Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-dyaBlMYLn3hPunydm69okq7VeA.roa
File:                     1-dyaBlMYLn3hPunydm69okq7VeA.roa (raw, json)
Hash identifier:          5Du/ftRP0FCS0d7Ob3t0wvfF7DGPxd2WXtCiJw0KuRc=
Subject key identifier:   F9:DC:9A:06:53:18:2E:7D:E1:3E:E9:F2:76:6E:BD:A2:4A:BB:55:E0
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       019246DEF1AB0E69B98338F285082C237EA6
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-dyaBlMYLn3hPunydm69okq7VeA.roa
Signing time:             Tue 01 Oct 2024 06:57:48 +0000
ROA not before:           Tue 01 Oct 2024 06:57:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34872
IP address blocks:        45.154.97.0/24 maxlen: 24
                          45.154.99.0/24 maxlen: 24
                          62.3.50.0/24 maxlen: 24
                          194.28.98.0/23 maxlen: 24
                          2a0c:b640::/32 maxlen: 48
                          2a0c:b641::/44 maxlen: 48
                          2a0c:b641:10::/44 maxlen: 48
                          2a0c:b641:60::/44 maxlen: 48
                          2a0c:b641:150::/44 maxlen: 48
                          2a0c:b641:540::/44 maxlen: 48
                          2a0c:b641:6d0::/44 maxlen: 48
                          2a0c:b641:70f::/48 maxlen: 48
                          2a0c:b641:820::/44 maxlen: 48
                          2a0c:b641:cb0::/44 maxlen: 48
                          2a0f:8400::/32 maxlen: 48
Validation:               Failed, certificate revoked on Thu 10 Oct 2024 20:19:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:46:de:f1:ab:0e:69:b9:83:38:f2:85:08:2c:23:7e:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Oct  1 06:57:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f9dc9a0653182e7de13ee9f2766ebda24abb55e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:37:a8:91:41:3b:29:8f:a9:2b:f9:43:0a:7e:
                    44:32:99:e3:c5:f4:ae:3f:33:85:69:b6:66:57:33:
                    84:46:51:50:3c:36:2d:f7:3a:88:57:0c:53:d6:62:
                    54:71:97:12:8d:0e:d0:8a:b7:58:b2:9d:24:30:0d:
                    55:6c:a5:09:45:ca:87:d2:ba:a0:e4:cb:e4:62:6c:
                    2e:43:ce:b8:6f:84:71:53:48:54:8b:5b:91:f7:3a:
                    9a:b2:4d:0a:1e:38:94:5c:ed:0e:d7:96:b3:6c:3d:
                    5a:60:e1:69:1d:5c:71:b9:4a:d3:f6:61:58:c2:ba:
                    e0:11:ab:c0:8b:ae:09:92:4e:41:4d:88:02:e7:f3:
                    0c:f3:2e:84:44:7d:00:f8:65:ec:26:e2:03:5a:96:
                    36:82:b7:f2:6c:fc:8a:42:4c:4a:28:f3:4c:5b:76:
                    df:63:e8:c5:93:dd:62:bc:4f:6e:b9:bf:3a:9c:e7:
                    1e:8b:48:d4:36:09:01:8d:8d:ac:d6:15:95:46:3c:
                    76:96:e2:8d:01:0d:33:c0:98:a8:ed:73:0d:57:8d:
                    a3:d2:06:25:39:e2:51:f3:c3:54:55:a6:9b:0e:65:
                    42:03:39:b6:b6:a6:98:fd:77:ed:c2:f5:17:cd:bb:
                    df:fd:2a:be:a9:36:55:c3:aa:29:cc:be:27:02:1f:
                    ce:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:DC:9A:06:53:18:2E:7D:E1:3E:E9:F2:76:6E:BD:A2:4A:BB:55:E0
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-dyaBlMYLn3hPunydm69okq7VeA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.97.0/24
                  45.154.99.0/24
                  62.3.50.0/24
                  194.28.98.0/23
                IPv6:
                  2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
                  2a0c:b641:60::/44
                  2a0c:b641:150::/44
                  2a0c:b641:540::/44
                  2a0c:b641:6d0::/44
                  2a0c:b641:70f::/48
                  2a0c:b641:820::/44
                  2a0c:b641:cb0::/44
                  2a0f:8400::/32

    Signature Algorithm: sha256WithRSAEncryption
         88:2a:fd:7c:7f:50:51:02:04:d6:91:ab:bc:c2:67:4b:32:4c:
         41:a7:fb:3c:e3:f4:f4:fe:5b:da:d7:d2:dc:1a:7d:2d:9a:d9:
         1f:97:55:8a:0e:8e:b0:d9:2d:9f:bf:0a:17:b0:3f:8c:de:dd:
         09:b9:34:9b:04:7f:09:bd:c1:0c:78:c8:9b:c1:02:0c:8f:de:
         9b:29:04:a7:c2:1a:e2:ad:9d:f3:88:ea:02:bd:ed:2f:d9:fe:
         7a:d1:c4:9e:c8:3a:04:5c:cf:4d:1b:7f:61:e4:4c:93:de:31:
         95:24:eb:d6:28:06:57:1d:38:00:c9:ff:36:03:57:a6:37:73:
         3e:fa:d0:b8:2d:c6:e0:11:10:d9:9f:b8:b3:5f:ae:96:0f:41:
         70:79:18:da:4b:15:49:79:60:4d:1f:e1:25:20:71:a6:ae:0a:
         2e:e0:0d:70:f0:c0:c8:21:41:b5:b4:da:78:46:70:ab:41:a9:
         b0:3f:d7:07:eb:c6:f8:f5:ec:f5:da:e1:2f:e6:ff:02:21:13:
         0d:1f:0e:82:52:d1:ad:96:68:51:4f:fa:d9:c9:e7:99:9b:0e:
         b8:30:37:e2:d4:71:9a:8d:bc:c6:21:84:01:7a:6e:72:15:d5:
         f6:b1:dc:cd:ee:dc:b2:5d:40:63:b0:01:90:d9:aa:6a:70:7d:
         0f:89:ef:c8
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZJG3vGrDmm5gzjyhQgsI36mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQxMDAxMDY1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRjOWEwNjUzMTgyZTdkZTEzZWU5ZjI3NjZlYmRhMjRhYmI1NWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTeokUE7KY+pK/lDCn5EMpnjxfSu
PzOFabZmVzOERlFQPDYt9zqIVwxT1mJUcZcSjQ7QirdYsp0kMA1VbKUJRcqH0rqg
5MvkYmwuQ864b4RxU0hUi1uR9zqask0KHjiUXO0O15azbD1aYOFpHVxxuUrT9mFY
wrrgEavAi64Jkk5BTYgC5/MM8y6ERH0A+GXsJuIDWpY2grfybPyKQkxKKPNMW3bf
Y+jFk91ivE9uub86nOcei0jUNgkBjY2s1hWVRjx2luKNAQ0zwJio7XMNV42j0gYl
OeJR88NUVaabDmVCAzm2tqaY/XftwvUXzbvf/Sq+qTZVw6opzL4nAh/OgwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPncmgZTGC594T7p8nZuvaJKu1XgMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMS1keWFCbE1ZTG4zaFB1bnlkbTY5b2txN1ZlQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBm
ZC8xL0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkwYIKwYBBQUHAQcBAf8EgYMwgYAwHgQCAAEwGAMEAC2a
YQMEAC2aYwMEAD4DMgMEAcIcYjBeBAIAAjBYMBADBQYqDLZAAwcFKgy2QQAAAwcE
Kgy2QQBgAwcEKgy2QQFQAwcEKgy2QQVAAwcEKgy2QQbQAwcAKgy2QQcPAwcEKgy2
QQggAwcEKgy2QQywAwUAKg+EADANBgkqhkiG9w0BAQsFAAOCAQEAiCr9fH9QUQIE
1pGrvMJnSzJMQaf7POP09P5b2tfS3Bp9LZrZH5dVig6OsNktn78KF7A/jN7dCbk0
mwR/Cb3BDHjIm8ECDI/emykEp8Ia4q2d84jqAr3tL9n+etHEnsg6BFzPTRt/YeRM
k94xlSTr1igGVx04AMn/NgNXpjdzPvrQuC3G4BEQ2Z+4s1+ulg9BcHkY2ksVSXlg
TR/hJSBxpq4KLuANcPDAyCFBtbTaeEZwq0GpsD/XB+vG+PXs9drhL+b/AiETDR8O
glLRrZZoUU/62cnnmZsOuDA34tRxmo28xiGEAXpuchXV9rHcze7csl1AY7ABkNmq
anB9D4nvyA==
-----END CERTIFICATE-----