Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6n1o2END6iPkZ1deYJu8SR767KA.roa
File:                     6n1o2END6iPkZ1deYJu8SR767KA.roa (raw, json)
Hash identifier:          S8yMTNP7dNH8s2Y1HerZkZfLaR9NzEVFfzlSyySGrSg=
Subject key identifier:   EA:7D:68:D8:43:43:EA:23:E4:67:57:5E:60:9B:BC:49:1E:FA:EC:A0
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018571E89120833BC294318D6C446825C667
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6n1o2END6iPkZ1deYJu8SR767KA.roa
Signing time:             Mon 02 Jan 2023 09:55:44 +0000
ROA not before:           Mon 02 Jan 2023 09:55:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208485
IP address blocks:        45.9.30.0/24 maxlen: 24
                          45.132.180.0/24 maxlen: 24
                          45.88.137.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 26 Jan 2023 14:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:e8:91:20:83:3b:c2:94:31:8d:6c:44:68:25:c6:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan  2 09:55:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea7d68d84343ea23e467575e609bbc491efaeca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:90:3c:67:6d:d6:0a:48:ce:b6:07:16:c5:b5:
                    de:23:4f:c3:aa:1c:7e:db:e5:53:a3:c4:9b:2a:8f:
                    5e:c9:dc:48:78:53:f2:9c:54:db:cb:36:65:c5:8d:
                    33:6a:96:e4:41:2d:5e:a4:7c:b8:a0:d6:92:00:a1:
                    a7:32:ab:43:70:58:18:63:a0:01:01:81:87:65:86:
                    96:14:02:70:6c:bb:d3:53:fa:c0:c5:96:28:9f:c7:
                    5e:89:99:28:45:bd:29:77:f5:ef:60:c7:99:bd:e1:
                    20:fc:e6:08:a3:22:81:24:d4:e8:aa:7c:9b:a8:a6:
                    2d:64:a5:e3:b4:15:97:f0:50:e8:19:4b:07:13:d3:
                    8d:ea:93:00:87:a8:9a:9b:d9:ec:47:c0:5e:03:26:
                    0f:af:fc:57:e1:f2:76:6e:da:c3:e4:77:02:ac:43:
                    9f:b3:a4:9c:59:4c:71:53:df:2e:1b:9f:05:be:71:
                    c5:8b:f3:3c:a4:bb:2b:23:2b:62:4f:d0:5b:3d:39:
                    15:d0:d0:65:94:d2:22:b0:6d:a4:b1:2c:b5:f1:72:
                    e9:7a:92:43:a2:ce:c2:cf:6a:75:f3:27:27:96:ff:
                    16:da:29:c1:b2:f7:55:a1:a6:44:f7:a2:83:8a:a3:
                    82:f3:8c:80:14:7b:5a:af:99:15:ad:02:2a:ba:6f:
                    d9:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:7D:68:D8:43:43:EA:23:E4:67:57:5E:60:9B:BC:49:1E:FA:EC:A0
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6n1o2END6iPkZ1deYJu8SR767KA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.30.0/24
                  45.88.137.0/24
                  45.132.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:23:3d:fb:b3:c1:fa:dc:f8:ff:f9:f4:1a:ae:cc:ac:88:79:
         0b:42:3b:10:62:d3:fe:a8:e0:a9:47:b5:83:fd:ed:d5:23:ff:
         09:a6:98:95:40:69:48:2b:89:ee:44:48:c6:b9:a3:3e:0b:d6:
         d0:56:58:e4:c2:54:45:fe:ea:12:53:0a:de:5c:e2:4a:09:00:
         d4:3b:e3:50:58:9b:94:55:f4:a0:b4:ba:e8:e0:cc:0b:aa:55:
         3f:34:4c:54:72:b9:7f:6d:a6:3b:fc:0d:97:f7:40:bf:43:42:
         3d:02:fa:af:e1:37:af:d3:51:47:8b:b5:da:54:87:ed:c0:9c:
         a1:7c:08:be:04:8f:e9:c9:77:9d:dd:68:01:b6:db:90:53:8c:
         f5:3c:12:58:31:c2:b8:4a:98:19:e7:63:6d:8d:8b:d9:12:9c:
         98:91:47:a5:63:2e:44:30:03:57:d4:d6:d3:bb:28:8e:ed:44:
         41:bd:ed:77:c7:70:82:11:77:02:3d:b8:4a:bd:cf:3f:bc:6b:
         7f:60:c7:a5:75:c7:98:64:b6:4c:6e:8d:be:37:20:bc:b5:21:
         45:80:27:27:a3:14:16:06:32:c7:d2:85:c5:08:db:fd:a9:93:
         f7:74:8d:61:6e:9e:db:59:e3:a4:31:18:21:43:ba:1c:1b:10:
         45:bf:b5:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx6JEggzvClDGNbERoJcZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTdkNjhkODQzNDNlYTIzZTQ2NzU3NWU2MDliYmM0OTFlZmFlY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpA8Z23WCkjOtgcWxbXeI0/Dqhx+
2+VTo8SbKo9eydxIeFPynFTbyzZlxY0zapbkQS1epHy4oNaSAKGnMqtDcFgYY6AB
AYGHZYaWFAJwbLvTU/rAxZYon8deiZkoRb0pd/XvYMeZveEg/OYIoyKBJNToqnyb
qKYtZKXjtBWX8FDoGUsHE9ON6pMAh6iam9nsR8BeAyYPr/xX4fJ2btrD5HcCrEOf
s6ScWUxxU98uG58FvnHFi/M8pLsrIytiT9BbPTkV0NBllNIisG2ksSy18XLpepJD
os7Cz2p18ycnlv8W2inBsvdVoaZE96KDiqOC84yAFHtar5kVrQIqum/ZzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOp9aNhDQ+oj5GdXXmCbvEke+uygMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNm4xbzJFTkQ2aVBrWjFkZVlKdThTUjc2N0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQkeAwQA
LViJAwQALYS0MA0GCSqGSIb3DQEBCwUAA4IBAQC2Iz37s8H63Pj/+fQarsysiHkL
QjsQYtP+qOCpR7WD/e3VI/8JppiVQGlIK4nuREjGuaM+C9bQVljkwlRF/uoSUwre
XOJKCQDUO+NQWJuUVfSgtLro4MwLqlU/NExUcrl/baY7/A2X90C/Q0I9Avqv4Tev
01FHi7XaVIftwJyhfAi+BI/pyXed3WgBttuQU4z1PBJYMcK4SpgZ52NtjYvZEpyY
kUelYy5EMANX1NbTuyiO7URBve13x3CCEXcCPbhKvc8/vGt/YMeldceYZLZMbo2+
NyC8tSFFgCcnoxQWBjLH0oXFCNv9qZP3dI1hbp7bWeOkMRghQ7ocGxBFv7VT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org