Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/YvVBe1Crck1JWkHx_h2szD9HFfU.roa
File:                     YvVBe1Crck1JWkHx_h2szD9HFfU.roa (raw, json)
Hash identifier:          3ckYxYLstahw3PYFNS5D+oyPaF1OmBpzOEJ6LbbYqsM=
Subject key identifier:   62:F5:41:7B:50:AB:72:4D:49:5A:41:F1:FE:1D:AC:CC:3F:47:15:F5
Certificate issuer:       /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial:       0189AAA32BBD76CE395AA36A8207BE5E34C7
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/YvVBe1Crck1JWkHx_h2szD9HFfU.roa
Signing time:             Mon 31 Jul 2023 06:29:27 +0000
ROA not before:           Mon 31 Jul 2023 06:29:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        45.81.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:aa:a3:2b:bd:76:ce:39:5a:a3:6a:82:07:be:5e:34:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
        Validity
            Not Before: Jul 31 06:29:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=62f5417b50ab724d495a41f1fe1daccc3f4715f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:54:2d:08:db:c9:97:91:4a:fc:c2:08:da:a6:
                    aa:3c:ae:69:6c:4e:1f:07:9c:c9:75:87:f4:5e:17:
                    12:95:25:18:1c:90:9a:74:6e:ea:e3:5f:01:03:ac:
                    61:a9:1e:e8:81:6a:77:2e:4a:23:79:42:83:dd:5b:
                    d1:98:fb:fe:ab:0c:54:44:4a:01:fe:14:95:cc:58:
                    d5:b0:f3:3d:29:c5:7c:b1:2f:bb:e6:9e:af:03:f7:
                    3a:92:0d:30:0a:b8:35:97:e8:84:2b:20:cb:d6:df:
                    59:55:a0:c2:f0:f0:10:d6:d9:2f:5a:9f:04:bd:9e:
                    0c:a8:7e:b0:16:a5:4d:48:3d:33:1a:0f:c0:a0:0d:
                    dd:9d:cd:27:dd:33:92:bd:4f:a3:ce:5b:30:fd:52:
                    3e:4a:ea:9b:f1:c3:37:3d:e5:17:e2:fc:d3:a8:ba:
                    6c:b1:90:79:c5:ed:1e:35:a0:ad:b1:42:28:b7:3f:
                    e6:83:7a:a1:6b:f8:50:ad:52:61:92:29:79:b7:75:
                    84:b6:e2:85:0b:b7:44:4c:9c:10:be:f9:d0:70:87:
                    57:8c:8e:d3:f4:e0:83:28:75:48:0b:4d:fc:41:4f:
                    22:28:a7:31:ae:a1:31:d9:de:65:b0:f3:1b:37:f9:
                    7a:00:f4:b1:4c:60:d9:02:37:4d:d9:08:05:2d:e3:
                    bd:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:F5:41:7B:50:AB:72:4D:49:5A:41:F1:FE:1D:AC:CC:3F:47:15:F5
            X509v3 Authority Key Identifier:
                keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/YvVBe1Crck1JWkHx_h2szD9HFfU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:ab:3c:4c:d8:3c:24:13:30:2b:2d:c7:4a:8b:ea:c1:a4:77:
         d7:2d:47:ea:0b:c1:f1:07:b6:93:6a:c7:73:06:d0:1f:d4:1f:
         3e:8a:1b:cd:5d:3c:b5:30:0f:50:28:c9:c9:51:45:19:15:6a:
         e5:d4:8d:c2:d5:1b:3a:6f:b7:e6:94:21:ac:d6:2c:8d:34:95:
         cc:d5:ad:ad:9f:80:1d:d3:c0:da:5c:c9:16:6f:53:39:37:f3:
         df:b4:5d:cf:31:1a:9b:78:d5:f0:09:fe:4b:4b:88:ff:e0:1e:
         25:49:95:33:2c:52:5f:2a:43:04:c6:b5:5a:e5:dc:65:69:a0:
         9d:40:e8:28:ff:42:63:ba:8e:b2:ea:4c:cc:44:8b:27:86:0c:
         d5:7b:37:bd:19:36:f1:20:42:56:81:88:2b:44:58:cf:c2:d4:
         ca:e1:0c:9f:a8:d0:1e:04:7f:fa:03:2f:77:cf:98:82:47:ab:
         8d:29:12:12:28:65:6b:b2:ff:44:0d:d3:8d:dd:15:64:a4:c0:
         97:b3:4c:bc:b0:bb:f0:4c:2b:47:1e:df:c4:04:91:1d:2a:c7:
         0a:e3:62:47:46:02:7d:d0:ba:15:27:71:29:21:58:bd:c3:9f:
         92:9c:de:e5:b3:9c:ed:8b:1b:a3:d0:28:59:d5:bf:4c:7f:8f:
         db:79:31:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmqoyu9ds45WqNqgge+XjTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjMwNzMxMDYyOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmY1NDE3YjUwYWI3MjRkNDk1YTQxZjFmZTFkYWNjYzNmNDcxNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFQtCNvJl5FK/MII2qaqPK5pbE4f
B5zJdYf0XhcSlSUYHJCadG7q418BA6xhqR7ogWp3LkojeUKD3VvRmPv+qwxUREoB
/hSVzFjVsPM9KcV8sS+75p6vA/c6kg0wCrg1l+iEKyDL1t9ZVaDC8PAQ1tkvWp8E
vZ4MqH6wFqVNSD0zGg/AoA3dnc0n3TOSvU+jzlsw/VI+Suqb8cM3PeUX4vzTqLps
sZB5xe0eNaCtsUIotz/mg3qha/hQrVJhkil5t3WEtuKFC7dETJwQvvnQcIdXjI7T
9OCDKHVIC038QU8iKKcxrqEx2d5lsPMbN/l6APSxTGDZAjdN2QgFLeO9QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGL1QXtQq3JNSVpB8f4drMw/RxX1MB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvWXZWQmUxQ3JjazFKV2tIeF9oMnN6RDlIRmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVH/MA0G
CSqGSIb3DQEBCwUAA4IBAQB7qzxM2DwkEzArLcdKi+rBpHfXLUfqC8HxB7aTasdz
BtAf1B8+ihvNXTy1MA9QKMnJUUUZFWrl1I3C1Rs6b7fmlCGs1iyNNJXM1a2tn4Ad
08DaXMkWb1M5N/PftF3PMRqbeNXwCf5LS4j/4B4lSZUzLFJfKkMExrVa5dxlaaCd
QOgo/0Jjuo6y6kzMRIsnhgzVeze9GTbxIEJWgYgrRFjPwtTK4QyfqNAeBH/6Ay93
z5iCR6uNKRISKGVrsv9EDdON3RVkpMCXs0y8sLvwTCtHHt/EBJEdKscK42JHRgJ9
0LoVJ3EpIVi9w5+SnN7ls5ztixuj0ChZ1b9Mf4/beTHh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org