Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/u4QyYbpEEBfPUyDFLRuKViEnWqQ.roa
File:                     u4QyYbpEEBfPUyDFLRuKViEnWqQ.roa (raw, json)
Hash identifier:          vPx20hveU1TZmOp4iVHe2C2FsVpz5fzjeXI61RFwkTE=
Subject key identifier:   BB:84:32:61:BA:44:10:17:CF:53:20:C5:2D:1B:8A:56:21:27:5A:A4
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       01872DFA46CABF5E908C2766ED11BEFAC7E9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/u4QyYbpEEBfPUyDFLRuKViEnWqQ.roa
Signing time:             Wed 29 Mar 2023 15:26:29 +0000
ROA not before:           Wed 29 Mar 2023 15:26:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48678
IP address blocks:        45.151.2.0/24 maxlen: 24
                          45.144.214.0/24 maxlen: 24
                          194.15.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 30 Aug 2023 14:55:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2d:fa:46:ca:bf:5e:90:8c:27:66:ed:11:be:fa:c7:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Mar 29 15:26:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb843261ba441017cf5320c52d1b8a5621275aa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:62:5b:ab:bc:b3:36:f4:07:b7:4c:03:be:30:
                    d8:df:95:9d:3b:e0:de:8b:ed:e5:3e:3f:16:68:1f:
                    f8:0d:81:13:ad:0a:36:cb:39:88:ce:38:ed:69:33:
                    44:cf:0d:95:94:8c:37:9d:d7:ec:da:4d:ab:66:63:
                    b1:5d:d8:49:e8:45:3c:7a:00:47:11:95:a3:b9:21:
                    82:37:e9:54:fb:dc:c7:ae:6c:9b:42:fe:02:f8:18:
                    8f:c2:97:c0:45:9e:b0:29:7f:4c:ec:d9:a3:d6:c7:
                    65:78:dc:ba:49:9b:24:93:fb:53:b2:53:69:b7:7c:
                    b4:19:fe:9d:4a:69:41:51:62:b5:8b:e6:7d:48:8c:
                    d9:0d:55:6f:9f:42:07:f4:3d:2d:73:98:5c:5b:d7:
                    89:1d:43:c0:9f:cc:9a:57:ae:66:28:de:80:20:86:
                    be:1a:62:fe:6c:b5:65:b3:95:9a:d0:42:18:d2:50:
                    e9:ef:68:fa:38:98:09:ca:04:d6:6e:a0:26:56:60:
                    2a:15:40:73:20:a4:24:00:b3:d3:d5:36:15:eb:d9:
                    a3:01:47:61:8a:37:87:36:45:cb:7d:dd:d3:38:08:
                    dc:bd:87:3b:fd:84:47:2a:97:30:de:69:e1:dc:7c:
                    9b:db:7b:6c:40:b8:02:dc:ed:08:70:bd:4b:9d:00:
                    c6:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:84:32:61:BA:44:10:17:CF:53:20:C5:2D:1B:8A:56:21:27:5A:A4
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/u4QyYbpEEBfPUyDFLRuKViEnWqQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.214.0/24
                  45.151.2.0/24
                  194.15.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:3f:23:a8:e8:a2:0f:94:f5:ad:33:d4:af:ff:4d:31:45:e0:
         83:60:0f:d0:9d:41:3b:7d:5f:6b:4d:98:47:22:77:41:71:a4:
         9d:35:8d:a2:6a:e6:ad:50:48:fa:7c:61:b0:ed:63:25:9f:87:
         f4:db:bb:2d:95:cd:fc:11:5a:c9:e5:09:63:86:9b:e4:34:a0:
         9e:1c:b9:50:fe:7f:24:18:e6:36:2e:cd:45:b8:90:89:f0:9c:
         d9:1f:80:a8:cb:91:30:c4:47:ee:9f:c4:73:50:b4:05:40:d1:
         fa:7a:ea:9f:69:49:9e:11:fc:f3:fc:99:82:10:71:69:13:55:
         a9:1d:2f:d7:0d:8b:31:0b:ea:64:24:0a:7b:a2:10:fe:79:c9:
         d9:19:aa:8a:53:4e:f4:5d:52:f7:fa:fa:9b:0a:24:9b:1a:48:
         d0:b2:c5:c5:48:e8:57:a7:20:b9:63:fe:70:f3:1c:b4:da:b0:
         e8:17:ff:c3:83:70:94:dd:ec:e7:c2:cf:17:c9:b2:2a:4c:d4:
         07:b2:a5:22:e4:79:88:47:81:19:31:55:51:68:d8:3b:a5:14:
         5e:69:06:0c:de:ee:32:69:92:1f:ba:5f:2f:30:ba:cd:f4:bc:
         f9:ed:bc:25:c0:13:2b:8a:0e:53:1a:82:34:04:d4:47:82:96:
         9a:77:ec:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYct+kbKv16QjCdm7RG++sfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMzI5MTUyNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjg0MzI2MWJhNDQxMDE3Y2Y1MzIwYzUyZDFiOGE1NjIxMjc1YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WJbq7yzNvQHt0wDvjDY35WdO+De
i+3lPj8WaB/4DYETrQo2yzmIzjjtaTNEzw2VlIw3ndfs2k2rZmOxXdhJ6EU8egBH
EZWjuSGCN+lU+9zHrmybQv4C+BiPwpfARZ6wKX9M7Nmj1sdleNy6SZskk/tTslNp
t3y0Gf6dSmlBUWK1i+Z9SIzZDVVvn0IH9D0tc5hcW9eJHUPAn8yaV65mKN6AIIa+
GmL+bLVls5Wa0EIY0lDp72j6OJgJygTWbqAmVmAqFUBzIKQkALPT1TYV69mjAUdh
ijeHNkXLfd3TOAjcvYc7/YRHKpcw3mnh3Hyb23tsQLgC3O0IcL1LnQDG8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLuEMmG6RBAXz1MgxS0bilYhJ1qkMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdTRReVlicEVFQmZQVXlERkxSdUtWaUVuV3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZDWAwQA
LZcCAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQB5PyOo6KIPlPWtM9Sv/00xReCD
YA/QnUE7fV9rTZhHIndBcaSdNY2iauatUEj6fGGw7WMln4f027stlc38EVrJ5Qlj
hpvkNKCeHLlQ/n8kGOY2Ls1FuJCJ8JzZH4Coy5EwxEfun8RzULQFQNH6euqfaUme
Efzz/JmCEHFpE1WpHS/XDYsxC+pkJAp7ohD+ecnZGaqKU070XVL3+vqbCiSbGkjQ
ssXFSOhXpyC5Y/5w8xy02rDoF//Dg3CU3eznws8XybIqTNQHsqUi5HmIR4EZMVVR
aNg7pRReaQYM3u4yaZIful8vMLrN9Lz57bwlwBMrig5TGoI0BNRHgpaad+yH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org