Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/d9DR30FdAk1ynPysdWXm6OcvMsg.roa
File:                     d9DR30FdAk1ynPysdWXm6OcvMsg.roa (raw, json)
Hash identifier:          Jo/cJoLHGAulBxGyYDid2z2fZtK7MyMc2jdb+aTh1zY=
Subject key identifier:   77:D0:D1:DF:41:5D:02:4D:72:9C:FC:AC:75:65:E6:E8:E7:2F:32:C8
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       01886C299643CAB30227553944BE02DCEFBE
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/d9DR30FdAk1ynPysdWXm6OcvMsg.roa
Signing time:             Tue 30 May 2023 10:17:24 +0000
ROA not before:           Tue 30 May 2023 10:17:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        45.153.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Oct 2023 15:41:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6c:29:96:43:ca:b3:02:27:55:39:44:be:02:dc:ef:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: May 30 10:17:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77d0d1df415d024d729cfcac7565e6e8e72f32c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:9d:bf:3c:ac:c7:b4:0e:2c:3f:76:16:3a:f5:
                    18:d6:e2:e0:87:06:0d:96:8b:46:59:a5:97:94:a2:
                    e1:c3:de:a1:14:79:5f:06:3a:3d:cc:d5:49:ca:a1:
                    f6:a8:d1:aa:78:58:a7:8c:eb:72:7d:2e:75:98:90:
                    55:9c:00:4f:cf:5e:07:7f:d7:b6:16:f4:f2:63:00:
                    2e:6f:97:db:15:86:8d:05:b9:71:87:9a:30:4f:fa:
                    80:7f:82:ee:c0:dc:ae:04:4d:cd:6a:2b:9e:a3:30:
                    c0:04:1f:56:b5:d7:6e:8d:07:40:26:88:81:bc:08:
                    ed:4a:06:31:1b:1f:34:62:d3:0d:6e:50:cc:99:15:
                    28:2c:a3:f6:17:88:ed:a5:51:c7:2b:12:3f:39:39:
                    56:03:e6:47:5d:8f:2e:2d:5d:8d:6b:19:e7:28:8b:
                    e4:ea:85:3e:0a:d1:5b:52:fb:cd:b1:1e:99:06:ee:
                    42:70:74:ec:68:49:d5:55:3c:04:9c:bf:b4:21:0f:
                    bd:45:af:69:7d:90:04:8b:08:b6:d7:c2:9e:a5:0e:
                    4c:d5:3c:8f:18:4b:6a:4f:6c:81:3a:63:3d:1c:f5:
                    b5:04:d8:a9:ff:0f:a4:1d:b5:54:35:e9:6a:13:2f:
                    1a:02:b5:b8:69:09:6b:9c:c4:57:8f:a5:63:67:06:
                    99:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:D0:D1:DF:41:5D:02:4D:72:9C:FC:AC:75:65:E6:E8:E7:2F:32:C8
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/d9DR30FdAk1ynPysdWXm6OcvMsg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c5:90:ed:5a:97:4e:af:14:6b:a4:f7:e3:7c:81:9b:4f:84:30:
         87:fb:1f:53:c0:b2:1e:5f:09:d6:d6:6e:a0:16:cb:db:52:9f:
         b9:a9:22:39:2b:44:b4:31:2e:87:ac:28:18:f3:51:fd:61:7e:
         83:ec:7e:99:8d:71:a1:ad:b1:e0:a7:09:fd:fa:cc:54:be:73:
         03:92:39:9b:0f:87:24:8b:73:8b:ef:8b:71:9c:27:53:9e:38:
         02:72:2e:23:70:8f:61:88:8c:4e:83:e2:fc:7c:41:fc:0d:bb:
         6d:ec:c7:a2:fa:6f:75:f0:b4:bd:82:dd:8b:53:04:d3:6d:9f:
         57:ff:76:76:06:22:5e:c4:44:6a:04:08:e2:e3:97:b1:88:06:
         ee:03:bd:9a:bc:b8:10:f5:06:80:35:08:33:96:11:e8:ca:15:
         4a:53:2a:f2:50:36:45:00:cc:38:ec:aa:4e:b7:d7:b5:df:ed:
         3a:cf:7e:b3:6c:ed:e7:b7:66:22:26:4a:5d:7a:3d:0a:88:20:
         d9:d8:a2:c6:67:9c:9f:42:ec:9e:3e:88:8a:85:36:ae:1c:f4:
         20:46:66:98:f6:e4:d7:d2:31:d1:59:dd:ca:37:0a:ef:63:bb:
         40:2c:22:28:34:25:c9:b2:29:da:7e:ef:41:74:64:3b:07:d9:
         23:24:e8:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhsKZZDyrMCJ1U5RL4C3O++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwNTMwMTAxNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2QwZDFkZjQxNWQwMjRkNzI5Y2ZjYWM3NTY1ZTZlOGU3MmYzMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJ2/PKzHtA4sP3YWOvUY1uLghwYN
lotGWaWXlKLhw96hFHlfBjo9zNVJyqH2qNGqeFinjOtyfS51mJBVnABPz14Hf9e2
FvTyYwAub5fbFYaNBblxh5owT/qAf4LuwNyuBE3NaiueozDABB9WtddujQdAJoiB
vAjtSgYxGx80YtMNblDMmRUoLKP2F4jtpVHHKxI/OTlWA+ZHXY8uLV2NaxnnKIvk
6oU+CtFbUvvNsR6ZBu5CcHTsaEnVVTwEnL+0IQ+9Ra9pfZAEiwi218KepQ5M1TyP
GEtqT2yBOmM9HPW1BNip/w+kHbVUNelqEy8aArW4aQlrnMRXj6VjZwaZyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfQ0d9BXQJNcpz8rHVl5ujnLzLIMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvZDlEUjMwRmRBazF5blB5c2RXWG02T2N2TXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZl8MA0G
CSqGSIb3DQEBCwUAA4IBAQDFkO1al06vFGuk9+N8gZtPhDCH+x9TwLIeXwnW1m6g
FsvbUp+5qSI5K0S0MS6HrCgY81H9YX6D7H6ZjXGhrbHgpwn9+sxUvnMDkjmbD4ck
i3OL74txnCdTnjgCci4jcI9hiIxOg+L8fEH8Dbtt7Mei+m918LS9gt2LUwTTbZ9X
/3Z2BiJexERqBAji45exiAbuA72avLgQ9QaANQgzlhHoyhVKUyryUDZFAMw47KpO
t9e13+06z36zbO3nt2YiJkpdej0KiCDZ2KLGZ5yfQuyePoiKhTauHPQgRmaY9uTX
0jHRWd3KNwrvY7tALCIoNCXJsinafu9BdGQ7B9kjJOjw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org