Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XOjDJ5ptdyCQhRgSfMOum-l516g.roa
File:                     XOjDJ5ptdyCQhRgSfMOum-l516g.roa (raw, json)
Hash identifier:          5F2SzKkE8v9WEkLBjgcxjT1YfnUiPHaap1Glz03Kmdw=
Subject key identifier:   5C:E8:C3:27:9A:6D:77:20:90:85:18:12:7C:C3:AE:9B:E9:79:D7:A8
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       018DC972CBD4A5BD5D0A293E8B56A0A11C96
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XOjDJ5ptdyCQhRgSfMOum-l516g.roa
Signing time:             Wed 21 Feb 2024 02:16:00 +0000
ROA not before:           Wed 21 Feb 2024 02:16:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16276
IP address blocks:        45.153.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 29 Feb 2024 09:45:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c9:72:cb:d4:a5:bd:5d:0a:29:3e:8b:56:a0:a1:1c:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Feb 21 02:16:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ce8c3279a6d7720908518127cc3ae9be979d7a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d0:18:23:5c:72:2c:79:5a:03:d7:c8:bd:06:
                    65:ef:3e:fc:57:dd:5c:97:77:a0:fb:ba:d9:2b:cf:
                    1a:56:2e:81:c8:df:c5:fc:75:e6:8b:f7:1b:51:f5:
                    4c:92:a8:57:ba:1b:a5:4d:2d:97:81:a6:27:c6:1f:
                    ff:36:56:5f:47:dd:c1:29:14:11:fb:cd:68:10:d7:
                    26:b9:6e:ed:87:b5:99:6b:0c:4b:c5:54:dd:c5:46:
                    91:b8:9a:2d:70:62:c8:11:04:01:80:80:19:1c:fc:
                    a6:e2:69:3c:59:62:a2:84:04:0c:f8:3e:92:e0:db:
                    3e:e3:21:6f:78:ca:86:c3:96:12:37:a4:ff:8e:e0:
                    fe:4f:3b:1e:11:2c:47:e7:98:c9:7f:91:86:a9:ce:
                    b7:9d:65:c7:b0:51:b6:f9:29:7c:d2:f9:d4:5a:7c:
                    9a:b1:4e:bd:a2:b2:ee:11:05:7b:66:ee:d5:11:18:
                    88:f9:4a:61:7a:d2:e9:3b:df:78:b5:e2:a3:18:fd:
                    a6:33:2e:b0:8f:26:af:33:f5:2e:fd:6e:bf:5c:c5:
                    3d:25:93:8c:57:54:81:c1:92:92:47:82:99:9e:f3:
                    f1:fd:c1:38:9a:0e:4c:37:b0:bc:cb:e1:57:4b:59:
                    d9:b3:bd:d6:12:31:f8:90:4b:d7:92:fd:64:4a:af:
                    04:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:E8:C3:27:9A:6D:77:20:90:85:18:12:7C:C3:AE:9B:E9:79:D7:A8
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/XOjDJ5ptdyCQhRgSfMOum-l516g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:35:79:21:fa:ea:72:5c:19:c3:28:a9:f9:18:43:d7:80:05:
         bc:9d:f3:7f:05:71:33:19:e0:80:15:aa:63:f8:75:c1:8a:17:
         0c:fd:3b:19:e0:21:bc:f1:4a:d0:cb:02:e4:d5:d2:d1:16:dd:
         b2:5d:c8:fa:89:c2:b7:39:1a:84:fa:10:5d:38:fc:b0:f5:b4:
         73:d7:73:1c:fd:29:c5:0e:8c:c7:d4:f0:18:20:dd:6b:6b:f3:
         5b:59:95:b5:a8:5b:0b:47:45:5e:18:27:00:e1:bc:38:7a:4a:
         93:40:67:22:68:a8:ef:0e:e4:a1:ce:80:1f:78:5f:4f:89:f7:
         5f:16:a0:cb:92:c5:a0:fc:21:83:46:d4:da:b8:6c:20:fa:78:
         38:a3:2c:a8:aa:23:3e:f4:76:80:d5:12:7e:15:95:c9:6a:d7:
         ff:df:92:13:c1:de:59:f5:47:b9:0f:c2:04:76:ca:af:72:c0:
         9f:c4:5f:dc:29:fc:4e:84:3f:0f:94:65:6c:29:a9:d7:21:54:
         f5:8c:50:8c:29:11:c2:2d:d2:ff:29:bc:ac:17:9e:23:9d:c4:
         1e:97:aa:86:22:06:d5:52:f1:ee:a7:30:1e:d5:ec:e8:c1:08:
         5a:b4:c7:16:68:fe:8e:e0:29:8b:16:c1:16:5b:6b:45:31:15:
         57:b2:77:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3JcsvUpb1dCik+i1agoRyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMjIxMDIxNjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U4YzMyNzlhNmQ3NzIwOTA4NTE4MTI3Y2MzYWU5YmU5NzlkN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNAYI1xyLHlaA9fIvQZl7z78V91c
l3eg+7rZK88aVi6ByN/F/HXmi/cbUfVMkqhXuhulTS2XgaYnxh//NlZfR93BKRQR
+81oENcmuW7th7WZawxLxVTdxUaRuJotcGLIEQQBgIAZHPym4mk8WWKihAQM+D6S
4Ns+4yFveMqGw5YSN6T/juD+TzseESxH55jJf5GGqc63nWXHsFG2+Sl80vnUWnya
sU69orLuEQV7Zu7VERiI+UphetLpO994teKjGP2mMy6wjyavM/Uu/W6/XMU9JZOM
V1SBwZKSR4KZnvPx/cE4mg5MN7C8y+FXS1nZs73WEjH4kEvXkv1kSq8ExQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzowyeabXcgkIUYEnzDrpvpedeoMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvWE9qREo1cHRkeUNRaFJnU2ZNT3VtLWw1MTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZl8MA0G
CSqGSIb3DQEBCwUAA4IBAQCSNXkh+upyXBnDKKn5GEPXgAW8nfN/BXEzGeCAFapj
+HXBihcM/TsZ4CG88UrQywLk1dLRFt2yXcj6icK3ORqE+hBdOPyw9bRz13Mc/SnF
DozH1PAYIN1ra/NbWZW1qFsLR0VeGCcA4bw4ekqTQGciaKjvDuShzoAfeF9Pifdf
FqDLksWg/CGDRtTauGwg+ng4oyyoqiM+9HaA1RJ+FZXJatf/35ITwd5Z9Ue5D8IE
dsqvcsCfxF/cKfxOhD8PlGVsKanXIVT1jFCMKRHCLdL/KbysF54jncQel6qGIgbV
UvHupzAe1ezowQhatMcWaP6O4CmLFsEWW2tFMRVXsnck
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:12 2024 by rpki-client on console-ams.rpki-client.org