Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/2dRdQ2f3q6BDjck0dvTPpDdYsR4.roa
File:                     2dRdQ2f3q6BDjck0dvTPpDdYsR4.roa (raw, json)
Hash identifier:          tUIIanQIO7S+7WMi2LNfA88MOkOxPIymVno5fI4Cwaw=
Subject key identifier:   D9:D4:5D:43:67:F7:AB:A0:43:8D:C9:34:76:F4:CF:A4:37:58:B1:1E
Certificate issuer:       /CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Certificate serial:       018EE7BB277E1B2F5261ED4F5F2FC89E4606
Authority key identifier: 8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/2dRdQ2f3q6BDjck0dvTPpDdYsR4.roa
Signing time:             Tue 16 Apr 2024 16:26:25 +0000
ROA not before:           Tue 16 Apr 2024 16:26:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207054
IP address blocks:        45.10.12.0/22 maxlen: 22
                          45.15.92.0/22 maxlen: 22
                          185.167.112.0/22 maxlen: 22
                          185.231.192.0/22 maxlen: 22
                          194.58.24.0/22 maxlen: 22
                          2a0b:1a00::/29 maxlen: 29
                          2a0e:2680::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 08 May 2024 12:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e7:bb:27:7e:1b:2f:52:61:ed:4f:5f:2f:c8:9e:46:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
        Validity
            Not Before: Apr 16 16:26:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d9d45d4367f7aba0438dc93476f4cfa43758b11e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:5b:8f:26:e3:39:ed:9d:11:b6:2e:0d:10:7b:
                    3a:bf:d9:76:c5:e8:b0:2e:b3:ba:98:ee:ed:03:a5:
                    b5:36:80:66:ea:ad:44:ce:3c:24:f4:89:cf:a0:80:
                    ed:a6:0c:36:3c:36:99:2a:0d:6d:8d:41:6e:96:89:
                    e3:56:3a:96:f4:b5:c7:48:50:a8:96:f5:f0:aa:7d:
                    29:22:cd:6c:68:05:0f:15:e0:ab:8f:f0:c3:60:79:
                    dc:00:00:d4:f0:49:26:96:6a:52:30:68:31:09:ec:
                    1d:a8:de:38:f6:31:20:77:05:d1:51:ee:b7:36:13:
                    9e:c1:4f:94:2e:2a:8d:67:69:b0:b6:fd:c4:fc:a0:
                    0f:a2:6a:b3:74:58:a3:2f:70:22:86:88:19:55:af:
                    42:1b:78:e3:6b:70:7b:58:5c:98:50:4f:4c:b7:5f:
                    e3:ba:af:38:ca:8e:57:4a:ec:26:e2:d6:5d:54:d1:
                    bd:fc:43:bf:3e:24:f5:e1:77:e4:cd:a1:51:99:88:
                    e9:d2:cf:aa:4e:d3:1b:d1:de:ae:c6:f8:50:26:75:
                    98:aa:45:4f:9d:6a:ab:00:7b:d4:29:97:63:f3:f6:
                    82:ca:87:f6:1c:f3:23:b4:5a:cb:b1:fe:2e:b8:4e:
                    c8:24:7f:b3:99:a6:92:84:a3:99:14:f0:a7:53:22:
                    17:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:D4:5D:43:67:F7:AB:A0:43:8D:C9:34:76:F4:CF:A4:37:58:B1:1E
            X509v3 Authority Key Identifier:
                keyid:8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/2dRdQ2f3q6BDjck0dvTPpDdYsR4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.12.0/22
                  45.15.92.0/22
                  185.167.112.0/22
                  185.231.192.0/22
                  194.58.24.0/22
                IPv6:
                  2a0b:1a00::/29
                  2a0e:2680::/29

    Signature Algorithm: sha256WithRSAEncryption
         61:e9:95:82:04:7b:ce:91:90:54:06:b5:2c:12:b3:aa:de:11:
         26:c7:c2:17:7d:02:73:cd:de:a8:c6:d7:ec:91:0b:5e:10:a1:
         65:89:87:aa:ce:44:6e:39:26:27:4e:15:94:ad:5f:fd:3a:78:
         7b:e3:2c:cf:5d:5e:bc:48:ca:41:03:ec:dd:5f:6a:20:24:72:
         8a:b5:42:e5:7f:8e:f9:df:bd:e7:2e:98:4f:b9:b7:f7:fb:07:
         4c:4f:b7:09:3e:da:b4:e9:32:8b:8f:1c:0d:d1:da:92:95:f6:
         48:d1:ec:f7:8b:6d:ac:71:17:0f:aa:03:5f:af:7d:4f:1a:9c:
         61:f2:be:07:23:0d:79:c4:b3:0e:69:2a:af:bf:4e:7a:2a:9f:
         20:5a:e7:a7:f6:79:56:e0:11:4a:3f:80:11:37:df:9a:6c:5f:
         89:7d:d6:83:fd:2a:5e:68:90:08:72:8e:25:7c:6c:2d:14:03:
         15:30:50:dc:a1:cb:10:7f:61:10:aa:43:f1:05:11:dc:92:45:
         e6:f2:0c:b4:ba:da:f8:11:c7:1c:5d:83:08:4f:bd:4e:96:8e:
         7c:dd:92:80:ab:63:a1:fb:49:b2:af:90:57:0e:6c:09:4d:df:
         b0:47:c6:d1:24:2d:dc:b2:2e:1e:9c:50:74:4a:3c:29:5a:36:
         b2:83:91:09
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY7nuyd+Gy9SYe1PXy/InkYGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYzdlYWU2NDlkOTU0N2IwYWQwYWIwMDdhYjRlOGE0OGRl
ZDRkNWQwHhcNMjQwNDE2MTYyNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ0NWQ0MzY3ZjdhYmEwNDM4ZGM5MzQ3NmY0Y2ZhNDM3NThiMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6luPJuM57Z0Rti4NEHs6v9l2xeiw
LrO6mO7tA6W1NoBm6q1Ezjwk9InPoIDtpgw2PDaZKg1tjUFulonjVjqW9LXHSFCo
lvXwqn0pIs1saAUPFeCrj/DDYHncAADU8EkmlmpSMGgxCewdqN449jEgdwXRUe63
NhOewU+ULiqNZ2mwtv3E/KAPomqzdFijL3AihogZVa9CG3jja3B7WFyYUE9Mt1/j
uq84yo5XSuwm4tZdVNG9/EO/PiT14XfkzaFRmYjp0s+qTtMb0d6uxvhQJnWYqkVP
nWqrAHvUKZdj8/aCyof2HPMjtFrLsf4uuE7IJH+zmaaShKOZFPCnUyIXcwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNnUXUNn96ugQ43JNHb0z6Q3WLEeMB8GA1UdIwQY
MBaAFIrH6uZJ2VR7CtCrAHq06KSN7U1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYt
YWMwMWYwYzU2NjJiLzEvMmRSZFEyZjNxNkJEamNrMGR2VFBwRGRZc1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYtYWMwMWYwYzU2NjJi
LzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLQoMAwQC
LQ9cAwQCuadwAwQCuefAAwQCwjoYMBQEAgACMA4DBQMqCxoAAwUDKg4mgDANBgkq
hkiG9w0BAQsFAAOCAQEAYemVggR7zpGQVAa1LBKzqt4RJsfCF30Cc83eqMbX7JEL
XhChZYmHqs5EbjkmJ04VlK1f/Tp4e+Msz11evEjKQQPs3V9qICRyirVC5X+O+d+9
5y6YT7m39/sHTE+3CT7atOkyi48cDdHakpX2SNHs94ttrHEXD6oDX699TxqcYfK+
ByMNecSzDmkqr79OeiqfIFrnp/Z5VuARSj+AETffmmxfiX3Wg/0qXmiQCHKOJXxs
LRQDFTBQ3KHLEH9hEKpD8QUR3JJF5vIMtLra+BHHHF2DCE+9TpaOfN2SgKtjoftJ
sq+QVw5sCU3fsEfG0SQt3LIuHpxQdEo8KVo2soORCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:41 2024 by rpki-client on console-fra.rpki-client.org