Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/6yW-AxRhVX6Susm0fjSNuF3Pp5s.roa
File:                     6yW-AxRhVX6Susm0fjSNuF3Pp5s.roa (raw, json)
Hash identifier:          jCYcTnLXdfzrBfhfOLhGdDPS1A3HxmhVAXd76ARILRk=
Subject key identifier:   EB:25:BE:03:14:61:55:7E:92:BA:C9:B4:7E:34:8D:B8:5D:CF:A7:9B
Certificate issuer:       /CN=5c61dcd3eb50c83d68060bcba4af152204193503
Certificate serial:       018DF51B5F59C45EAD3C0F913DAFD6E27CBC
Authority key identifier: 5C:61:DC:D3:EB:50:C8:3D:68:06:0B:CB:A4:AF:15:22:04:19:35:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/6yW-AxRhVX6Susm0fjSNuF3Pp5s.roa
Signing time:             Thu 29 Feb 2024 13:43:48 +0000
ROA not before:           Thu 29 Feb 2024 13:43:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204798
IP address blocks:        45.128.120.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 16:09:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f5:1b:5f:59:c4:5e:ad:3c:0f:91:3d:af:d6:e2:7c:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c61dcd3eb50c83d68060bcba4af152204193503
        Validity
            Not Before: Feb 29 13:43:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eb25be031461557e92bac9b47e348db85dcfa79b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:09:be:11:69:58:e5:67:da:f5:b8:9b:ef:70:
                    cd:69:d6:fe:83:97:d1:e2:b6:1a:6a:71:87:20:9c:
                    bb:ea:f1:f6:b1:1a:00:9d:b7:68:e1:4b:8a:f8:ba:
                    3d:b1:68:88:aa:30:61:43:cd:c2:37:69:3c:8d:8c:
                    9c:82:ab:43:80:70:39:51:7d:b0:21:f7:68:b7:ef:
                    78:c3:e0:7e:8a:57:a6:35:5f:f7:7b:d3:d9:8a:96:
                    ca:85:fe:f1:23:c3:0a:34:e5:ac:6c:26:54:d1:88:
                    59:42:10:d6:8e:38:f3:9c:1c:d9:aa:bd:06:c9:37:
                    35:ec:35:6a:f4:6c:52:ee:e9:ba:ef:e0:e2:0c:ea:
                    38:0a:67:16:ab:0f:b2:1d:9c:a9:a6:e9:20:60:09:
                    f5:57:6e:36:b1:77:60:bf:79:bd:23:a2:3b:fe:11:
                    33:69:2b:b8:a0:ee:7b:d4:6b:7e:07:ea:02:d3:15:
                    07:cc:31:8b:c3:26:54:ad:36:bd:60:49:4a:2b:03:
                    c8:ca:85:5b:d4:a0:66:00:84:74:82:93:c7:7d:3f:
                    d8:ee:f1:f3:45:8d:3b:5a:5a:1f:72:b3:41:51:15:
                    77:f2:74:fb:8f:ab:40:0c:0e:20:fd:ae:15:50:e2:
                    78:59:ba:d3:85:cf:b0:84:78:c3:76:5f:10:3a:e0:
                    cc:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:25:BE:03:14:61:55:7E:92:BA:C9:B4:7E:34:8D:B8:5D:CF:A7:9B
            X509v3 Authority Key Identifier:
                keyid:5C:61:DC:D3:EB:50:C8:3D:68:06:0B:CB:A4:AF:15:22:04:19:35:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/6yW-AxRhVX6Susm0fjSNuF3Pp5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XGHc0-tQyD1oBgvLpK8VIgQZNQM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         07:35:e7:30:4a:02:bf:0b:55:f6:2e:66:ee:63:d2:ec:08:ac:
         96:f7:61:d1:e4:89:6b:48:57:a2:99:e6:fc:a3:40:75:05:58:
         ac:7e:5e:b9:77:4a:4d:43:23:73:c5:82:cb:93:a6:08:17:1a:
         22:b6:85:30:3d:55:d3:bc:21:72:1c:81:87:10:06:f2:a5:7f:
         c0:9b:90:7e:53:2d:72:1c:be:44:26:2b:0a:34:16:11:6c:63:
         ad:cf:2d:7b:f4:a6:d4:2e:19:b6:b2:da:4b:54:0a:38:ea:6d:
         30:1f:de:24:57:4e:b6:45:18:ba:59:0b:2d:ce:6f:a0:44:9f:
         9a:04:38:95:89:c1:e1:8b:6a:3a:20:a5:24:76:a6:1b:1b:d1:
         c6:35:a8:bd:9b:9b:ea:20:74:17:66:55:e2:fb:9f:a0:03:d9:
         5d:6f:40:d6:37:46:09:0f:b9:96:aa:a8:cf:35:54:3e:1f:4d:
         8f:86:48:6a:33:75:d4:e6:46:dd:4c:5d:51:ca:95:60:6f:8b:
         90:31:36:a5:57:91:a2:c6:41:42:5e:f6:aa:63:e6:5f:83:d0:
         fc:22:7b:06:08:be:d3:fa:ae:6b:82:e0:6e:0f:7b:96:19:3d:
         56:c4:80:a7:a8:4d:1f:6a:76:17:f3:ad:9b:3e:85:e1:c5:79:
         22:b7:82:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY31G19ZxF6tPA+RPa/W4ny8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFkY2QzZWI1MGM4M2Q2ODA2MGJjYmE0YWYxNTIyMDQx
OTM1MDMwHhcNMjQwMjI5MTM0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjI1YmUwMzE0NjE1NTdlOTJiYWM5YjQ3ZTM0OGRiODVkY2ZhNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwm+EWlY5Wfa9bib73DNadb+g5fR
4rYaanGHIJy76vH2sRoAnbdo4UuK+Lo9sWiIqjBhQ83CN2k8jYycgqtDgHA5UX2w
Ifdot+94w+B+ilemNV/3e9PZipbKhf7xI8MKNOWsbCZU0YhZQhDWjjjznBzZqr0G
yTc17DVq9GxS7um67+DiDOo4CmcWqw+yHZyppukgYAn1V242sXdgv3m9I6I7/hEz
aSu4oO571Gt+B+oC0xUHzDGLwyZUrTa9YElKKwPIyoVb1KBmAIR0gpPHfT/Y7vHz
RY07WlofcrNBURV38nT7j6tADA4g/a4VUOJ4WbrThc+whHjDdl8QOuDMyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOslvgMUYVV+krrJtH40jbhdz6ebMB8GA1UdIwQY
MBaAFFxh3NPrUMg9aAYLy6SvFSIEGTUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdIYzAtdFF5RDFvQmd2THBLOFZJZ1FaTlFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NGExNTUtNGQwMi00MDAyLThmM2Qt
YzM2ZDFjNDYwZTJmLzEvNnlXLUF4UmhWWDZTdXNtMGZqU051RjNQcDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80NGExNTUtNGQwMi00MDAyLThmM2QtYzM2ZDFjNDYwZTJm
LzEvWEdIYzAtdFF5RDFvQmd2THBLOFZJZ1FaTlFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYB4MA0G
CSqGSIb3DQEBCwUAA4IBAQAHNecwSgK/C1X2LmbuY9LsCKyW92HR5IlrSFeimeb8
o0B1BVisfl65d0pNQyNzxYLLk6YIFxoitoUwPVXTvCFyHIGHEAbypX/Am5B+Uy1y
HL5EJisKNBYRbGOtzy179KbULhm2stpLVAo46m0wH94kV062RRi6WQstzm+gRJ+a
BDiVicHhi2o6IKUkdqYbG9HGNai9m5vqIHQXZlXi+5+gA9ldb0DWN0YJD7mWqqjP
NVQ+H02PhkhqM3XU5kbdTF1RypVgb4uQMTalV5GixkFCXvaqY+Zfg9D8InsGCL7T
+q5rguBuD3uWGT1WxICnqE0fanYX862bPoXhxXkit4LS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org