Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/8kcKy4oF5e8Ub6rB9xK2FKOvFp8.roa
File:                     8kcKy4oF5e8Ub6rB9xK2FKOvFp8.roa (raw, json)
Hash identifier:          BHYscXOjvhtJ5HrU5eJvNpai0st0OYHAr6yKUcHEhMM=
Subject key identifier:   F2:47:0A:CB:8A:05:E5:EF:14:6F:AA:C1:F7:12:B6:14:A3:AF:16:9F
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0185711E3A69AF101E6CD14E493B91C7A07A
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/8kcKy4oF5e8Ub6rB9xK2FKOvFp8.roa
Signing time:             Mon 02 Jan 2023 06:14:44 +0000
ROA not before:           Mon 02 Jan 2023 06:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34872
IP address blocks:        45.154.97.0/24 maxlen: 24
                          194.28.98.0/23 maxlen: 24
                          2a0c:b641:540::/44 maxlen: 48
                          2a0f:8400::/32 maxlen: 48
                          2a0c:b641::/44 maxlen: 48
                          2a0c:b641:30::/44 maxlen: 48
                          2a0c:b640::/32 maxlen: 48
                          2a0c:b641:70f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 25 Jun 2023 13:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:3a:69:af:10:1e:6c:d1:4e:49:3b:91:c7:a0:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 06:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2470acb8a05e5ef146faac1f712b614a3af169f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a8:21:d7:48:40:b3:ba:f5:01:35:2b:18:e3:
                    c5:30:6b:33:9c:75:1d:b2:39:03:2c:82:8a:2d:68:
                    17:1a:6b:05:72:0b:d4:36:a0:19:63:96:56:48:79:
                    2c:99:c1:3d:b6:57:9d:0b:10:db:24:d6:7e:31:b6:
                    32:cf:6f:2d:9e:72:93:11:25:42:f6:15:6a:2f:e4:
                    da:d3:59:24:ab:8a:63:fb:35:9b:3b:17:af:95:60:
                    8e:bb:78:5b:2b:9d:17:36:7a:11:4f:c7:ba:96:ad:
                    77:8e:d4:cf:17:bb:06:1f:d0:55:d4:4d:0f:a5:b7:
                    66:76:92:2c:31:c1:5e:c9:51:d8:6f:28:a1:26:da:
                    39:5f:fe:86:06:d3:12:74:ca:0b:93:a6:a6:59:1a:
                    f5:06:80:3f:2e:e2:99:71:e4:ac:d2:59:cd:e4:b9:
                    bd:b2:aa:69:6c:bd:78:19:97:50:f6:af:1f:91:06:
                    af:6d:67:2b:ca:d1:42:41:1e:47:70:1c:b8:24:2a:
                    4d:92:3d:70:79:56:c0:41:4f:e4:6c:a2:ef:24:d1:
                    92:03:47:e4:a4:cd:09:3d:cb:c6:ab:af:06:4b:cb:
                    38:ae:81:24:c1:24:5a:9e:33:ff:ab:a0:c5:d3:78:
                    80:43:e0:88:8d:ba:2d:e3:38:45:b0:87:67:ae:f8:
                    83:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:47:0A:CB:8A:05:E5:EF:14:6F:AA:C1:F7:12:B6:14:A3:AF:16:9F
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/8kcKy4oF5e8Ub6rB9xK2FKOvFp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.97.0/24
                  194.28.98.0/23
                IPv6:
                  2a0c:b640::-2a0c:b641:f:ffff:ffff:ffff:ffff:ffff
                  2a0c:b641:30::/44
                  2a0c:b641:540::/44
                  2a0c:b641:70f::/48
                  2a0f:8400::/32

    Signature Algorithm: sha256WithRSAEncryption
         80:4c:f3:fa:b7:a7:5a:48:63:f9:50:35:fc:12:d9:e2:61:78:
         a9:8a:94:4b:dc:dd:f9:c8:41:4e:6c:43:42:9f:99:1a:9b:70:
         07:04:8c:0e:1c:25:a2:10:34:2f:d2:8c:cb:be:e9:21:03:84:
         ca:f6:fd:b6:3f:d3:05:c6:2a:9a:ac:53:05:ea:13:32:74:5d:
         8e:36:2a:93:29:81:95:5b:2c:c4:24:31:34:83:f7:09:91:a2:
         5a:5c:ed:09:1f:c9:56:32:b1:92:26:4b:1a:d0:9d:b4:3e:91:
         00:4f:3c:7d:d9:ea:c1:5f:70:1e:cf:63:68:76:8b:80:f8:d8:
         01:9c:6f:03:1a:84:b6:e2:32:9f:73:58:4f:a2:22:9a:78:d3:
         13:7c:66:36:77:e0:7f:57:cc:25:7d:82:be:e3:73:c7:a0:eb:
         e2:2c:07:0e:a3:32:f5:86:be:04:9e:f3:ba:0d:82:1b:18:7a:
         8f:72:da:e2:51:1b:fe:5a:0c:d1:91:5a:3e:ce:70:b9:40:1c:
         2a:a7:53:11:3b:ea:20:df:f4:50:95:22:59:5b:45:09:e4:f7:
         5e:93:6a:44:f9:42:14:d6:4a:53:17:2f:5f:8a:11:29:00:11:
         40:1e:41:4b:b7:38:46:30:73:04:0a:1b:d7:48:40:0f:3d:f3:
         da:e8:70:80
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVxHjpprxAebNFOSTuRx6B6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ3MGFjYjhhMDVlNWVmMTQ2ZmFhYzFmNzEyYjYxNGEzYWYxNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsagh10hAs7r1ATUrGOPFMGsznHUd
sjkDLIKKLWgXGmsFcgvUNqAZY5ZWSHksmcE9tledCxDbJNZ+MbYyz28tnnKTESVC
9hVqL+Ta01kkq4pj+zWbOxevlWCOu3hbK50XNnoRT8e6lq13jtTPF7sGH9BV1E0P
pbdmdpIsMcFeyVHYbyihJto5X/6GBtMSdMoLk6amWRr1BoA/LuKZceSs0lnN5Lm9
sqppbL14GZdQ9q8fkQavbWcrytFCQR5HcBy4JCpNkj1weVbAQU/kbKLvJNGSA0fk
pM0JPcvGq68GS8s4roEkwSRanjP/q6DF03iAQ+CIjbot4zhFsIdnrviDeQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPJHCsuKBeXvFG+qwfcSthSjrxafMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvOGtjS3k0b0Y1ZThVYjZyQjl4SzJGS092RnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDASBAIAATAMAwQALZphAwQB
whxiMDoEAgACMDQwEAMFBioMtkADBwQqDLZBAAADBwQqDLZBADADBwQqDLZBBUAD
BwAqDLZBBw8DBQAqD4QAMA0GCSqGSIb3DQEBCwUAA4IBAQCATPP6t6daSGP5UDX8
EtniYXipipRL3N35yEFObENCn5kam3AHBIwOHCWiEDQv0ozLvukhA4TK9v22P9MF
xiqarFMF6hMydF2ONiqTKYGVWyzEJDE0g/cJkaJaXO0JH8lWMrGSJksa0J20PpEA
Tzx92erBX3Aez2NodouA+NgBnG8DGoS24jKfc1hPoiKaeNMTfGY2d+B/V8wlfYK+
43PHoOviLAcOozL1hr4EnvO6DYIbGHqPctriURv+WgzRkVo+znC5QBwqp1MRO+og
3/RQlSJZW0UJ5Pdek2pE+UIU1kpTFy9fihEpABFAHkFLtzhGMHMEChvXSEAPPfPa
6HCA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org