Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1BBTNwAtEojcnuDgQfMHj_Afktw.roa
File:                     1BBTNwAtEojcnuDgQfMHj_Afktw.roa (raw, json)
Hash identifier:          JY6XW9W3iQwWngTynNIRmIS1bp3cVKM/d0RFpyN8Uks=
Subject key identifier:   D4:10:53:37:00:2D:12:88:DC:9E:E0:E0:41:F3:07:8F:F0:1F:92:DC
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018C9126593E85ACCE29D201EFCDECF21384
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1BBTNwAtEojcnuDgQfMHj_Afktw.roa
Signing time:             Fri 22 Dec 2023 10:50:58 +0000
ROA not before:           Fri 22 Dec 2023 10:50:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     23470
IP address blocks:        45.81.20.0/24 maxlen: 24
                          2a0b:7080::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:91:26:59:3e:85:ac:ce:29:d2:01:ef:cd:ec:f2:13:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Dec 22 10:50:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4105337002d1288dc9ee0e041f3078ff01f92dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:52:42:15:10:54:b2:47:05:af:ea:4c:2e:6f:
                    5f:ab:74:f5:c5:1a:9b:4b:92:43:b4:ba:e8:f6:ad:
                    ad:17:46:b3:44:8c:6a:ee:c3:ab:57:28:a6:6d:7b:
                    b5:7b:7f:74:c2:a4:3c:05:d1:18:82:d7:53:c1:c6:
                    a1:73:2e:79:e1:e4:51:74:a0:a7:d1:e7:8d:fc:b0:
                    26:c0:de:f6:db:cb:4f:0e:d0:1e:67:9f:91:20:a9:
                    e8:7b:36:d5:7d:38:90:79:52:8a:9c:8f:76:07:8c:
                    03:85:93:80:bc:62:0b:ca:21:7a:c6:69:82:16:54:
                    4d:2c:97:2a:0a:b2:24:7b:ee:58:b8:3a:86:97:3e:
                    f8:42:4e:8b:6c:0f:77:36:01:9e:de:dd:26:eb:7d:
                    67:0c:d8:74:b4:d8:0e:b1:65:e3:12:93:a9:67:b8:
                    b0:d1:f2:9e:84:20:33:06:5f:0d:ea:bd:6d:a4:90:
                    70:3c:cd:04:d6:35:4f:11:61:17:48:ec:b9:d4:ad:
                    ff:df:96:4b:c7:5f:28:e5:aa:35:ed:c0:4a:4b:6f:
                    6e:ad:c5:b5:d6:44:af:94:cd:0a:7e:c6:9f:46:98:
                    9a:98:99:f4:f8:b1:a0:28:16:a2:f9:84:ec:b6:bd:
                    c2:3e:a0:6b:38:05:9a:33:81:e7:ac:4a:a2:4d:f0:
                    90:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:10:53:37:00:2D:12:88:DC:9E:E0:E0:41:F3:07:8F:F0:1F:92:DC
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1BBTNwAtEojcnuDgQfMHj_Afktw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.20.0/24
                IPv6:
                  2a0b:7080::/29

    Signature Algorithm: sha256WithRSAEncryption
         64:f1:f6:b1:45:48:40:07:a0:5c:d9:1a:05:ea:32:38:56:c5:
         00:48:6f:92:73:1b:38:a5:1f:d5:35:ba:f1:a3:d9:c5:1f:3a:
         57:b8:03:79:4d:2a:71:21:ca:4b:c8:a4:24:79:4f:ea:ba:41:
         e4:8d:14:79:21:db:58:fe:fb:6b:b9:79:1c:22:03:e0:d8:1c:
         fb:f9:25:2b:89:c3:08:82:8b:ef:4b:b1:91:df:2f:3e:c2:33:
         58:c7:63:eb:48:a8:0e:19:7e:20:c6:b7:be:ec:74:ac:65:bc:
         0a:6d:10:53:d1:9f:fd:80:7c:da:09:f8:99:ac:64:bd:74:a2:
         55:9d:c2:0f:93:f6:57:38:69:b4:40:4a:35:93:5d:b1:64:b1:
         4c:20:30:72:d5:e8:cf:ce:de:15:15:26:c1:23:50:bd:63:58:
         84:bb:a2:1e:a3:8a:2d:59:f4:76:9d:c7:1f:d2:a3:d9:96:37:
         56:a5:85:26:80:b3:ea:54:ce:12:44:65:a9:61:03:50:00:e3:
         2e:eb:b5:52:d1:eb:af:4d:d0:93:2b:ea:03:2e:20:a5:bc:e5:
         aa:66:3a:c8:22:01:27:fc:17:62:57:1b:be:45:c6:4d:d7:35:
         a2:76:4e:1d:30:b2:62:72:f5:fb:a4:ca:3f:c1:07:00:47:7c:
         87:66:ca:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyRJlk+hazOKdIB783s8hOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMxMjIyMTA1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDEwNTMzNzAwMmQxMjg4ZGM5ZWUwZTA0MWYzMDc4ZmYwMWY5MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFJCFRBUskcFr+pMLm9fq3T1xRqb
S5JDtLro9q2tF0azRIxq7sOrVyimbXu1e390wqQ8BdEYgtdTwcahcy554eRRdKCn
0eeN/LAmwN7228tPDtAeZ5+RIKnoezbVfTiQeVKKnI92B4wDhZOAvGILyiF6xmmC
FlRNLJcqCrIke+5YuDqGlz74Qk6LbA93NgGe3t0m631nDNh0tNgOsWXjEpOpZ7iw
0fKehCAzBl8N6r1tpJBwPM0E1jVPEWEXSOy51K3/35ZLx18o5ao17cBKS29urcW1
1kSvlM0KfsafRpiamJn0+LGgKBai+YTstr3CPqBrOAWaM4HnrEqiTfCQwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNQQUzcALRKI3J7g4EHzB4/wH5LcMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMUJCVE53QXRFb2pjbnVEZ1FmTUhqX0Fma3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVEUMA0E
AgACMAcDBQMqC3CAMA0GCSqGSIb3DQEBCwUAA4IBAQBk8faxRUhAB6Bc2RoF6jI4
VsUASG+Scxs4pR/VNbrxo9nFHzpXuAN5TSpxIcpLyKQkeU/qukHkjRR5IdtY/vtr
uXkcIgPg2Bz7+SUricMIgovvS7GR3y8+wjNYx2PrSKgOGX4gxre+7HSsZbwKbRBT
0Z/9gHzaCfiZrGS9dKJVncIPk/ZXOGm0QEo1k12xZLFMIDBy1ejPzt4VFSbBI1C9
Y1iEu6Ieo4otWfR2nccf0qPZljdWpYUmgLPqVM4SRGWpYQNQAOMu67VS0euvTdCT
K+oDLiClvOWqZjrIIgEn/BdiVxu+RcZN1zWidk4dMLJicvX7pMo/wQcAR3yHZsoz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org