Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/gGoBnhvZHp-hVpNEFey9kiUo-wU.roa
File:                     gGoBnhvZHp-hVpNEFey9kiUo-wU.roa (raw, json)
Hash identifier:          ZQbr1zgMCHWqsv5Nheq9Wi4z1OebHgJTd9zKMwHZKCk=
Subject key identifier:   80:6A:01:9E:1B:D9:1E:9F:A1:56:93:44:15:EC:BD:92:25:28:FB:05
Certificate issuer:       /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial:       018B1E667FF77221C3C5E2E2D288886D6CE4
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/gGoBnhvZHp-hVpNEFey9kiUo-wU.roa
Signing time:             Wed 11 Oct 2023 11:01:55 +0000
ROA not before:           Wed 11 Oct 2023 11:01:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212853
IP address blocks:        45.81.252.0/24 maxlen: 24
                          45.81.254.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1e:66:7f:f7:72:21:c3:c5:e2:e2:d2:88:88:6d:6c:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
        Validity
            Not Before: Oct 11 11:01:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=806a019e1bd91e9fa156934415ecbd922528fb05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:1a:8d:f5:53:f2:2e:e2:89:49:bf:d0:11:a7:
                    af:da:04:77:e1:2d:0b:da:20:00:6d:ec:c9:80:cd:
                    04:20:57:0f:da:33:2c:0f:d5:2d:36:da:df:af:a6:
                    37:b4:ad:c4:cc:90:0d:f5:e4:61:cb:70:09:92:aa:
                    87:ab:da:77:e1:a4:83:bc:85:12:1c:b3:4e:40:f6:
                    c0:83:25:e2:29:7c:74:23:a3:0f:d7:26:d3:0d:9e:
                    7d:ec:a3:0b:07:02:26:6f:45:b8:dc:cc:00:f4:35:
                    89:77:b3:82:8b:e2:3e:72:f5:ad:b0:2a:2f:7b:86:
                    ea:d1:bb:3c:e4:28:6a:69:4d:d0:68:fe:12:df:0a:
                    1f:93:3b:9c:dc:e5:c4:01:3a:c7:7a:cf:03:ee:77:
                    1e:d0:3f:8a:70:ef:8a:6c:ea:8d:8d:96:44:0e:dd:
                    d6:87:40:cd:1d:3f:96:a1:4a:d8:aa:0c:29:cc:94:
                    59:b4:71:9b:06:e9:d1:66:b8:1b:84:0a:38:55:f3:
                    dd:01:d7:c3:6a:83:ce:ec:fc:4b:e5:a1:ea:ff:8d:
                    a2:e7:1c:7a:b4:b3:9d:7f:a2:19:4b:ee:00:3d:aa:
                    2d:a3:a5:37:9d:5c:05:68:37:e5:f3:f7:40:58:a5:
                    45:27:ec:59:17:c9:75:c9:ce:b7:f8:5d:41:ad:0d:
                    57:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:6A:01:9E:1B:D9:1E:9F:A1:56:93:44:15:EC:BD:92:25:28:FB:05
            X509v3 Authority Key Identifier:
                keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/gGoBnhvZHp-hVpNEFey9kiUo-wU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.252.0/24
                  45.81.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:c9:89:58:86:bc:2e:ea:81:09:f9:e5:ce:5a:08:95:3c:1a:
         7d:2d:5c:28:60:f0:bc:85:ae:d4:54:ce:17:49:69:69:4e:74:
         fe:45:82:8a:9d:80:c1:61:b7:5f:88:7f:24:a8:6e:d2:3f:bd:
         9a:02:54:40:61:65:e2:74:22:95:0c:de:1c:ef:3a:f5:39:74:
         e0:38:15:55:c0:f5:ce:99:f2:0e:92:c9:56:7f:b0:11:d4:1d:
         b6:db:88:4e:48:2f:23:b4:1f:76:c0:2a:65:d9:12:4e:bf:bd:
         08:8e:5d:5e:0e:2f:c8:15:24:3d:b5:30:f3:d4:0f:dc:ee:ea:
         52:ed:05:c5:60:7e:9b:3f:ab:49:70:d8:d9:00:80:49:df:e0:
         7a:c4:b3:1f:6b:5b:12:04:6d:7f:d2:05:ed:d4:0e:87:1b:b8:
         9a:9a:39:79:b2:94:89:87:a7:80:2b:22:a1:58:58:77:6e:95:
         50:a8:e9:57:7e:74:f9:94:73:be:06:b8:db:70:03:0b:b1:0d:
         a8:fe:02:c6:b7:2a:3e:9e:50:9b:be:3e:59:2d:59:4e:6c:df:
         44:bb:38:15:6d:01:83:63:b4:1a:09:f0:ca:dc:d6:34:3e:4f:
         ba:44:09:b2:0c:ac:ea:85:d9:e7:e1:7f:e8:1a:bc:bf:54:b7:
         af:93:f2:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYseZn/3ciHDxeLi0oiIbWzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjMxMDExMTEwMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDZhMDE5ZTFiZDkxZTlmYTE1NjkzNDQxNWVjYmQ5MjI1MjhmYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBqN9VPyLuKJSb/QEaev2gR34S0L
2iAAbezJgM0EIFcP2jMsD9UtNtrfr6Y3tK3EzJAN9eRhy3AJkqqHq9p34aSDvIUS
HLNOQPbAgyXiKXx0I6MP1ybTDZ597KMLBwImb0W43MwA9DWJd7OCi+I+cvWtsCov
e4bq0bs85ChqaU3QaP4S3wofkzuc3OXEATrHes8D7nce0D+KcO+KbOqNjZZEDt3W
h0DNHT+WoUrYqgwpzJRZtHGbBunRZrgbhAo4VfPdAdfDaoPO7PxL5aHq/42i5xx6
tLOdf6IZS+4APaoto6U3nVwFaDfl8/dAWKVFJ+xZF8l1yc63+F1BrQ1X0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIBqAZ4b2R6foVaTRBXsvZIlKPsFMB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvZ0dvQm5odlpIcC1oVnBORUZleTlraVVvLXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVH8AwQA
LVH+MA0GCSqGSIb3DQEBCwUAA4IBAQAoyYlYhrwu6oEJ+eXOWgiVPBp9LVwoYPC8
ha7UVM4XSWlpTnT+RYKKnYDBYbdfiH8kqG7SP72aAlRAYWXidCKVDN4c7zr1OXTg
OBVVwPXOmfIOkslWf7AR1B2224hOSC8jtB92wCpl2RJOv70Ijl1eDi/IFSQ9tTDz
1A/c7upS7QXFYH6bP6tJcNjZAIBJ3+B6xLMfa1sSBG1/0gXt1A6HG7iamjl5spSJ
h6eAKyKhWFh3bpVQqOlXfnT5lHO+BrjbcAMLsQ2o/gLGtyo+nlCbvj5ZLVlObN9E
uzgVbQGDY7QaCfDK3NY0Pk+6RAmyDKzqhdnn4X/oGry/VLevk/J6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org