Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gNEm6ExhW8_FbMjcgFXQglNtlXE.roa
File:                     gNEm6ExhW8_FbMjcgFXQglNtlXE.roa (raw, json)
Hash identifier:          Cy+1umkAEDh5U1TB5M7TpisDpYI3KKyjPfBzusb1Dls=
Subject key identifier:   80:D1:26:E8:4C:61:5B:CF:C5:6C:C8:DC:80:55:D0:82:53:6D:95:71
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018B13FDF8A1E822A096277ADD384BDE4DCD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gNEm6ExhW8_FbMjcgFXQglNtlXE.roa
Signing time:             Mon 09 Oct 2023 10:31:33 +0000
ROA not before:           Mon 09 Oct 2023 10:31:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47757
IP address blocks:        45.81.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Oct 2023 09:05:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:13:fd:f8:a1:e8:22:a0:96:27:7a:dd:38:4b:de:4d:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Oct  9 10:31:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80d126e84c615bcfc56cc8dc8055d082536d9571
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:24:7a:21:2a:30:42:aa:85:62:81:44:02:c7:
                    36:16:35:da:03:99:3a:eb:6e:7f:55:d8:6a:45:10:
                    83:34:3a:08:91:e6:d9:39:75:87:3e:e8:a7:af:88:
                    ed:78:cf:ba:07:5d:b2:0c:98:dc:c4:d4:20:60:12:
                    85:4e:80:a3:90:16:ae:c2:84:f7:c9:1e:55:28:f4:
                    7a:e0:7d:0b:c6:6e:49:f8:df:eb:da:4d:61:71:a9:
                    6b:cc:e0:33:6a:ea:74:44:1e:60:d6:9e:b0:dc:a9:
                    b5:00:4d:38:0a:37:41:ac:13:91:b4:85:7f:f1:2e:
                    b7:45:80:7a:58:98:d4:60:cf:ce:02:1b:88:76:24:
                    4a:9a:b7:eb:82:ce:7c:64:44:b8:8b:fb:7b:d6:05:
                    9a:4f:bf:54:f8:a5:7b:f5:f4:ab:93:14:92:74:20:
                    ac:66:8e:72:c8:45:2d:dd:df:83:64:90:ad:df:d3:
                    64:b3:93:c5:8e:36:b0:45:5a:20:93:58:13:a8:c6:
                    0e:e2:44:e9:ec:3e:84:ea:4a:e4:06:c0:74:55:5b:
                    de:6f:2c:39:3c:fa:ec:10:ab:52:18:60:1a:cc:f9:
                    aa:c8:97:5a:3d:9e:fd:f8:6e:b4:5b:ed:c0:fa:b7:
                    2e:f5:55:b8:a4:9e:7e:3c:86:75:0c:54:78:a8:54:
                    da:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:D1:26:E8:4C:61:5B:CF:C5:6C:C8:DC:80:55:D0:82:53:6D:95:71
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gNEm6ExhW8_FbMjcgFXQglNtlXE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:ef:a8:50:87:5d:22:aa:06:97:f9:38:01:59:66:a1:b1:61:
         21:ae:2b:23:42:44:c4:21:81:c0:88:58:f9:ae:4e:b0:6f:d4:
         24:28:fa:64:9b:00:83:ce:5a:f5:36:ef:77:fe:7c:aa:07:53:
         1b:d5:94:34:38:fd:c3:10:d2:74:3e:fd:e1:0c:99:2b:f3:4a:
         fc:cd:08:ef:c7:10:ed:00:43:89:31:84:f9:31:ad:79:6e:ba:
         6f:85:1b:a5:50:72:71:a9:cc:1b:57:5c:83:db:6a:a2:ce:be:
         e4:59:be:98:f7:40:a8:15:53:d0:dc:c3:cb:0b:70:b8:b8:28:
         72:56:d4:09:0d:6f:57:dd:72:69:d0:0c:1b:12:15:28:c5:5f:
         4f:1a:51:37:bc:3e:77:1b:84:b3:27:8d:b9:4f:34:78:03:3e:
         de:75:f7:68:4d:26:58:2e:a2:5e:a2:2b:36:41:3e:3d:7e:8e:
         54:d9:48:3a:c0:89:14:50:13:7a:08:91:38:ce:4b:25:70:4b:
         a1:41:73:d0:45:0d:01:bb:05:75:bb:7a:da:55:a1:1d:e3:66:
         ca:26:95:77:4a:3e:cf:6b:e4:9b:ab:d0:f1:9b:3a:31:9c:7b:
         a8:8f:c1:85:f9:ec:2b:f6:4b:91:2a:fd:cd:df:61:dd:0c:55:
         c3:92:fa:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsT/fih6CKglid63ThL3k3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDA5MTAzMTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQxMjZlODRjNjE1YmNmYzU2Y2M4ZGM4MDU1ZDA4MjUzNmQ5NTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyR6ISowQqqFYoFEAsc2FjXaA5k6
625/VdhqRRCDNDoIkebZOXWHPuinr4jteM+6B12yDJjcxNQgYBKFToCjkBauwoT3
yR5VKPR64H0Lxm5J+N/r2k1hcalrzOAzaup0RB5g1p6w3Km1AE04CjdBrBORtIV/
8S63RYB6WJjUYM/OAhuIdiRKmrfrgs58ZES4i/t71gWaT79U+KV79fSrkxSSdCCs
Zo5yyEUt3d+DZJCt39Nks5PFjjawRVogk1gTqMYO4kTp7D6E6krkBsB0VVvebyw5
PPrsEKtSGGAazPmqyJdaPZ79+G60W+3A+rcu9VW4pJ5+PIZ1DFR4qFTaGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDRJuhMYVvPxWzI3IBV0IJTbZVxMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZ05FbTZFeGhXOF9GYk1qY2dGWFFnbE50bFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVFyMA0G
CSqGSIb3DQEBCwUAA4IBAQAc76hQh10iqgaX+TgBWWahsWEhrisjQkTEIYHAiFj5
rk6wb9QkKPpkmwCDzlr1Nu93/nyqB1Mb1ZQ0OP3DENJ0Pv3hDJkr80r8zQjvxxDt
AEOJMYT5Ma15brpvhRulUHJxqcwbV1yD22qizr7kWb6Y90CoFVPQ3MPLC3C4uChy
VtQJDW9X3XJp0AwbEhUoxV9PGlE3vD53G4SzJ425TzR4Az7edfdoTSZYLqJeois2
QT49fo5U2Ug6wIkUUBN6CJE4zkslcEuhQXPQRQ0BuwV1u3raVaEd42bKJpV3Sj7P
a+Sbq9DxmzoxnHuoj8GF+ewr9kuRKv3N32HdDFXDkvr6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org