Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/yvTOHO9vwarGdfcgzW2VSqpT4lc.roa
File:                     yvTOHO9vwarGdfcgzW2VSqpT4lc.roa (raw, json)
Hash identifier:          ApmjAFow8DatxlnYOKwJWDL5gnLl3NVrU5xHe0pb8wU=
Subject key identifier:   CA:F4:CE:1C:EF:6F:C1:AA:C6:75:F7:20:CD:6D:95:4A:AA:53:E2:57
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       01894AB82F85181891510DD21AA8DD3152B0
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/yvTOHO9vwarGdfcgzW2VSqpT4lc.roa
Signing time:             Wed 12 Jul 2023 15:28:52 +0000
ROA not before:           Wed 12 Jul 2023 15:28:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        45.84.242.0/23 maxlen: 24
                          185.104.14.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 13 Aug 2023 19:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:4a:b8:2f:85:18:18:91:51:0d:d2:1a:a8:dd:31:52:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Jul 12 15:28:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=caf4ce1cef6fc1aac675f720cd6d954aaa53e257
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:b7:4d:a4:98:a6:9c:1e:6c:b5:22:48:99:70:
                    17:7b:61:f6:66:d1:7b:76:7e:34:55:46:49:d8:dc:
                    12:2c:37:01:74:45:14:fb:38:67:18:dc:b8:68:c1:
                    77:19:51:86:b4:a1:a8:21:c2:bf:59:a9:02:cc:10:
                    b1:e2:71:cd:58:92:a2:20:f3:a9:d9:a3:fe:8c:f3:
                    95:93:11:19:cc:0d:65:5a:93:22:6a:24:b3:91:5e:
                    84:66:0f:7e:cc:2f:bc:30:6a:58:f8:74:02:21:52:
                    02:1f:e7:55:9d:a0:7c:81:a6:d5:45:f1:48:a9:57:
                    2c:6e:a7:f8:45:f6:26:9f:7e:57:85:ad:04:78:42:
                    d9:b0:5e:f0:c1:d5:17:9a:88:48:d3:d8:09:8e:77:
                    46:56:06:4c:de:2f:dc:0f:82:e3:ed:c2:1d:35:24:
                    28:39:69:e7:b8:7a:9c:30:80:4a:0e:c7:cd:9e:b7:
                    e7:74:21:01:0b:62:70:c7:1e:f3:3a:2c:e9:77:1e:
                    39:29:80:2b:52:29:14:b0:6f:a4:b3:fe:a2:b9:4c:
                    69:88:63:6b:6c:1e:cf:2f:dd:1b:7f:65:14:16:f2:
                    3b:08:fa:3c:d5:3d:0b:d9:18:58:5b:94:fa:49:c4:
                    ad:6c:66:18:6e:71:25:7b:eb:dd:70:7d:4a:bb:fd:
                    13:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:F4:CE:1C:EF:6F:C1:AA:C6:75:F7:20:CD:6D:95:4A:AA:53:E2:57
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/yvTOHO9vwarGdfcgzW2VSqpT4lc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.242.0/23
                  185.104.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1b:61:5f:03:b4:b5:e1:ff:3d:26:d4:27:8d:df:ce:49:4c:2b:
         47:35:b2:b2:2f:80:bc:f7:49:89:dc:53:69:e2:50:c7:51:50:
         ba:f6:0b:fb:12:0a:75:9a:25:d7:ba:e5:9d:f0:85:0a:ca:c7:
         0a:1c:33:36:2a:c5:ef:10:56:3e:f8:ef:fe:b8:db:a0:a6:4e:
         ad:03:7d:f5:2e:86:72:cb:92:b6:6a:fc:6b:08:b9:32:10:6f:
         6f:57:02:b8:24:fa:f3:64:77:c1:2e:61:33:87:03:7c:7c:7d:
         fa:c8:13:28:8c:35:dc:28:77:06:3a:60:0c:5c:7c:ba:6c:8e:
         bb:7d:4a:b0:39:2f:84:44:c1:28:50:87:de:09:e7:2b:3f:91:
         5b:d6:06:b7:f0:06:e2:68:39:11:bd:f9:09:76:b0:c0:d1:c5:
         08:ac:d0:c3:7f:32:55:bd:6d:9d:9d:6f:f3:5f:79:88:3c:88:
         66:6d:08:bc:8c:24:85:ed:af:83:51:2b:62:5b:56:2b:f9:4c:
         93:5f:41:c2:03:d0:09:4f:1e:5c:91:f0:3f:78:41:eb:95:cb:
         1a:50:42:22:1a:3d:48:b9:fc:80:eb:12:63:21:9e:ef:11:7f:
         04:12:5c:f8:ea:3d:50:93:6d:a5:d1:05:54:f4:1b:88:d8:f6:
         f9:23:66:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlKuC+FGBiRUQ3SGqjdMVKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjMwNzEyMTUyODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY0Y2UxY2VmNmZjMWFhYzY3NWY3MjBjZDZkOTU0YWFhNTNlMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrdNpJimnB5stSJImXAXe2H2ZtF7
dn40VUZJ2NwSLDcBdEUU+zhnGNy4aMF3GVGGtKGoIcK/WakCzBCx4nHNWJKiIPOp
2aP+jPOVkxEZzA1lWpMiaiSzkV6EZg9+zC+8MGpY+HQCIVICH+dVnaB8gabVRfFI
qVcsbqf4RfYmn35Xha0EeELZsF7wwdUXmohI09gJjndGVgZM3i/cD4Lj7cIdNSQo
OWnnuHqcMIBKDsfNnrfndCEBC2Jwxx7zOizpdx45KYArUikUsG+ks/6iuUxpiGNr
bB7PL90bf2UUFvI7CPo81T0L2RhYW5T6ScStbGYYbnEle+vdcH1Ku/0T2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMr0zhzvb8GqxnX3IM1tlUqqU+JXMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEveXZUT0hPOXZ3YXJHZGZjZ3pXMlZTcXBUNGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVTyAwQB
uWgOMA0GCSqGSIb3DQEBCwUAA4IBAQAbYV8DtLXh/z0m1CeN385JTCtHNbKyL4C8
90mJ3FNp4lDHUVC69gv7Egp1miXXuuWd8IUKyscKHDM2KsXvEFY++O/+uNugpk6t
A331LoZyy5K2avxrCLkyEG9vVwK4JPrzZHfBLmEzhwN8fH36yBMojDXcKHcGOmAM
XHy6bI67fUqwOS+ERMEoUIfeCecrP5Fb1ga38AbiaDkRvfkJdrDA0cUIrNDDfzJV
vW2dnW/zX3mIPIhmbQi8jCSF7a+DUStiW1Yr+UyTX0HCA9AJTx5ckfA/eEHrlcsa
UEIiGj1IufyA6xJjIZ7vEX8EElz46j1Qk22l0QVU9BuI2Pb5I2ZY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org