Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/J4O9Z9kLtD885UDEufPCzwIeg9g.roa
File:                     J4O9Z9kLtD885UDEufPCzwIeg9g.roa (raw, json)
Hash identifier:          MOZe59GZQeTTNaFoV5WNLju9GnnuucxWaFSAtyG34+0=
Subject key identifier:   27:83:BD:67:D9:0B:B4:3F:3C:E5:40:C4:B9:F3:C2:CF:02:1E:83:D8
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       018AAC23517EF11B486AAB5C1060B870B491
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/J4O9Z9kLtD885UDEufPCzwIeg9g.roa
Signing time:             Tue 19 Sep 2023 06:31:50 +0000
ROA not before:           Tue 19 Sep 2023 06:31:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        45.150.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 16 Dec 2023 20:57:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ac:23:51:7e:f1:1b:48:6a:ab:5c:10:60:b8:70:b4:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Sep 19 06:31:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2783bd67d90bb43f3ce540c4b9f3c2cf021e83d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:27:ff:f2:bc:fe:86:90:5f:a0:b0:fa:53:4b:
                    d1:0d:61:c0:83:ef:75:21:bf:21:ea:41:84:99:a3:
                    75:69:26:44:b9:f3:91:33:79:8a:cd:cc:10:8b:9f:
                    fe:e6:c4:64:5a:23:b8:40:bf:d6:b6:4e:50:92:f4:
                    c6:13:11:96:06:97:36:80:2b:2d:f6:b3:ba:bd:61:
                    9a:6f:a4:f2:7f:85:a9:65:9a:a9:20:45:de:0f:4c:
                    fe:9a:03:3b:ac:bf:a2:8f:14:6f:39:46:da:bb:d4:
                    c4:2c:c7:68:fc:4a:41:93:a2:80:4a:cc:1d:4f:b1:
                    a1:77:c1:ce:a7:ea:43:e6:11:85:34:53:90:77:11:
                    d5:25:b6:f9:c9:b2:56:1a:6b:7f:9e:cc:ca:3a:ee:
                    bc:2c:52:8f:45:fb:2a:b7:fc:f4:21:67:c1:e1:34:
                    bb:4e:37:20:b5:e3:48:bf:b3:72:16:3a:ba:45:59:
                    ad:a0:02:da:ca:94:6a:02:0a:2f:8a:f3:a8:b5:4b:
                    47:b2:d3:d4:60:46:d9:b1:0f:d3:a2:92:c8:c5:4c:
                    2a:66:44:f8:09:7f:93:6c:83:d2:7a:bf:6e:17:c4:
                    df:18:0b:b5:87:f6:34:12:3f:e0:de:e5:ad:ba:b7:
                    fb:ce:2d:06:05:66:67:d0:a7:70:9a:44:16:90:4d:
                    0f:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:83:BD:67:D9:0B:B4:3F:3C:E5:40:C4:B9:F3:C2:CF:02:1E:83:D8
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/J4O9Z9kLtD885UDEufPCzwIeg9g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:6d:85:70:9a:bc:e3:25:f5:80:38:80:fc:e1:46:14:bd:bb:
         34:e8:e0:90:e6:9c:ec:05:41:d8:2b:77:03:d8:57:f8:12:1f:
         57:d2:91:16:42:a2:45:b2:7c:d5:de:95:e3:a5:ae:8b:cc:7f:
         5f:14:56:a9:b3:b7:a3:6f:a8:84:54:d0:26:c4:34:46:6d:cc:
         f2:ce:f9:0e:b1:d1:df:8b:98:fb:eb:c8:e6:f2:15:22:09:44:
         f6:f0:7b:3a:ab:10:1d:a8:e2:e1:29:6c:7a:69:ee:d5:06:26:
         ad:3f:a5:10:8e:76:11:42:ae:db:a1:77:62:d6:84:91:02:84:
         55:c3:5d:27:d5:b4:da:4a:f1:e3:ff:a9:23:af:a9:01:bb:57:
         dd:8a:2d:d7:a8:da:a1:36:e8:c3:da:16:03:83:93:70:f2:7b:
         25:72:56:96:76:97:9a:4e:a5:19:fe:e9:ed:0a:51:2a:f9:96:
         32:70:6d:53:c5:74:f6:4f:05:8b:c1:c9:7f:de:b0:aa:3f:ae:
         9e:d2:51:65:2b:f0:a7:fc:85:8c:20:62:98:05:c0:e8:85:12:
         fa:d6:16:78:7e:47:f4:1a:d3:d7:f5:eb:48:82:67:5f:60:42:
         20:bb:1b:f6:70:2b:19:5b:e1:26:c2:3b:0c:3a:d3:e5:55:f7:
         87:f3:10:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqsI1F+8RtIaqtcEGC4cLSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwOTE5MDYzMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgzYmQ2N2Q5MGJiNDNmM2NlNTQwYzRiOWYzYzJjZjAyMWU4M2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSf/8rz+hpBfoLD6U0vRDWHAg+91
Ib8h6kGEmaN1aSZEufORM3mKzcwQi5/+5sRkWiO4QL/Wtk5QkvTGExGWBpc2gCst
9rO6vWGab6Tyf4WpZZqpIEXeD0z+mgM7rL+ijxRvOUbau9TELMdo/EpBk6KASswd
T7Ghd8HOp+pD5hGFNFOQdxHVJbb5ybJWGmt/nszKOu68LFKPRfsqt/z0IWfB4TS7
TjcgteNIv7NyFjq6RVmtoALaypRqAgovivOotUtHstPUYEbZsQ/TopLIxUwqZkT4
CX+TbIPSer9uF8TfGAu1h/Y0Ej/g3uWturf7zi0GBWZn0KdwmkQWkE0PBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeDvWfZC7Q/POVAxLnzws8CHoPYMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvSjRPOVo5a0x0RDg4NVVERXVmUEN6d0llZzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZavMA0G
CSqGSIb3DQEBCwUAA4IBAQBWbYVwmrzjJfWAOID84UYUvbs06OCQ5pzsBUHYK3cD
2Ff4Eh9X0pEWQqJFsnzV3pXjpa6LzH9fFFaps7ejb6iEVNAmxDRGbczyzvkOsdHf
i5j768jm8hUiCUT28Hs6qxAdqOLhKWx6ae7VBiatP6UQjnYRQq7boXdi1oSRAoRV
w10n1bTaSvHj/6kjr6kBu1fdii3XqNqhNujD2hYDg5Nw8nslclaWdpeaTqUZ/unt
ClEq+ZYycG1TxXT2TwWLwcl/3rCqP66e0lFlK/Cn/IWMIGKYBcDohRL61hZ4fkf0
GtPX9etIgmdfYEIguxv2cCsZW+EmwjsMOtPlVfeH8xAK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org