Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RQOk77SHHztX2edtT5uXU6xXo2E.roa
File:                     RQOk77SHHztX2edtT5uXU6xXo2E.roa (raw, json)
Hash identifier:          JU/dUlMGc8p3p/sYxFov6VsoYG07Abo0akxeh5a4tTY=
Subject key identifier:   45:03:A4:EF:B4:87:1F:3B:57:D9:E7:6D:4F:9B:97:53:AC:57:A3:61
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018AE1B3527D72BD64BCC416F1E52A0F9452
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RQOk77SHHztX2edtT5uXU6xXo2E.roa
Signing time:             Fri 29 Sep 2023 16:09:00 +0000
ROA not before:           Fri 29 Sep 2023 16:09:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        45.81.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Sep 2023 16:47:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:e1:b3:52:7d:72:bd:64:bc:c4:16:f1:e5:2a:0f:94:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Sep 29 16:09:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4503a4efb4871f3b57d9e76d4f9b9753ac57a361
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:5c:14:6a:d4:bd:75:35:6e:a0:f7:41:24:de:
                    58:c8:4b:94:10:5b:17:7e:49:cf:78:c2:7e:5d:04:
                    a8:3d:70:40:af:b3:23:3e:46:8b:49:c4:21:18:5c:
                    1b:c3:13:b1:91:19:40:9e:9d:29:41:02:d8:ea:af:
                    29:3c:33:63:aa:4f:28:16:45:cd:ad:ff:ae:f6:dc:
                    17:00:e5:86:ae:c3:c0:ee:6f:8e:84:c1:b9:50:2f:
                    49:f6:87:78:2e:89:73:cb:14:3f:35:de:ca:79:0d:
                    fe:30:85:1b:3b:48:fe:ae:23:c0:13:4b:17:36:cc:
                    b2:61:43:3d:d5:72:ce:a7:fb:bb:52:92:ae:12:b9:
                    a1:6b:3b:3c:1d:a0:22:4b:c9:3b:56:14:46:99:7b:
                    b2:0f:21:b0:98:49:dc:7d:81:5b:b0:7d:59:8e:36:
                    59:7c:b4:a0:1f:cb:d5:28:7b:15:23:68:40:40:f9:
                    d6:b7:87:f2:63:c4:88:0c:cd:a0:2b:7e:9c:57:33:
                    2b:37:a8:6e:61:de:d6:22:82:73:38:46:bc:7e:dc:
                    a9:06:6b:e0:2e:46:90:f4:3a:18:42:0e:70:a9:b1:
                    0c:a2:60:6d:11:41:42:e8:58:8c:b6:59:02:84:43:
                    0f:f4:54:2f:80:5c:b5:d0:de:00:51:e1:4f:f9:05:
                    be:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:03:A4:EF:B4:87:1F:3B:57:D9:E7:6D:4F:9B:97:53:AC:57:A3:61
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RQOk77SHHztX2edtT5uXU6xXo2E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:55:45:83:34:69:5d:b4:09:3a:4b:c0:d1:41:a4:1e:7e:60:
         57:9f:09:f8:aa:42:93:48:f9:a5:14:c6:22:d2:af:e6:9a:2a:
         17:a0:d9:41:62:7f:fa:23:63:a3:fb:00:e2:e0:4c:f3:42:59:
         f1:17:41:4c:fb:3b:2c:ab:ac:f7:ff:48:90:a5:2a:19:f0:a0:
         23:d3:2f:a3:11:43:bb:22:10:b7:66:46:fb:a7:0e:3d:8a:dd:
         16:c0:44:d5:2c:22:77:af:a1:cc:09:af:58:d7:a4:2d:42:87:
         70:07:f3:69:43:cb:43:38:cd:28:0e:2d:01:27:ed:de:0f:24:
         60:5d:3c:e4:b9:8d:81:97:90:b5:4c:e1:1c:2b:a7:31:e2:c7:
         ec:64:2d:1b:c4:f6:0b:bb:4d:7b:24:9b:f3:ec:ac:a7:4e:17:
         06:d3:4a:b6:59:a5:cc:e3:18:3d:8b:0d:d1:0a:b0:76:71:2f:
         50:30:8a:48:ed:77:43:d3:a0:aa:c0:12:76:cb:85:d9:52:83:
         3e:12:48:bc:90:2c:2f:79:bc:88:20:1c:39:31:2e:63:3c:6f:
         0f:9b:ce:94:40:0b:7f:77:03:c5:87:5d:3c:1b:b7:60:77:bb:
         e2:18:67:ad:68:6a:52:19:64:76:ca:f8:fc:a8:12:ed:62:3b:
         06:97:e6:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrhs1J9cr1kvMQW8eUqD5RSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTI5MTYwOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTAzYTRlZmI0ODcxZjNiNTdkOWU3NmQ0ZjliOTc1M2FjNTdhMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlwUatS9dTVuoPdBJN5YyEuUEFsX
fknPeMJ+XQSoPXBAr7MjPkaLScQhGFwbwxOxkRlAnp0pQQLY6q8pPDNjqk8oFkXN
rf+u9twXAOWGrsPA7m+OhMG5UC9J9od4LolzyxQ/Nd7KeQ3+MIUbO0j+riPAE0sX
NsyyYUM91XLOp/u7UpKuErmhazs8HaAiS8k7VhRGmXuyDyGwmEncfYFbsH1ZjjZZ
fLSgH8vVKHsVI2hAQPnWt4fyY8SIDM2gK36cVzMrN6huYd7WIoJzOEa8ftypBmvg
LkaQ9DoYQg5wqbEMomBtEUFC6FiMtlkChEMP9FQvgFy10N4AUeFP+QW+MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEUDpO+0hx87V9nnbU+bl1OsV6NhMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUlFPazc3U0hIenRYMmVkdFQ1dVhVNnhYbzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVFzMA0G
CSqGSIb3DQEBCwUAA4IBAQCTVUWDNGldtAk6S8DRQaQefmBXnwn4qkKTSPmlFMYi
0q/mmioXoNlBYn/6I2Oj+wDi4EzzQlnxF0FM+zssq6z3/0iQpSoZ8KAj0y+jEUO7
IhC3Zkb7pw49it0WwETVLCJ3r6HMCa9Y16QtQodwB/NpQ8tDOM0oDi0BJ+3eDyRg
XTzkuY2Bl5C1TOEcK6cx4sfsZC0bxPYLu017JJvz7KynThcG00q2WaXM4xg9iw3R
CrB2cS9QMIpI7XdD06CqwBJ2y4XZUoM+Eki8kCwvebyIIBw5MS5jPG8Pm86UQAt/
dwPFh108G7dgd7viGGetaGpSGWR2yvj8qBLtYjsGl+Y4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org