Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cGMxs5zt2Y8HVKTwmZJKvXqQmHk.roa
File:                     cGMxs5zt2Y8HVKTwmZJKvXqQmHk.roa (raw, json)
Hash identifier:          O9v0ama12GkDJloDiwHfzF+cAsxLNSW14RnxhiiP/X4=
Subject key identifier:   70:63:31:B3:9C:ED:D9:8F:07:54:A4:F0:99:92:4A:BD:7A:90:98:79
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0185711E49DF8A8B16EE48073AC00A454ED6
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cGMxs5zt2Y8HVKTwmZJKvXqQmHk.roa
Signing time:             Mon 02 Jan 2023 06:14:48 +0000
ROA not before:           Mon 02 Jan 2023 06:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137443
IP address blocks:        45.13.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 07:24:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:49:df:8a:8b:16:ee:48:07:3a:c0:0a:45:4e:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 06:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=706331b39cedd98f0754a4f099924abd7a909879
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:1d:9c:37:8f:e9:3a:bb:61:2f:23:32:c7:77:
                    4c:f5:af:0a:8e:9c:0a:9f:0a:44:22:41:a9:ad:fb:
                    2c:fa:aa:a0:d2:d7:04:be:e4:58:dd:fd:96:59:3f:
                    6c:f4:9f:ff:9a:1d:8d:39:7e:aa:12:11:5a:53:55:
                    ba:da:0c:b1:96:89:e2:a2:1b:1d:60:d0:e7:94:f4:
                    e9:11:15:53:1b:04:f6:4e:ed:0f:8a:80:23:22:38:
                    3b:7c:94:ff:3b:dd:5f:0b:31:6f:63:a2:37:27:6e:
                    df:8d:da:5d:45:63:01:8b:15:ca:7d:15:5f:f8:d7:
                    0a:bc:42:0f:37:91:78:2c:43:c7:5b:88:ab:39:10:
                    45:06:a5:2a:7e:cc:f4:55:ef:4f:36:82:57:04:87:
                    d1:75:85:ee:5b:3e:9c:3a:7b:f4:e9:1d:9b:d5:68:
                    88:4e:05:ca:09:a6:8d:32:20:5c:eb:80:fc:1f:c0:
                    87:e9:15:50:c0:68:3b:fa:fb:d3:85:03:98:f6:f1:
                    13:b3:1e:ab:8e:40:34:d5:a8:af:02:7c:9f:2a:ab:
                    b5:4d:c4:4f:f1:b9:76:77:af:bf:95:ad:3a:8d:92:
                    da:70:74:f2:ce:8d:31:9a:53:ec:72:e9:d4:9b:a5:
                    9e:31:63:61:24:d5:7f:6a:7a:d4:ec:2f:79:a4:71:
                    88:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:63:31:B3:9C:ED:D9:8F:07:54:A4:F0:99:92:4A:BD:7A:90:98:79
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cGMxs5zt2Y8HVKTwmZJKvXqQmHk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:c4:cd:14:db:b8:4b:60:ac:76:22:b9:2e:e9:06:01:f1:b9:
         21:88:84:d9:37:33:de:b4:d9:3f:d8:b4:27:00:e8:b9:9e:d1:
         d3:82:4f:49:13:bd:17:02:49:07:d1:85:0d:de:1c:06:c8:ea:
         83:b3:ef:7f:9b:4b:95:cc:a1:a7:98:da:8b:9d:7a:75:9f:e1:
         cb:c3:ee:cd:ca:90:a0:04:9c:fb:8b:c6:87:0e:bc:01:56:85:
         36:5c:64:a3:23:1f:e2:83:ab:61:3d:e3:4d:69:c7:c6:ef:f0:
         08:1a:87:cc:79:7b:37:11:9b:ca:05:de:20:aa:3f:be:66:10:
         23:c8:c8:a6:6b:43:26:28:49:d5:9c:67:6d:cf:82:66:07:9d:
         f5:84:28:ef:04:91:69:85:43:e7:79:31:7a:8a:0c:6a:53:47:
         26:a6:1a:c9:a6:ae:cc:b3:16:94:59:8e:57:92:e1:b4:87:b0:
         1b:ef:8a:79:b2:3f:89:2b:05:57:79:b2:36:96:ad:3b:1c:a3:
         3a:99:81:0f:db:b6:da:61:6a:70:76:5f:d6:15:0a:01:9a:83:
         9b:ad:ce:d0:76:5d:75:ed:62:fb:4b:bf:79:88:48:ac:08:3b:
         7b:26:5b:78:36:f5:47:66:d5:3e:4f:68:56:11:f5:46:2b:55:
         23:44:7f:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHknfiosW7kgHOsAKRU7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDYzMzFiMzljZWRkOThmMDc1NGE0ZjA5OTkyNGFiZDdhOTA5ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR2cN4/pOrthLyMyx3dM9a8KjpwK
nwpEIkGprfss+qqg0tcEvuRY3f2WWT9s9J//mh2NOX6qEhFaU1W62gyxloniohsd
YNDnlPTpERVTGwT2Tu0PioAjIjg7fJT/O91fCzFvY6I3J27fjdpdRWMBixXKfRVf
+NcKvEIPN5F4LEPHW4irORBFBqUqfsz0Ve9PNoJXBIfRdYXuWz6cOnv06R2b1WiI
TgXKCaaNMiBc64D8H8CH6RVQwGg7+vvThQOY9vETsx6rjkA01aivAnyfKqu1TcRP
8bl2d6+/la06jZLacHTyzo0xmlPscunUm6WeMWNhJNV/anrU7C95pHGIvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBjMbOc7dmPB1Sk8JmSSr16kJh5MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvY0dNeHM1enQyWThIVktUd21aSkt2WHFRbUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ13MA0G
CSqGSIb3DQEBCwUAA4IBAQBExM0U27hLYKx2Irku6QYB8bkhiITZNzPetNk/2LQn
AOi5ntHTgk9JE70XAkkH0YUN3hwGyOqDs+9/m0uVzKGnmNqLnXp1n+HLw+7NypCg
BJz7i8aHDrwBVoU2XGSjIx/ig6thPeNNacfG7/AIGofMeXs3EZvKBd4gqj++ZhAj
yMima0MmKEnVnGdtz4JmB531hCjvBJFphUPneTF6igxqU0cmphrJpq7MsxaUWY5X
kuG0h7Ab74p5sj+JKwVXebI2lq07HKM6mYEP27baYWpwdl/WFQoBmoObrc7Qdl11
7WL7S795iEisCDt7Jlt4NvVHZtU+T2hWEfVGK1UjRH+O
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org