Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/rKR6HW9Ioz9Rb194TVnz2QOg4AY.roa
File:                     rKR6HW9Ioz9Rb194TVnz2QOg4AY.roa (raw, json)
Hash identifier:          nJLzeeDNl3tjxfJoQkJMxSXA/0y2unB8g517iNcaixc=
Subject key identifier:   AC:A4:7A:1D:6F:48:A3:3F:51:6F:5F:78:4D:59:F3:D9:03:A0:E0:06
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       018CC64B64D178CFACBF7535C952E2AAF656
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/rKR6HW9Ioz9Rb194TVnz2QOg4AY.roa
Signing time:             Mon 01 Jan 2024 18:31:18 +0000
ROA not before:           Mon 01 Jan 2024 18:31:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        45.132.236.0/24 maxlen: 24
                          45.132.237.0/24 maxlen: 24
                          45.131.176.0/24 maxlen: 24
                          45.131.177.0/24 maxlen: 24
                          45.128.144.0/24 maxlen: 24
                          45.128.145.0/24 maxlen: 24
                          45.137.8.0/24 maxlen: 24
                          45.137.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Feb 2024 03:36:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:64:d1:78:cf:ac:bf:75:35:c9:52:e2:aa:f6:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Jan  1 18:31:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=aca47a1d6f48a33f516f5f784d59f3d903a0e006
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a1:57:b0:b4:fb:e6:2a:d7:34:bf:48:6a:80:
                    77:1f:25:11:fc:2d:25:5f:59:02:80:ae:b2:da:cc:
                    71:e7:ce:18:54:e2:ab:b9:f5:1d:5e:51:b4:f9:7a:
                    b5:65:fb:82:05:cf:9a:77:9f:3a:07:e6:d5:3e:0b:
                    7b:c0:c4:9b:92:17:ce:da:0c:94:b1:68:bd:f2:6a:
                    f0:f1:77:e1:59:51:68:86:dd:11:da:22:0a:a4:53:
                    af:4f:9f:ba:8e:14:6d:cc:4e:d3:c1:34:2f:e6:ce:
                    5b:66:52:f3:3e:ef:ea:2b:a5:ce:a9:6c:a7:12:8d:
                    8f:2c:c5:1c:4b:6c:44:d5:95:b2:97:78:5e:f0:59:
                    42:fb:78:65:d6:6e:74:7e:12:10:69:25:9c:1c:73:
                    4b:3e:e2:52:0f:d6:59:bc:d7:61:3e:12:99:9b:31:
                    ce:32:79:77:18:f3:f9:cf:37:37:00:b0:5c:af:88:
                    10:d7:40:12:4d:8c:15:ee:38:73:73:49:08:59:26:
                    0f:f0:be:4b:7d:84:f0:9c:11:93:5b:3e:79:73:a7:
                    06:56:a6:a1:42:92:7b:a4:57:04:69:03:70:7c:57:
                    dc:a9:63:92:fa:5d:da:f9:5e:4a:cd:55:04:c1:ce:
                    eb:aa:e7:d2:8e:20:34:01:e9:3d:52:49:f1:7c:6c:
                    aa:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:A4:7A:1D:6F:48:A3:3F:51:6F:5F:78:4D:59:F3:D9:03:A0:E0:06
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/rKR6HW9Ioz9Rb194TVnz2QOg4AY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.144.0/23
                  45.131.176.0/23
                  45.132.236.0/23
                  45.137.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:41:78:6c:d1:97:38:aa:42:14:be:9d:bb:ac:dc:e2:46:a1:
         5a:a8:a4:b1:f6:c4:78:b9:a8:31:e1:02:10:cc:c5:59:a9:c7:
         ac:06:0c:e0:d1:9e:a2:28:74:58:84:26:60:46:f1:80:67:ed:
         d5:e4:02:08:c4:48:dd:61:c4:cb:3f:83:2f:26:50:a3:75:3b:
         f7:d9:eb:01:43:a8:8a:ca:ff:64:dc:c7:6a:3b:ab:22:84:1c:
         ba:9c:1f:40:60:5f:6c:a1:32:fd:fc:da:87:7d:72:a3:45:1b:
         41:c4:02:a0:c4:3d:77:31:6e:49:31:61:cf:77:0c:8d:14:4d:
         7f:a3:19:88:b1:60:4b:cf:db:22:7e:e8:81:f6:4f:04:18:54:
         70:5c:40:ea:53:ed:3b:6f:3f:9e:f5:88:b1:f9:ee:58:70:75:
         4a:f4:60:92:21:4e:c5:94:ef:75:85:39:5a:5f:53:f8:f9:1c:
         91:d2:27:e2:6b:a4:23:34:ec:83:07:d4:0f:28:7f:2e:81:c6:
         1d:0a:31:69:77:17:48:ac:9e:67:9d:78:ee:b5:3b:65:58:7d:
         4b:aa:11:77:51:ad:e2:fc:19:55:8b:c7:2c:53:30:1d:95:08:
         63:de:4d:89:76:1c:59:e3:97:6a:75:d5:63:64:a8:55:c8:58:
         b9:1d:3b:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGS2TReM+sv3U1yVLiqvZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2E0N2ExZDZmNDhhMzNmNTE2ZjVmNzg0ZDU5ZjNkOTAzYTBlMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqFXsLT75irXNL9IaoB3HyUR/C0l
X1kCgK6y2sxx584YVOKrufUdXlG0+Xq1ZfuCBc+ad586B+bVPgt7wMSbkhfO2gyU
sWi98mrw8XfhWVFoht0R2iIKpFOvT5+6jhRtzE7TwTQv5s5bZlLzPu/qK6XOqWyn
Eo2PLMUcS2xE1ZWyl3he8FlC+3hl1m50fhIQaSWcHHNLPuJSD9ZZvNdhPhKZmzHO
Mnl3GPP5zzc3ALBcr4gQ10ASTYwV7jhzc0kIWSYP8L5LfYTwnBGTWz55c6cGVqah
QpJ7pFcEaQNwfFfcqWOS+l3a+V5KzVUEwc7rqufSjiA0Aek9UknxfGyq5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKykeh1vSKM/UW9feE1Z89kDoOAGMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvcktSNkhXOUlvejlSYjE5NFRWbnoyUU9nNEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYCQAwQB
LYOwAwQBLYTsAwQBLYkIMA0GCSqGSIb3DQEBCwUAA4IBAQAIQXhs0Zc4qkIUvp27
rNziRqFaqKSx9sR4uagx4QIQzMVZqcesBgzg0Z6iKHRYhCZgRvGAZ+3V5AIIxEjd
YcTLP4MvJlCjdTv32esBQ6iKyv9k3MdqO6sihBy6nB9AYF9soTL9/NqHfXKjRRtB
xAKgxD13MW5JMWHPdwyNFE1/oxmIsWBLz9sifuiB9k8EGFRwXEDqU+07bz+e9Yix
+e5YcHVK9GCSIU7FlO91hTlaX1P4+RyR0ifia6QjNOyDB9QPKH8ugcYdCjFpdxdI
rJ5nnXjutTtlWH1LqhF3Ua3i/BlVi8csUzAdlQhj3k2JdhxZ45dqddVjZKhVyFi5
HTu+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:12 2024 by rpki-client on console-ams.rpki-client.org