Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/MthWSi-SLEk98S92YP4ByRJtoLg.roa
File:                     MthWSi-SLEk98S92YP4ByRJtoLg.roa (raw, json)
Hash identifier:          vDvsck5h08eCujGuR8Wt/xYyOF8Na5iOFjJho+A3yNQ=
Subject key identifier:   32:D8:56:4A:2F:92:2C:49:3D:F1:2F:76:60:FE:01:C9:12:6D:A0:B8
Certificate issuer:       /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial:       0186410D2E7F29209739397C11C681660EE8
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/MthWSi-SLEk98S92YP4ByRJtoLg.roa
Signing time:             Sat 11 Feb 2023 15:17:08 +0000
ROA not before:           Sat 11 Feb 2023 15:17:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212853
IP address blocks:        45.81.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 10:21:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:41:0d:2e:7f:29:20:97:39:39:7c:11:c6:81:66:0e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
        Validity
            Not Before: Feb 11 15:17:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32d8564a2f922c493df12f7660fe01c9126da0b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:0f:28:52:98:83:d1:61:e0:fd:f0:e0:71:62:
                    37:1f:f4:47:31:f0:00:9f:19:e8:cd:52:44:2a:26:
                    a8:8f:27:ff:8e:f8:3d:ac:66:0a:92:a3:55:23:6d:
                    ba:f2:01:f6:5f:47:3a:87:bb:08:72:7c:19:d9:bb:
                    35:58:df:79:3b:fd:d0:06:5c:a5:7e:12:72:89:48:
                    3b:d2:cc:2d:fe:f2:83:e0:70:64:0c:64:ef:15:87:
                    b6:21:6e:c4:ca:64:c8:d5:96:14:6c:e8:d7:d1:50:
                    5e:59:88:ff:1f:f9:cb:4c:39:a3:10:74:65:f5:e5:
                    36:b0:1f:c2:76:e4:01:5f:d1:82:c8:4b:06:93:8b:
                    43:5a:69:ef:62:6d:cb:af:f0:33:4d:f9:16:a5:3a:
                    82:be:66:7e:4b:11:5c:ca:b9:a6:83:3c:8c:b4:4f:
                    2b:08:44:17:81:1a:fc:c2:a1:54:86:07:1f:24:e6:
                    cc:b9:a9:17:38:cc:fa:12:42:6f:90:70:c2:d2:bf:
                    04:88:a7:86:fb:06:48:eb:e8:a4:d1:f7:01:d6:3c:
                    d9:65:25:30:9d:0e:00:af:cf:83:08:ac:d2:4d:84:
                    f2:35:78:fb:5d:f2:59:25:67:1d:2e:45:be:3e:dc:
                    6c:50:30:ef:6a:b1:e6:b9:20:25:b3:3c:60:65:9b:
                    6d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D8:56:4A:2F:92:2C:49:3D:F1:2F:76:60:FE:01:C9:12:6D:A0:B8
            X509v3 Authority Key Identifier:
                keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/MthWSi-SLEk98S92YP4ByRJtoLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:a3:fd:ba:56:74:46:72:ef:3a:e4:ba:dd:ed:08:50:b6:16:
         6f:d5:10:21:c7:65:62:18:8f:ea:85:28:9f:ee:c6:59:c1:09:
         fe:3e:04:67:66:93:b0:76:c8:82:46:b9:b5:e6:f1:82:66:c3:
         4d:76:3c:a7:72:d1:f8:5e:de:5b:6f:0a:d6:46:1b:0b:2f:a7:
         f3:8e:88:2c:2e:be:c9:2a:74:ce:28:73:b0:41:52:43:39:03:
         24:93:67:01:4c:7d:7b:ce:54:60:e6:02:66:9d:e1:06:66:68:
         93:72:4f:6a:d7:b8:5d:63:b7:70:36:95:d7:66:89:2c:dd:5c:
         4d:cc:85:86:84:9d:f0:8a:65:3c:4c:b5:06:aa:9d:4c:9e:e0:
         f2:f8:8d:20:4b:e6:e2:48:a4:e9:4e:76:f5:3f:66:6c:fe:77:
         6a:d6:92:60:bb:f1:d2:05:56:14:32:c2:54:bd:10:02:62:84:
         87:77:b1:40:29:80:9a:c6:98:44:cb:8e:1b:27:33:ea:48:d6:
         51:5d:71:a0:96:16:34:7b:26:62:5c:0f:2b:0a:90:4b:5a:47:
         29:0b:6a:8a:43:3b:76:65:d8:dd:20:11:a2:77:82:a8:5c:2e:
         d1:36:e8:06:64:9b:dc:08:6d:c0:90:93:e6:8f:a9:73:ad:a8:
         53:f7:1e:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZBDS5/KSCXOTl8EcaBZg7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjMwMjExMTUxNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ4NTY0YTJmOTIyYzQ5M2RmMTJmNzY2MGZlMDFjOTEyNmRhMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ8oUpiD0WHg/fDgcWI3H/RHMfAA
nxnozVJEKiaojyf/jvg9rGYKkqNVI2268gH2X0c6h7sIcnwZ2bs1WN95O/3QBlyl
fhJyiUg70swt/vKD4HBkDGTvFYe2IW7EymTI1ZYUbOjX0VBeWYj/H/nLTDmjEHRl
9eU2sB/CduQBX9GCyEsGk4tDWmnvYm3Lr/AzTfkWpTqCvmZ+SxFcyrmmgzyMtE8r
CEQXgRr8wqFUhgcfJObMuakXOMz6EkJvkHDC0r8EiKeG+wZI6+ik0fcB1jzZZSUw
nQ4Ar8+DCKzSTYTyNXj7XfJZJWcdLkW+PtxsUDDvarHmuSAlszxgZZtt7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLYVkovkixJPfEvdmD+AckSbaC4MB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvTXRoV1NpLVNMRWs5OFM5MllQNEJ5Ukp0b0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVH+MA0G
CSqGSIb3DQEBCwUAA4IBAQABo/26VnRGcu865Lrd7QhQthZv1RAhx2ViGI/qhSif
7sZZwQn+PgRnZpOwdsiCRrm15vGCZsNNdjynctH4Xt5bbwrWRhsLL6fzjogsLr7J
KnTOKHOwQVJDOQMkk2cBTH17zlRg5gJmneEGZmiTck9q17hdY7dwNpXXZoks3VxN
zIWGhJ3wimU8TLUGqp1MnuDy+I0gS+biSKTpTnb1P2Zs/ndq1pJgu/HSBVYUMsJU
vRACYoSHd7FAKYCaxphEy44bJzPqSNZRXXGglhY0eyZiXA8rCpBLWkcpC2qKQzt2
ZdjdIBGid4KoXC7RNugGZJvcCG3AkJPmj6lzrahT9x6Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org