Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ZFoeUvMv-ETVY_hEE0WgT_ujn9Q.roa
File:                     ZFoeUvMv-ETVY_hEE0WgT_ujn9Q.roa (raw, json)
Hash identifier:          4zXxq3H4bCU8EhA4bTFB9VtK4D6/MCjS0CNbqcOyuS8=
Subject key identifier:   64:5A:1E:52:F3:2F:F8:44:D5:63:F8:44:13:45:A0:4F:FB:A3:9F:D4
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018CF499FB5D218042AD27010C4534DE0A3B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ZFoeUvMv-ETVY_hEE0WgT_ujn9Q.roa
Signing time:             Wed 10 Jan 2024 18:19:41 +0000
ROA not before:           Wed 10 Jan 2024 18:19:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215761
IP address blocks:        45.144.214.0/24 maxlen: 24
                          45.138.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 20:03:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f4:99:fb:5d:21:80:42:ad:27:01:0c:45:34:de:0a:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan 10 18:19:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=645a1e52f32ff844d563f8441345a04ffba39fd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:aa:00:13:2c:55:7b:7b:a0:7c:04:fc:92:dc:
                    17:9d:c7:ab:96:16:0d:70:55:0e:16:bf:a7:eb:05:
                    42:9e:75:69:9e:62:5e:b2:e3:ff:cb:aa:44:0c:b8:
                    47:01:8d:3d:2b:12:3d:ff:4d:2b:df:64:be:f7:13:
                    22:4d:73:ee:53:a2:ff:1c:20:50:cc:b1:c2:94:4c:
                    21:b4:e7:14:23:26:ac:fb:92:8e:88:c6:01:ec:d2:
                    2e:44:c2:bb:59:da:d8:c0:c3:73:40:93:5e:81:e0:
                    48:ae:99:b5:07:14:9b:82:fd:e5:a4:17:d1:5e:39:
                    1a:fe:a5:ea:17:e4:f0:fc:57:36:9b:39:db:09:ba:
                    b4:4d:a7:d2:dd:29:b8:0d:c8:92:5e:3e:2a:4e:cb:
                    43:6c:37:73:8b:e2:d2:cc:45:0c:3f:55:bc:73:b6:
                    2f:b2:d3:bc:a0:55:ab:72:f9:a8:ed:01:e3:c3:3e:
                    a2:76:e9:e1:26:b3:50:55:da:69:c7:85:e3:f7:5e:
                    d2:69:f9:7b:d6:16:74:91:bb:56:2c:6f:56:18:69:
                    49:2d:55:eb:09:1d:0b:dc:d4:a6:99:88:98:3c:d8:
                    1b:71:6b:7c:be:d4:1f:f8:b9:a1:ad:b2:7f:17:d5:
                    35:d0:6b:36:a1:35:0e:a2:49:ec:29:e0:0a:ce:4b:
                    82:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:5A:1E:52:F3:2F:F8:44:D5:63:F8:44:13:45:A0:4F:FB:A3:9F:D4
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ZFoeUvMv-ETVY_hEE0WgT_ujn9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.183.0/24
                  45.144.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:dd:a5:ab:3f:20:ba:22:60:08:e1:6b:66:dc:59:c8:10:8c:
         33:5f:a1:94:b0:51:8d:c9:eb:38:0c:b5:63:9f:74:9b:f0:61:
         5d:26:38:7e:86:53:33:3b:af:d4:13:3f:72:67:af:d2:e0:21:
         02:7d:fa:6e:1d:5d:64:1d:44:de:f8:8d:93:a3:2c:27:c3:8e:
         db:08:a7:dd:c2:8a:9b:8d:9b:e5:2c:22:e9:33:e9:cd:09:2a:
         48:d5:f5:ba:0f:96:3a:e1:4a:b3:5d:85:62:b4:6d:0b:4c:f3:
         14:5f:fb:d8:af:28:e6:25:e0:0c:c7:69:06:13:c2:c3:a5:3f:
         76:40:b8:5d:03:4b:47:16:c9:f7:12:c4:7f:8f:55:5c:9a:86:
         db:be:5e:e6:45:ef:21:e9:0a:7e:5d:0b:62:41:9e:26:b6:21:
         3a:e9:2e:50:0f:e3:16:4c:30:8e:23:4b:d3:56:f5:2a:d1:5b:
         13:22:75:5c:6e:76:d3:10:85:d8:c8:c4:a2:69:9d:9e:cb:77:
         13:46:e6:ef:28:29:a3:6d:ce:42:dc:09:c3:5a:0b:d5:c9:8a:
         85:0b:19:0e:8f:e5:0c:5d:70:ae:0d:49:c9:07:93:d3:43:4d:
         a7:f6:ff:47:53:46:59:ce:6c:4a:ab:30:ad:6e:53:0d:b7:2c:
         10:c0:1c:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz0mftdIYBCrScBDEU03go7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTEwMTgxOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVhMWU1MmYzMmZmODQ0ZDU2M2Y4NDQxMzQ1YTA0ZmZiYTM5ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKoAEyxVe3ugfAT8ktwXncerlhYN
cFUOFr+n6wVCnnVpnmJesuP/y6pEDLhHAY09KxI9/00r32S+9xMiTXPuU6L/HCBQ
zLHClEwhtOcUIyas+5KOiMYB7NIuRMK7WdrYwMNzQJNegeBIrpm1BxSbgv3lpBfR
Xjka/qXqF+Tw/Fc2mznbCbq0TafS3Sm4DciSXj4qTstDbDdzi+LSzEUMP1W8c7Yv
stO8oFWrcvmo7QHjwz6idunhJrNQVdppx4Xj917Safl71hZ0kbtWLG9WGGlJLVXr
CR0L3NSmmYiYPNgbcWt8vtQf+LmhrbJ/F9U10Gs2oTUOoknsKeAKzkuCVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGRaHlLzL/hE1WP4RBNFoE/7o5/UMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWkZvZVV2TXYtRVRWWV9oRUUwV2dUX3VqbjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYq3AwQA
LZDWMA0GCSqGSIb3DQEBCwUAA4IBAQCL3aWrPyC6ImAI4Wtm3FnIEIwzX6GUsFGN
yes4DLVjn3Sb8GFdJjh+hlMzO6/UEz9yZ6/S4CECffpuHV1kHUTe+I2Toywnw47b
CKfdwoqbjZvlLCLpM+nNCSpI1fW6D5Y64UqzXYVitG0LTPMUX/vYryjmJeAMx2kG
E8LDpT92QLhdA0tHFsn3EsR/j1Vcmobbvl7mRe8h6Qp+XQtiQZ4mtiE66S5QD+MW
TDCOI0vTVvUq0VsTInVcbnbTEIXYyMSiaZ2ey3cTRubvKCmjbc5C3AnDWgvVyYqF
CxkOj+UMXXCuDUnJB5PTQ02n9v9HU0ZZzmxKqzCtblMNtywQwBxJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org