Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/h5bP-25ei0j88pWjlFu-24fQeQc.roa
File:                     h5bP-25ei0j88pWjlFu-24fQeQc.roa (raw, json)
Hash identifier:          Zf+PWJmVpH6MXNNooIRk7mdUWOfxaZyrluE8QnzD/68=
Subject key identifier:   87:96:CF:FB:6E:5E:8B:48:FC:F2:95:A3:94:5B:BE:DB:87:D0:79:07
Certificate issuer:       /CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Certificate serial:       01857321E22CFC553C056A339A2BA17DF3D7
Authority key identifier: 28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/h5bP-25ei0j88pWjlFu-24fQeQc.roa
Signing time:             Mon 02 Jan 2023 15:37:58 +0000
ROA not before:           Mon 02 Jan 2023 15:37:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205293
IP address blocks:        45.143.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:21:e2:2c:fc:55:3c:05:6a:33:9a:2b:a1:7d:f3:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2890da765a999f719875c51eecf4c7d6148a1bd9
        Validity
            Not Before: Jan  2 15:37:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8796cffb6e5e8b48fcf295a3945bbedb87d07907
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:f2:0c:52:5b:f6:71:f5:2a:1f:b6:d2:66:8d:
                    71:5b:c7:06:98:ec:b2:07:fa:bf:07:af:28:f0:34:
                    0b:61:d1:6b:54:53:3f:dd:6b:e6:2a:37:8f:d7:55:
                    a6:c7:da:d9:d1:8d:f2:16:04:57:c9:db:5c:eb:89:
                    1a:87:5a:b1:bb:fd:f7:ab:6a:26:13:52:4f:db:73:
                    e5:af:b1:3a:94:98:a5:57:68:51:06:99:19:e6:d6:
                    f3:e9:e1:40:bb:db:e1:25:b4:13:9b:de:43:73:7a:
                    d3:44:5a:e8:93:3f:aa:aa:77:a1:a9:0e:e5:92:72:
                    98:be:7e:cc:0b:81:b3:72:5a:66:75:4d:5c:d4:a5:
                    a8:a5:88:78:ef:80:61:fa:89:2d:ec:40:80:5e:a5:
                    ca:55:4e:9d:ae:52:5c:47:18:ef:d3:11:a4:ed:94:
                    b7:79:cd:f3:cf:4c:f7:0b:dc:41:08:7b:42:a3:98:
                    3f:13:b0:4e:cb:4a:e8:5f:7f:6c:18:34:cf:7e:bf:
                    b3:41:90:69:09:f3:f3:b9:89:0f:fa:a6:08:8d:2a:
                    50:45:d2:84:5a:38:10:82:9a:80:12:c3:08:2e:fc:
                    78:a7:41:1b:f6:ee:71:08:da:60:f9:4e:5b:2b:bd:
                    66:96:d4:a0:44:eb:e4:79:76:36:a8:aa:3f:8c:d9:
                    dc:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:96:CF:FB:6E:5E:8B:48:FC:F2:95:A3:94:5B:BE:DB:87:D0:79:07
            X509v3 Authority Key Identifier:
                keyid:28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/h5bP-25ei0j88pWjlFu-24fQeQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:8f:b8:c5:d9:f6:9d:fa:36:35:70:ed:a9:06:3d:91:0a:b1:
         64:c9:00:2f:4b:0e:fc:41:11:94:7f:c2:01:36:3a:8d:a3:e6:
         ea:b6:17:c0:5c:08:d2:28:1c:38:42:3d:a0:ea:6a:cd:6f:58:
         97:6d:78:8d:c0:d5:2d:e5:c6:08:44:0e:30:32:0b:79:9e:b1:
         45:96:e5:17:e8:1e:0d:24:67:3e:60:2a:d8:82:7d:ad:75:7c:
         1f:76:d4:e4:98:90:3a:5b:5d:d4:b3:3a:67:3c:7f:73:7c:5f:
         f4:ee:57:24:b2:a1:5a:d1:f8:e5:95:d4:d1:76:6e:61:ff:0d:
         db:bb:38:4b:57:fe:61:3d:e1:72:f3:11:88:bc:61:93:b2:f8:
         5a:fb:92:e8:9c:dd:71:d0:e4:34:de:52:6d:f1:62:7d:6a:14:
         6c:ca:ba:d2:b5:d2:16:21:7c:19:9b:c1:a0:4f:af:c8:fe:1f:
         f4:a9:73:82:2e:07:cb:95:42:25:84:01:3f:c6:6e:df:3d:06:
         35:24:fb:00:4e:9d:d5:96:f2:b3:91:f4:fc:e3:8b:a6:84:55:
         1a:99:f3:f9:11:c1:dd:db:da:31:a3:03:1a:a0:d1:56:70:b0:
         7e:bc:c6:8c:6e:97:28:bf:33:79:1f:c7:eb:81:b7:4b:90:76:
         54:ff:54:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIeIs/FU8BWozmiuhffPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTBkYTc2NWE5OTlmNzE5ODc1YzUxZWVjZjRjN2Q2MTQ4
YTFiZDkwHhcNMjMwMTAyMTUzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk2Y2ZmYjZlNWU4YjQ4ZmNmMjk1YTM5NDViYmVkYjg3ZDA3OTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PIMUlv2cfUqH7bSZo1xW8cGmOyy
B/q/B68o8DQLYdFrVFM/3WvmKjeP11Wmx9rZ0Y3yFgRXydtc64kah1qxu/33q2om
E1JP23Plr7E6lJilV2hRBpkZ5tbz6eFAu9vhJbQTm95Dc3rTRFrokz+qqnehqQ7l
knKYvn7MC4GzclpmdU1c1KWopYh474Bh+okt7ECAXqXKVU6drlJcRxjv0xGk7ZS3
ec3zz0z3C9xBCHtCo5g/E7BOy0roX39sGDTPfr+zQZBpCfPzuYkP+qYIjSpQRdKE
WjgQgpqAEsMILvx4p0Eb9u5xCNpg+U5bK71mltSgROvkeXY2qKo/jNnckQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeWz/tuXotI/PKVo5RbvtuH0HkHMB8GA1UdIwQY
MBaAFCiQ2nZamZ9xmHXFHuz0x9YUihvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEt
MjhmYzcwNjNkOTUyLzEvaDViUC0yNWVpMGo4OHBXamxGdS0yNGZRZVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEtMjhmYzcwNjNkOTUy
LzEvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY/OMA0G
CSqGSIb3DQEBCwUAA4IBAQCPj7jF2fad+jY1cO2pBj2RCrFkyQAvSw78QRGUf8IB
NjqNo+bqthfAXAjSKBw4Qj2g6mrNb1iXbXiNwNUt5cYIRA4wMgt5nrFFluUX6B4N
JGc+YCrYgn2tdXwfdtTkmJA6W13UszpnPH9zfF/07lcksqFa0fjlldTRdm5h/w3b
uzhLV/5hPeFy8xGIvGGTsvha+5LonN1x0OQ03lJt8WJ9ahRsyrrStdIWIXwZm8Gg
T6/I/h/0qXOCLgfLlUIlhAE/xm7fPQY1JPsATp3VlvKzkfT844umhFUamfP5EcHd
29oxowMaoNFWcLB+vMaMbpcovzN5H8frgbdLkHZU/1T0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:00 2024 by rpki-client on console-fra.rpki-client.org