Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/dTOokQwud-CrpbuYCp8gn8ieTbc.roa
File:                     dTOokQwud-CrpbuYCp8gn8ieTbc.roa (raw, json)
Hash identifier:          2c49g6aq4nB9bLCK/nYMuNp+KOjfy3X6q2Cn15f179M=
Subject key identifier:   75:33:A8:91:0C:2E:77:E0:AB:A5:BB:98:0A:9F:20:9F:C8:9E:4D:B7
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       01856C53D5744CA259618E7A665E8DC46A5C
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/dTOokQwud-CrpbuYCp8gn8ieTbc.roa
Signing time:             Sun 01 Jan 2023 07:55:11 +0000
ROA not before:           Sun 01 Jan 2023 07:55:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62468
IP address blocks:        45.137.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:d5:74:4c:a2:59:61:8e:7a:66:5e:8d:c4:6a:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Jan  1 07:55:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7533a8910c2e77e0aba5bb980a9f209fc89e4db7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:48:eb:59:2d:4b:b1:6c:4e:d2:70:52:b5:b0:
                    cb:88:ba:a6:ec:87:53:ca:65:d1:8c:5b:52:ec:f3:
                    8b:d7:75:b2:8b:d4:ae:24:b8:fd:74:e5:3a:b0:97:
                    96:dd:d8:49:3e:f1:5f:c4:68:bd:70:a9:51:70:72:
                    ab:32:5c:de:c8:fe:6d:ad:33:09:34:0b:d0:94:c0:
                    2f:97:77:37:15:89:38:7c:51:20:9a:75:67:25:5f:
                    b7:99:a6:dc:57:ae:d9:17:ab:4c:ae:a1:1e:bc:d9:
                    71:dd:09:40:a2:09:2b:bb:78:45:86:19:ce:49:ae:
                    55:9f:55:4b:33:a3:02:53:b1:92:bb:e7:dc:55:5e:
                    43:b7:ae:04:f0:e9:99:33:d8:70:9b:a2:50:14:59:
                    5c:21:af:84:7e:62:1b:e6:aa:3e:0a:f1:f5:70:8d:
                    d7:13:7e:51:2e:7a:d3:ce:30:ff:01:e0:94:1f:58:
                    5b:57:fb:f3:a9:9d:32:ce:f3:9f:fb:2d:f2:c3:ab:
                    6b:29:46:cb:a7:ee:56:34:92:1e:b8:1d:a7:7c:33:
                    c1:9d:d0:61:6c:84:95:3f:6a:f9:df:cb:1c:62:01:
                    ff:97:a2:b0:c2:5d:22:32:eb:3c:5a:39:2c:da:32:
                    3d:68:4c:84:b1:79:99:fa:bc:0d:f9:8a:06:57:8e:
                    43:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:33:A8:91:0C:2E:77:E0:AB:A5:BB:98:0A:9F:20:9F:C8:9E:4D:B7
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/dTOokQwud-CrpbuYCp8gn8ieTbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:af:f1:23:59:4c:d6:59:5e:98:52:aa:6f:98:40:17:07:fc:
         94:bd:bc:c6:a9:70:95:82:41:bd:d0:02:08:0a:08:97:39:fd:
         15:a8:bc:59:0d:88:2f:34:0b:58:0b:bf:33:17:61:3a:e5:ef:
         3d:11:a6:1c:75:fa:e0:a6:4d:b2:1e:88:76:26:b7:64:79:6b:
         cb:f9:04:f1:36:b8:68:b0:5f:b6:13:c6:10:8a:6e:a7:ce:9b:
         ef:8b:fd:d0:60:d8:80:ff:0c:11:56:c0:e0:bf:56:94:d2:21:
         5a:73:0f:ca:27:0e:ee:83:2e:9e:31:e3:d6:2a:30:53:63:10:
         c6:ab:b9:f7:dc:32:e1:52:82:8f:7a:1a:b8:c5:41:ae:cb:3a:
         2d:c6:74:0b:c0:01:a8:dc:09:4c:c9:3d:c3:a5:cb:90:d4:ce:
         db:c2:37:f0:a0:2f:cf:1c:f4:a4:b3:22:7d:02:53:f6:a1:90:
         fb:82:3a:e8:71:27:3e:04:45:71:36:46:5a:4d:4e:93:8b:4e:
         33:b4:ed:59:7d:39:79:77:bc:61:14:33:ae:6e:b6:8c:75:fe:
         75:cf:25:e2:52:53:cd:e3:6e:d1:fc:64:2c:03:54:e5:21:f8:
         07:ca:a7:e9:5f:e2:8b:b1:cd:07:60:f0:13:dc:8b:84:49:58:
         ac:07:1d:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU9V0TKJZYY56Zl6NxGpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMTAxMDc1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTMzYTg5MTBjMmU3N2UwYWJhNWJiOTgwYTlmMjA5ZmM4OWU0ZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50jrWS1LsWxO0nBStbDLiLqm7IdT
ymXRjFtS7POL13Wyi9SuJLj9dOU6sJeW3dhJPvFfxGi9cKlRcHKrMlzeyP5trTMJ
NAvQlMAvl3c3FYk4fFEgmnVnJV+3mabcV67ZF6tMrqEevNlx3QlAogkru3hFhhnO
Sa5Vn1VLM6MCU7GSu+fcVV5Dt64E8OmZM9hwm6JQFFlcIa+EfmIb5qo+CvH1cI3X
E35RLnrTzjD/AeCUH1hbV/vzqZ0yzvOf+y3yw6trKUbLp+5WNJIeuB2nfDPBndBh
bISVP2r538scYgH/l6Kwwl0iMus8Wjks2jI9aEyEsXmZ+rwN+YoGV45DWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUzqJEMLnfgq6W7mAqfIJ/Ink23MB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvZFRPb2tRd3VkLUNycGJ1WUNwOGduOGllVGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYkJMA0G
CSqGSIb3DQEBCwUAA4IBAQAvr/EjWUzWWV6YUqpvmEAXB/yUvbzGqXCVgkG90AII
CgiXOf0VqLxZDYgvNAtYC78zF2E65e89EaYcdfrgpk2yHoh2JrdkeWvL+QTxNrho
sF+2E8YQim6nzpvvi/3QYNiA/wwRVsDgv1aU0iFacw/KJw7ugy6eMePWKjBTYxDG
q7n33DLhUoKPehq4xUGuyzotxnQLwAGo3AlMyT3DpcuQ1M7bwjfwoC/PHPSksyJ9
AlP2oZD7gjrocSc+BEVxNkZaTU6Ti04ztO1ZfTl5d7xhFDOubraMdf51zyXiUlPN
427R/GQsA1TlIfgHyqfpX+KLsc0HYPAT3IuESVisBx1R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org