Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/grp3COnInVqBjRUd4ahTOPKTAUk.roa
File:                     grp3COnInVqBjRUd4ahTOPKTAUk.roa (raw, json)
Hash identifier:          i+d2LBfTmEoLGBdZKK3wOa8TId/5U7Qhh8TUZM02Y0k=
Subject key identifier:   82:BA:77:08:E9:C8:9D:5A:81:8D:15:1D:E1:A8:53:38:F2:93:01:49
Certificate issuer:       /CN=2cefde30b8a58b322a431f0829ed4ff33b5aac18
Certificate serial:       01856FE729EEF61F9B7DE05705C55CBC6A87
Authority key identifier: 2C:EF:DE:30:B8:A5:8B:32:2A:43:1F:08:29:ED:4F:F3:3B:5A:AC:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LO_eMLilizIqQx8IKe1P8ztarBg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/grp3COnInVqBjRUd4ahTOPKTAUk.roa
Signing time:             Mon 02 Jan 2023 00:34:58 +0000
ROA not before:           Mon 02 Jan 2023 00:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207856
IP address blocks:        194.28.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:e7:29:ee:f6:1f:9b:7d:e0:57:05:c5:5c:bc:6a:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cefde30b8a58b322a431f0829ed4ff33b5aac18
        Validity
            Not Before: Jan  2 00:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82ba7708e9c89d5a818d151de1a85338f2930149
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:8d:1e:52:98:07:51:b5:80:a4:0f:69:6f:6b:
                    35:26:21:9c:b0:26:67:c0:5f:cd:67:22:51:78:ce:
                    5c:09:d6:b8:ba:83:35:95:b3:fc:8a:fc:8f:a8:b4:
                    ca:cd:20:15:a5:6d:82:28:9d:a6:07:3b:59:e2:18:
                    0b:db:d8:0c:ef:b6:dc:64:74:32:f5:72:42:da:75:
                    00:09:5c:be:c6:8c:57:88:d2:d5:a8:cf:b6:42:16:
                    ff:ce:01:b0:33:1b:b4:63:2b:56:47:e7:c6:93:c7:
                    35:ce:aa:9f:f4:e1:5c:4c:94:6e:d1:c6:79:a5:dd:
                    b6:c3:5e:f2:c7:91:8c:c9:a2:43:4f:65:a6:85:a7:
                    71:2d:c2:4f:2b:11:0a:d2:5a:1a:17:93:02:8e:45:
                    15:d9:f1:75:1d:3e:a5:a3:25:25:e2:9c:9e:f6:2b:
                    eb:56:1e:67:2a:17:ca:5b:a5:7e:ed:32:75:cb:12:
                    78:5f:e6:0e:98:ab:f1:19:b0:16:85:76:be:1d:ff:
                    e5:1d:32:af:fc:2e:59:04:e7:4d:31:21:2b:2d:12:
                    e4:7d:ff:d5:ad:de:1b:11:72:72:02:8c:71:59:bc:
                    91:9e:84:2d:7e:41:75:3a:3d:cd:77:82:74:d7:2f:
                    8a:1b:01:f7:78:17:98:78:e7:04:14:76:a0:5e:b9:
                    e6:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:BA:77:08:E9:C8:9D:5A:81:8D:15:1D:E1:A8:53:38:F2:93:01:49
            X509v3 Authority Key Identifier:
                keyid:2C:EF:DE:30:B8:A5:8B:32:2A:43:1F:08:29:ED:4F:F3:3B:5A:AC:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LO_eMLilizIqQx8IKe1P8ztarBg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/grp3COnInVqBjRUd4ahTOPKTAUk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/33a0f9-1178-4a6d-b964-ff765f8531d5/1/LO_eMLilizIqQx8IKe1P8ztarBg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.28.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:0a:6b:a6:0e:16:26:dd:3d:57:66:40:d8:50:d7:97:48:5e:
         73:f2:3b:bf:66:4b:7f:6a:2d:c7:7e:48:e3:68:03:50:31:d4:
         b9:e6:1b:8f:d9:bb:7f:45:ce:06:d2:36:34:f3:5d:0a:42:67:
         48:82:88:6d:5b:79:b9:5a:46:41:72:3c:68:b4:42:e0:c3:23:
         63:23:f1:79:c1:a8:36:6f:9d:5a:84:86:49:8f:6c:55:47:81:
         c0:2d:5a:bb:71:81:cc:6b:35:a6:e6:f9:19:ea:06:0c:b6:26:
         3c:dd:57:ec:69:b6:70:4f:35:2f:bd:07:29:6b:35:36:a5:54:
         89:d2:6f:1f:1a:3f:87:4f:b3:89:d6:ad:4c:bd:21:d3:54:b2:
         f3:62:8b:de:91:8d:b1:3e:b4:66:e7:85:80:f9:53:fa:af:2b:
         52:c1:ee:5c:cf:e0:6d:a4:ef:6c:79:04:eb:a1:16:a3:9f:8f:
         df:99:27:0a:a2:c6:4d:03:94:dc:6f:1c:5e:c7:92:6a:34:99:
         c8:52:38:a8:4f:4e:40:cf:50:c7:5a:6c:bb:db:da:8f:7c:9b:
         31:21:73:0f:d8:19:75:e0:28:30:ce:4f:84:fa:98:94:0a:c2:
         7e:1a:83:c8:b2:be:95:cc:b3:6d:15:12:aa:b1:1d:de:b7:2c:
         62:7e:6e:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5ynu9h+bfeBXBcVcvGqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWZkZTMwYjhhNThiMzIyYTQzMWYwODI5ZWQ0ZmYzM2I1
YWFjMTgwHhcNMjMwMTAyMDAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmJhNzcwOGU5Yzg5ZDVhODE4ZDE1MWRlMWE4NTMzOGYyOTMwMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy40eUpgHUbWApA9pb2s1JiGcsCZn
wF/NZyJReM5cCda4uoM1lbP8ivyPqLTKzSAVpW2CKJ2mBztZ4hgL29gM77bcZHQy
9XJC2nUACVy+xoxXiNLVqM+2Qhb/zgGwMxu0YytWR+fGk8c1zqqf9OFcTJRu0cZ5
pd22w17yx5GMyaJDT2WmhadxLcJPKxEK0loaF5MCjkUV2fF1HT6loyUl4pye9ivr
Vh5nKhfKW6V+7TJ1yxJ4X+YOmKvxGbAWhXa+Hf/lHTKv/C5ZBOdNMSErLRLkff/V
rd4bEXJyAoxxWbyRnoQtfkF1Oj3Nd4J01y+KGwH3eBeYeOcEFHagXrnmdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIK6dwjpyJ1agY0VHeGoUzjykwFJMB8GA1UdIwQY
MBaAFCzv3jC4pYsyKkMfCCntT/M7WqwYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9fZU1MaWxpeklxUXg4SUtlMVA4enRhckJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zM2EwZjktMTE3OC00YTZkLWI5NjQt
ZmY3NjVmODUzMWQ1LzEvZ3JwM0NPbkluVnFCalJVZDRhaFRPUEtUQVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zM2EwZjktMTE3OC00YTZkLWI5NjQtZmY3NjVmODUzMWQ1
LzEvTE9fZU1MaWxpeklxUXg4SUtlMVA4enRhckJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhwtMA0G
CSqGSIb3DQEBCwUAA4IBAQAoCmumDhYm3T1XZkDYUNeXSF5z8ju/Zkt/ai3Hfkjj
aANQMdS55huP2bt/Rc4G0jY0810KQmdIgohtW3m5WkZBcjxotELgwyNjI/F5wag2
b51ahIZJj2xVR4HALVq7cYHMazWm5vkZ6gYMtiY83VfsabZwTzUvvQcpazU2pVSJ
0m8fGj+HT7OJ1q1MvSHTVLLzYovekY2xPrRm54WA+VP6rytSwe5cz+BtpO9seQTr
oRajn4/fmScKosZNA5Tcbxxex5JqNJnIUjioT05Az1DHWmy729qPfJsxIXMP2Bl1
4Cgwzk+E+piUCsJ+GoPIsr6VzLNtFRKqsR3etyxifm6z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:44 2024 by rpki-client on console-ams.rpki-client.org