyx3SEteKtv6LhOj0kTInzrR7sgtY2hkPzDD0M
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org