Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/4u56XNjo17pKHMXsR-wYdPz0c_A.roa
File:                     4u56XNjo17pKHMXsR-wYdPz0c_A.roa (raw, json)
Hash identifier:          Y4KIncA/4XZXXoTwAJZCaV2yVj83MyfUR9v2DDIRYrE=
Subject key identifier:   E2:EE:7A:5C:D8:E8:D7:BA:4A:1C:C5:EC:47:EC:18:74:FC:F4:73:F0
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       018CC8DE1551B3EF5AB0A1A51C86A81E3E7C
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/4u56XNjo17pKHMXsR-wYdPz0c_A.roa
Signing time:             Tue 02 Jan 2024 06:30:46 +0000
ROA not before:           Tue 02 Jan 2024 06:30:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50225
IP address blocks:        45.139.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Jan 2024 17:05:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:15:51:b3:ef:5a:b0:a1:a5:1c:86:a8:1e:3e:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Jan  2 06:30:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e2ee7a5cd8e8d7ba4a1cc5ec47ec1874fcf473f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:7e:20:35:4e:72:98:f0:57:82:15:35:90:a1:
                    b6:1a:f3:3b:f6:df:e8:70:a2:38:aa:9f:06:e1:be:
                    ab:fc:27:d9:47:57:0e:e5:e6:aa:03:c1:f9:ca:be:
                    12:1a:e8:5a:1b:c0:0d:05:61:1b:57:fa:b1:f9:38:
                    90:e6:a8:42:06:bd:91:cc:cb:88:b5:98:d8:e9:6e:
                    66:2d:3c:66:b0:fb:53:69:78:28:86:37:bf:7f:07:
                    b1:11:38:77:73:5a:eb:6b:65:33:ca:18:0f:21:f5:
                    0a:d9:e4:1f:2a:b5:bf:bd:f3:ef:58:d1:10:61:40:
                    cb:59:c3:66:fb:01:c7:fe:d5:bd:a4:fd:6b:7b:b0:
                    be:4b:aa:4e:1f:a4:86:b8:68:5d:38:29:05:32:73:
                    18:3f:a5:28:a5:f1:48:6a:f7:06:d5:0d:b8:0a:f4:
                    f3:88:b6:10:82:15:1a:c5:7f:ba:36:43:43:ab:d2:
                    ba:4f:f1:97:77:a9:cf:d8:41:b7:83:00:71:33:0e:
                    93:1d:a1:59:52:86:a6:2a:60:e7:5d:e4:1f:ef:d9:
                    7f:b5:e3:14:c0:60:9d:de:7f:9b:aa:f8:24:27:9f:
                    44:a2:ac:6b:36:9c:bf:dd:39:51:d3:48:e8:0f:01:
                    7f:97:b6:61:0f:e8:b0:ab:ca:17:d9:f5:b5:91:11:
                    f6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:EE:7A:5C:D8:E8:D7:BA:4A:1C:C5:EC:47:EC:18:74:FC:F4:73:F0
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/4u56XNjo17pKHMXsR-wYdPz0c_A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:6f:03:bf:f1:dc:35:24:20:a2:ee:d5:57:1d:3e:06:89:9b:
         d2:fb:52:32:42:0d:94:0c:b1:28:2b:b0:6e:09:57:73:ed:14:
         08:74:99:e1:9e:7f:6f:3e:28:b6:cb:61:52:56:1a:ca:8d:bd:
         63:eb:5d:35:bf:0e:46:e1:7e:e5:46:e8:54:5e:d7:10:09:8f:
         fa:af:db:da:1a:26:ca:69:75:f8:9a:df:d7:dd:76:f7:72:14:
         58:36:bb:a6:31:90:e7:2b:99:7b:83:01:f4:f6:6f:da:94:b6:
         7f:14:2c:ea:2a:d3:8b:50:1f:97:5c:ae:ca:dd:95:76:24:65:
         95:b8:2a:0a:b2:d8:e7:fa:6a:c6:4b:a0:0a:32:c2:e2:5e:13:
         ca:09:ab:7e:ce:33:49:3d:0e:f0:7e:a9:9d:e6:b0:9c:3d:5a:
         58:c4:b7:1f:99:4e:16:1d:65:d6:bd:02:61:f7:72:92:03:bc:
         19:76:75:98:21:42:be:66:ac:6a:73:99:da:f3:00:eb:b7:ff:
         8c:76:e7:9a:3c:0f:ae:57:e2:bc:38:38:97:fd:42:04:2c:f7:
         c7:7c:f4:38:6f:14:5c:27:0d:74:5d:1b:a9:ee:3a:44:15:52:
         70:6f:a8:05:63:96:f2:30:d5:27:7d:38:98:f8:cc:a7:20:35:
         a2:10:de:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3hVRs+9asKGlHIaoHj58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjQwMTAyMDYzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVlN2E1Y2Q4ZThkN2JhNGExY2M1ZWM0N2VjMTg3NGZjZjQ3M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln4gNU5ymPBXghU1kKG2GvM79t/o
cKI4qp8G4b6r/CfZR1cO5eaqA8H5yr4SGuhaG8ANBWEbV/qx+TiQ5qhCBr2RzMuI
tZjY6W5mLTxmsPtTaXgohje/fwexETh3c1rra2UzyhgPIfUK2eQfKrW/vfPvWNEQ
YUDLWcNm+wHH/tW9pP1re7C+S6pOH6SGuGhdOCkFMnMYP6UopfFIavcG1Q24CvTz
iLYQghUaxX+6NkNDq9K6T/GXd6nP2EG3gwBxMw6THaFZUoamKmDnXeQf79l/teMU
wGCd3n+bqvgkJ59EoqxrNpy/3TlR00joDwF/l7ZhD+iwq8oX2fW1kRH2/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLuelzY6Ne6ShzF7EfsGHT89HPwMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvNHU1NlhOam8xN3BLSE1Yc1Itd1lkUHowY19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYvHMA0G
CSqGSIb3DQEBCwUAA4IBAQA1bwO/8dw1JCCi7tVXHT4GiZvS+1IyQg2UDLEoK7Bu
CVdz7RQIdJnhnn9vPii2y2FSVhrKjb1j6101vw5G4X7lRuhUXtcQCY/6r9vaGibK
aXX4mt/X3Xb3chRYNrumMZDnK5l7gwH09m/alLZ/FCzqKtOLUB+XXK7K3ZV2JGWV
uCoKstjn+mrGS6AKMsLiXhPKCat+zjNJPQ7wfqmd5rCcPVpYxLcfmU4WHWXWvQJh
93KSA7wZdnWYIUK+Zqxqc5na8wDrt/+MdueaPA+uV+K8ODiX/UIELPfHfPQ4bxRc
Jw10XRup7jpEFVJwb6gFY5byMNUnfTiY+MynIDWiEN6I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:46 2024 by rpki-client on console-fra.rpki-client.org