Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/JOWgbvmx-ghtje839OosxpWD4aE.roa
File:                     JOWgbvmx-ghtje839OosxpWD4aE.roa (raw, json)
Hash identifier:          2RehW075s8XIbiRLehGXj+wJ/qKw7KOJYurfeENTjj8=
Subject key identifier:   24:E5:A0:6E:F9:B1:FA:08:6D:8D:EF:37:F4:EA:2C:C6:95:83:E1:A1
Certificate issuer:       /CN=91f5fcedbdb84dd52fc6770d7ccfd3fc6684fa41
Certificate serial:       01857079A13048E79697354AA4DC992A7902
Authority key identifier: 91:F5:FC:ED:BD:B8:4D:D5:2F:C6:77:0D:7C:CF:D3:FC:66:84:FA:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfX87b24TdUvxncNfM_T_GaE-kE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/JOWgbvmx-ghtje839OosxpWD4aE.roa
Signing time:             Mon 02 Jan 2023 03:14:56 +0000
ROA not before:           Mon 02 Jan 2023 03:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202699
IP address blocks:        45.82.60.0/24 maxlen: 24
                          45.82.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:a1:30:48:e7:96:97:35:4a:a4:dc:99:2a:79:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f5fcedbdb84dd52fc6770d7ccfd3fc6684fa41
        Validity
            Not Before: Jan  2 03:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=24e5a06ef9b1fa086d8def37f4ea2cc69583e1a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:fb:42:ab:85:1d:72:7f:8b:5b:6c:57:fa:70:
                    93:de:4f:89:ff:a0:ed:b3:8f:8c:c2:17:d7:52:11:
                    25:39:7d:b0:e5:0c:c3:d6:80:a9:73:aa:96:b1:11:
                    78:b2:20:f2:d3:fc:2d:11:fb:1e:99:2a:c5:96:cc:
                    f9:0c:8e:13:a8:b4:51:f0:41:57:6d:14:ea:1c:13:
                    57:06:69:cc:e6:7e:73:0c:78:ce:e7:13:c7:b8:d0:
                    cd:e9:bc:92:54:fd:ef:70:e9:49:a9:05:1e:1a:d7:
                    7c:d7:81:7a:2f:24:2e:7c:5f:ad:ce:9f:cc:2e:a9:
                    af:97:ce:7e:a7:f0:b1:88:4a:22:dc:8f:b3:b8:8a:
                    16:f5:46:52:80:7b:b0:04:2a:80:2a:ce:4b:db:41:
                    75:5b:9b:4e:a8:58:49:c2:69:a0:05:fa:21:99:36:
                    56:ab:46:db:ea:9f:17:22:2b:d6:b5:c8:bb:a0:89:
                    7a:dc:2b:f2:57:3b:15:9f:81:4b:16:9a:a3:da:fd:
                    76:94:34:3d:67:4c:39:d7:8d:ef:ce:95:df:a2:3f:
                    ad:d8:96:dd:a2:9a:9b:7a:04:ce:1d:70:f6:f3:bc:
                    a5:ee:69:f0:50:89:50:6c:ca:f5:f6:b2:de:75:f8:
                    b7:c5:1a:18:64:06:6f:08:82:6b:6c:a8:d3:87:58:
                    d7:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E5:A0:6E:F9:B1:FA:08:6D:8D:EF:37:F4:EA:2C:C6:95:83:E1:A1
            X509v3 Authority Key Identifier:
                keyid:91:F5:FC:ED:BD:B8:4D:D5:2F:C6:77:0D:7C:CF:D3:FC:66:84:FA:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfX87b24TdUvxncNfM_T_GaE-kE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/JOWgbvmx-ghtje839OosxpWD4aE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/kfX87b24TdUvxncNfM_T_GaE-kE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.60.0/24
                  45.82.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:6e:11:44:f8:8f:f4:8d:c2:ed:fb:16:e3:83:e6:a9:d7:63:
         f7:ed:4b:41:f7:5e:f4:e7:d0:58:e6:17:3d:7a:b1:72:2b:92:
         7b:c4:e6:a6:cb:99:51:f8:ae:29:a1:1f:6a:0a:4a:45:2a:af:
         10:12:87:83:a7:9f:f5:20:25:05:b3:1e:92:9f:23:cb:d2:99:
         97:9f:3f:02:3f:08:e2:07:50:78:07:72:8a:05:5f:88:ab:b2:
         d4:dc:0d:9b:89:a0:44:01:b9:0b:30:bf:8e:66:3a:e5:ff:7e:
         54:7e:b0:bf:85:5a:21:c3:2c:f7:b3:cf:0c:36:bd:6b:83:6b:
         dc:90:10:5f:55:62:0f:e2:de:fe:84:d6:cf:a4:25:b8:73:38:
         53:d9:27:40:49:ce:5c:a7:7f:20:16:87:5e:36:f4:c8:7b:85:
         f4:66:5c:51:4f:56:fa:bf:7c:c5:10:47:51:06:8d:06:f8:6a:
         93:83:72:22:24:d2:bd:da:9a:ed:a2:77:c4:38:63:5f:ff:c9:
         ee:06:dd:ed:ce:d3:ea:35:0b:2c:2c:fa:af:5f:17:48:6e:87:
         6c:04:0c:ed:3e:cb:b6:a1:31:84:78:f4:9a:aa:de:6a:77:66:
         d7:86:73:b4:16:6d:b1:30:2e:68:34:9d:c6:3a:dd:c9:18:b7:
         88:f8:8a:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVweaEwSOeWlzVKpNyZKnkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjVmY2VkYmRiODRkZDUyZmM2NzcwZDdjY2ZkM2ZjNjY4
NGZhNDEwHhcNMjMwMTAyMDMxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU1YTA2ZWY5YjFmYTA4NmQ4ZGVmMzdmNGVhMmNjNjk1ODNlMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPtCq4Udcn+LW2xX+nCT3k+J/6Dt
s4+MwhfXUhElOX2w5QzD1oCpc6qWsRF4siDy0/wtEfsemSrFlsz5DI4TqLRR8EFX
bRTqHBNXBmnM5n5zDHjO5xPHuNDN6bySVP3vcOlJqQUeGtd814F6LyQufF+tzp/M
Lqmvl85+p/CxiEoi3I+zuIoW9UZSgHuwBCqAKs5L20F1W5tOqFhJwmmgBfohmTZW
q0bb6p8XIivWtci7oIl63CvyVzsVn4FLFpqj2v12lDQ9Z0w5143vzpXfoj+t2Jbd
opqbegTOHXD287yl7mnwUIlQbMr19rLedfi3xRoYZAZvCIJrbKjTh1jXvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCTloG75sfoIbY3vN/TqLMaVg+GhMB8GA1UdIwQY
MBaAFJH1/O29uE3VL8Z3DXzP0/xmhPpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ZYODdiMjRUZFV2eG5jTmZNX1RfR2FFLWtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YTA5ODEtMGFkOC00OGE1LWJmZWMt
OGNjOTgzMzYxMWU2LzEvSk9XZ2J2bXgtZ2h0amU4MzlPb3N4cFdENGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YTA5ODEtMGFkOC00OGE1LWJmZWMtOGNjOTgzMzYxMWU2
LzEva2ZYODdiMjRUZFV2eG5jTmZNX1RfR2FFLWtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVI8AwQA
LVI/MA0GCSqGSIb3DQEBCwUAA4IBAQAYbhFE+I/0jcLt+xbjg+ap12P37UtB9170
59BY5hc9erFyK5J7xOamy5lR+K4poR9qCkpFKq8QEoeDp5/1ICUFsx6SnyPL0pmX
nz8CPwjiB1B4B3KKBV+Iq7LU3A2biaBEAbkLML+OZjrl/35UfrC/hVohwyz3s88M
Nr1rg2vckBBfVWIP4t7+hNbPpCW4czhT2SdASc5cp38gFodeNvTIe4X0ZlxRT1b6
v3zFEEdRBo0G+GqTg3IiJNK92prtonfEOGNf/8nuBt3tztPqNQssLPqvXxdIbods
BAztPsu2oTGEePSaqt5qd2bXhnO0Fm2xMC5oNJ3GOt3JGLeI+Irg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:37 2024 by rpki-client on console-ams.rpki-client.org