Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_xzslyVdFlf0HNdktvZwlsFvipA.roa
File:                     _xzslyVdFlf0HNdktvZwlsFvipA.roa (raw, json)
Hash identifier:          aGnHC/5fX/HNH1kGp3qhnV03yGi13FZhUk7xlGM1p74=
Subject key identifier:   FF:1C:EC:97:25:5D:16:57:F4:1C:D7:64:B6:F6:70:96:C1:6F:8A:90
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7B494D76BF99FF8EF51EBE366BBAD
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_xzslyVdFlf0HNdktvZwlsFvipA.roa
Signing time:             Mon 02 Jan 2023 08:44:54 +0000
ROA not before:           Mon 02 Jan 2023 08:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205835
IP address blocks:        45.15.64.0/22 maxlen: 22
                          178.175.176.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:b4:94:d7:6b:f9:9f:f8:ef:51:eb:e3:66:bb:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff1cec97255d1657f41cd764b6f67096c16f8a90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e3:97:65:58:09:61:2d:da:44:98:09:6c:a4:
                    0b:e6:e4:6a:ac:9a:38:93:03:34:21:b7:c5:01:64:
                    19:df:01:7c:13:2c:88:2e:3b:33:80:37:97:f5:eb:
                    61:ef:c3:18:e3:34:34:3d:e2:cc:6a:89:a8:b8:e6:
                    ce:2c:a8:bd:04:d2:cc:99:79:17:73:92:f0:5d:0a:
                    97:c4:67:d6:6c:26:38:a5:8f:49:12:5b:ae:8a:5f:
                    61:58:1e:b4:bc:01:02:33:14:52:ef:0e:ab:40:4a:
                    77:3d:5d:1a:47:ad:dd:8a:f4:e4:56:7f:69:ee:a9:
                    b3:83:37:48:02:3c:c2:47:92:48:fd:9d:65:90:31:
                    e1:fe:f3:93:cf:c5:11:51:a9:76:f8:95:b9:5f:9f:
                    ed:ee:94:f4:32:83:f3:20:81:e5:d2:49:64:40:c8:
                    bf:f6:44:88:0e:2c:11:3f:a2:8e:a6:ff:3b:dc:2b:
                    6f:72:74:42:d8:de:69:bf:6e:1d:67:c4:7a:f5:3b:
                    d6:5d:e4:57:7b:09:75:d1:2c:c3:76:06:29:25:d3:
                    d6:ce:3e:18:03:1a:d6:04:92:84:89:8f:2b:ac:f6:
                    f7:48:fb:0f:2e:19:1d:fb:c9:dc:cf:52:32:57:12:
                    10:5a:55:dc:14:53:18:d2:c3:89:18:60:68:6e:d3:
                    69:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:1C:EC:97:25:5D:16:57:F4:1C:D7:64:B6:F6:70:96:C1:6F:8A:90
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_xzslyVdFlf0HNdktvZwlsFvipA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.15.64.0/22
                  178.175.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         06:9e:9f:9e:c1:0c:66:49:7f:d5:f8:18:55:67:71:6b:a8:6d:
         98:65:0d:68:96:28:2b:5b:11:6a:30:08:f5:a4:2c:f2:9d:99:
         b0:db:46:4b:da:c3:db:0b:c3:11:12:c1:ab:0d:29:75:54:e9:
         21:33:08:08:c3:42:81:f4:72:e0:6e:2e:ef:e1:50:95:fb:9c:
         34:3c:3b:5e:41:fc:35:3e:62:3d:8b:9b:c3:96:ca:0a:44:10:
         aa:b8:56:d5:24:3f:b1:0c:32:a2:ae:74:58:87:9a:6f:52:bc:
         9f:83:7b:6b:73:b4:4e:22:25:49:1c:af:c3:54:e8:60:17:36:
         47:0e:1f:2e:f3:87:73:e5:c2:d7:11:aa:a6:b4:85:9b:c0:6d:
         b6:bf:dd:1b:cd:77:1f:26:68:75:8e:e8:f5:73:f4:94:4c:21:
         22:aa:3f:35:43:ec:d6:71:85:c6:9a:43:90:68:ec:3f:60:6d:
         8c:33:69:1f:56:74:37:39:e1:65:61:b4:e1:a1:5c:f1:d3:1b:
         60:a8:47:ea:b7:5b:f2:72:ae:08:e1:cf:75:2e:9c:14:17:40:
         ee:7a:fc:ae:91:f4:fd:2f:69:80:ac:c2:db:70:f9:19:80:33:
         f0:94:8f:e1:47:f9:2a:cf:1f:c5:30:9b:58:4b:83:ca:5a:22:
         58:91:bc:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp7SU12v5n/jvUevjZrutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFjZWM5NzI1NWQxNjU3ZjQxY2Q3NjRiNmY2NzA5NmMxNmY4YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+OXZVgJYS3aRJgJbKQL5uRqrJo4
kwM0IbfFAWQZ3wF8EyyILjszgDeX9eth78MY4zQ0PeLMaomouObOLKi9BNLMmXkX
c5LwXQqXxGfWbCY4pY9JEluuil9hWB60vAECMxRS7w6rQEp3PV0aR63divTkVn9p
7qmzgzdIAjzCR5JI/Z1lkDHh/vOTz8URUal2+JW5X5/t7pT0MoPzIIHl0klkQMi/
9kSIDiwRP6KOpv873CtvcnRC2N5pv24dZ8R69TvWXeRXewl10SzDdgYpJdPWzj4Y
AxrWBJKEiY8rrPb3SPsPLhkd+8ncz1IyVxIQWlXcFFMY0sOJGGBobtNpfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP8c7JclXRZX9BzXZLb2cJbBb4qQMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvX3h6c2x5VmRGbGYwSE5ka3R2Wndsc0Z2aXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ9AAwQC
sq+wMA0GCSqGSIb3DQEBCwUAA4IBAQAGnp+ewQxmSX/V+BhVZ3FrqG2YZQ1oligr
WxFqMAj1pCzynZmw20ZL2sPbC8MREsGrDSl1VOkhMwgIw0KB9HLgbi7v4VCV+5w0
PDteQfw1PmI9i5vDlsoKRBCquFbVJD+xDDKirnRYh5pvUryfg3trc7ROIiVJHK/D
VOhgFzZHDh8u84dz5cLXEaqmtIWbwG22v90bzXcfJmh1juj1c/SUTCEiqj81Q+zW
cYXGmkOQaOw/YG2MM2kfVnQ3OeFlYbThoVzx0xtgqEfqt1vycq4I4c91LpwUF0Du
evyukfT9L2mArMLbcPkZgDPwlI/hR/kqzx/FMJtYS4PKWiJYkbzS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org