Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/aM4Y_iQNOCI8oaojlKoxq83ZLWk.roa
File:                     aM4Y_iQNOCI8oaojlKoxq83ZLWk.roa (raw, json)
Hash identifier:          an1QRRMww3OlpPX6F3VArjU7p5SO98zH+8KhDinAv0A=
Subject key identifier:   68:CE:18:FE:24:0D:38:22:3C:A1:AA:23:94:AA:31:AB:CD:D9:2D:69
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       01856BC0EDCB5CE88C775259A01560144DC7
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/aM4Y_iQNOCI8oaojlKoxq83ZLWk.roa
Signing time:             Sun 01 Jan 2023 05:14:44 +0000
ROA not before:           Sun 01 Jan 2023 05:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.150.64.0/24 maxlen: 32
                          45.150.67.0/24 maxlen: 32
                          45.140.147.0/24 maxlen: 32
                          45.140.146.0/24 maxlen: 32
                          185.234.247.0/24 maxlen: 32
                          45.144.29.0/24 maxlen: 32
                          45.144.31.0/24 maxlen: 32
                          45.144.30.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Wed 08 Feb 2023 08:44:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c0:ed:cb:5c:e8:8c:77:52:59:a0:15:60:14:4d:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jan  1 05:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=68ce18fe240d38223ca1aa2394aa31abcdd92d69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:f9:69:68:9a:3f:23:49:dd:fb:bf:61:0c:f5:
                    62:4f:1c:fd:eb:6c:07:07:99:89:79:61:0d:26:aa:
                    4f:c8:5b:48:88:1d:b5:db:6e:28:55:b2:7d:2a:c4:
                    3e:1f:a7:5d:32:6f:15:15:91:7b:39:ec:c0:59:8e:
                    39:d3:3a:27:fa:b8:a6:2e:be:2e:71:b6:f1:a7:c9:
                    b1:46:55:c4:68:6e:e4:a5:23:c6:b4:8d:57:9a:cf:
                    1c:80:36:54:fc:dc:bb:12:66:e6:14:12:5d:b7:bd:
                    4e:3a:f7:1f:1e:f8:af:c4:4c:ac:ec:b4:59:5d:9e:
                    b8:f1:b8:07:47:90:50:d2:96:1d:4e:7b:d5:a3:0e:
                    93:fb:4a:a1:42:85:32:88:c7:54:97:c3:ae:44:d4:
                    97:65:be:cd:bf:30:76:e7:ee:82:0a:9b:2d:c5:5f:
                    58:9e:43:20:e5:56:2b:6f:4b:49:12:02:39:85:9a:
                    e6:c2:80:00:f5:3d:ae:0b:3f:e6:44:bd:0a:11:f8:
                    60:27:64:22:eb:d5:f4:18:d8:7e:af:09:a4:53:d3:
                    4a:d6:c5:90:0a:be:aa:56:db:aa:85:bb:0c:84:fd:
                    f9:3a:70:97:cf:56:0a:ad:77:f7:a2:c3:4a:11:70:
                    af:b7:4d:16:e4:b8:1b:70:83:89:80:9e:7c:e4:2b:
                    e3:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:CE:18:FE:24:0D:38:22:3C:A1:AA:23:94:AA:31:AB:CD:D9:2D:69
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/aM4Y_iQNOCI8oaojlKoxq83ZLWk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.146.0/23
                  45.144.29.0-45.144.31.255
                  45.150.64.0/24
                  45.150.67.0/24
                  185.234.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:fa:ad:df:3d:4e:34:c9:0e:82:65:c2:a2:a0:78:b2:7a:2e:
         1c:32:61:6d:e1:46:f0:2b:ff:84:0e:be:36:60:c4:7d:bd:fb:
         f7:b1:07:63:75:28:cf:fc:be:89:08:a9:af:14:1c:af:5a:05:
         66:fd:5c:90:c2:93:d9:d0:d8:eb:ec:e2:95:9f:86:1a:f5:b5:
         a7:6f:f5:85:b8:34:dc:d0:00:0f:b3:ad:3b:02:5b:be:06:05:
         63:92:e5:e6:5f:04:09:12:9a:bd:56:2b:50:eb:fa:3d:e1:04:
         d4:ed:e6:85:bb:b4:38:9e:b8:03:63:f5:e4:be:d2:ec:cc:7a:
         82:b1:4c:93:35:41:30:9c:ff:a2:ad:14:63:82:88:b5:53:45:
         c6:f5:ff:bb:84:91:20:ef:d3:e9:ec:20:d1:b4:d7:c0:26:25:
         0c:0e:cf:d9:f5:32:5a:50:e3:55:8e:de:ea:2c:f2:80:3c:dc:
         c1:12:c3:82:7d:18:5a:62:ba:dc:e0:ee:3f:f2:d6:e6:71:f8:
         c2:16:ca:db:d5:f0:7f:8f:cd:d4:ad:43:24:6a:47:a6:7f:6c:
         82:eb:44:bf:eb:fe:84:f5:0c:95:d2:ad:69:c0:a4:d2:00:75:
         e6:77:48:ac:1e:12:83:8e:94:57:60:d1:09:45:fc:3f:8d:fd:
         bf:27:5f:37
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVrwO3LXOiMd1JZoBVgFE3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMTAxMDUxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNlMThmZTI0MGQzODIyM2NhMWFhMjM5NGFhMzFhYmNkZDkyZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/lpaJo/I0nd+79hDPViTxz962wH
B5mJeWENJqpPyFtIiB21224oVbJ9KsQ+H6ddMm8VFZF7OezAWY450zon+rimLr4u
cbbxp8mxRlXEaG7kpSPGtI1Xms8cgDZU/Ny7EmbmFBJdt71OOvcfHvivxEys7LRZ
XZ648bgHR5BQ0pYdTnvVow6T+0qhQoUyiMdUl8OuRNSXZb7NvzB25+6CCpstxV9Y
nkMg5VYrb0tJEgI5hZrmwoAA9T2uCz/mRL0KEfhgJ2Qi69X0GNh+rwmkU9NK1sWQ
Cr6qVtuqhbsMhP35OnCXz1YKrXf3osNKEXCvt00W5LgbcIOJgJ585CvjGwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGjOGP4kDTgiPKGqI5SqMavN2S1pMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvYU00WV9pUU5PQ0k4b2FvamxLb3hxODNaTFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBLYySMAwD
BAAtkB0DBAUtkAADBAAtlkADBAAtlkMDBAC56vcwDQYJKoZIhvcNAQELBQADggEB
ABX6rd89TjTJDoJlwqKgeLJ6LhwyYW3hRvAr/4QOvjZgxH29+/exB2N1KM/8vokI
qa8UHK9aBWb9XJDCk9nQ2Ovs4pWfhhr1tadv9YW4NNzQAA+zrTsCW74GBWOS5eZf
BAkSmr1WK1Dr+j3hBNTt5oW7tDieuANj9eS+0uzMeoKxTJM1QTCc/6KtFGOCiLVT
Rcb1/7uEkSDv0+nsING018AmJQwOz9n1MlpQ41WO3uos8oA83MESw4J9GFpiutzg
7j/y1uZx+MIWytvV8H+PzdStQyRqR6Z/bILrRL/r/oT1DJXSrWnApNIAdeZ3SKwe
EoOOlFdg0QlF/D+N/b8nXzc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:38 2024 by rpki-client on console-fra.rpki-client.org