Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/DiF5kWkcPyOTUOWNmdPp17VXfuI.roa
File:                     DiF5kWkcPyOTUOWNmdPp17VXfuI.roa (raw, json)
Hash identifier:          hgVBWM/O4GL+vIRLkHu89MGZHiomo2jDmTvNKL8DpvA=
Subject key identifier:   0E:21:79:91:69:1C:3F:23:93:50:E5:8D:99:D3:E9:D7:B5:57:7E:E2
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018CC2DB3A22E17C19A03F8CF4A3A3AA7629
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/DiF5kWkcPyOTUOWNmdPp17VXfuI.roa
Signing time:             Mon 01 Jan 2024 02:29:56 +0000
ROA not before:           Mon 01 Jan 2024 02:29:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212384
IP address blocks:        45.11.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 07 Mar 2024 13:14:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:3a:22:e1:7c:19:a0:3f:8c:f4:a3:a3:aa:76:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  1 02:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0e217991691c3f239350e58d99d3e9d7b5577ee2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f4:16:1c:c4:1e:04:3e:3e:74:1d:60:2a:de:
                    47:55:92:73:ca:fc:c8:67:de:10:e3:6e:2d:e4:6c:
                    34:cd:b0:05:c8:04:d0:fc:5c:38:e9:71:06:aa:ad:
                    75:d5:c2:08:f4:70:06:59:1c:ed:ef:48:e4:de:77:
                    f8:68:74:8f:c3:22:0e:23:3b:b7:37:42:dd:8f:e9:
                    62:67:d1:c5:6a:e5:2e:36:e9:6e:95:14:d2:ef:4f:
                    51:f1:a1:fe:83:6f:b1:e1:7c:ea:d8:9c:b6:62:35:
                    e4:89:08:cd:65:48:91:c2:20:2c:36:d1:42:3e:33:
                    f5:8c:24:a2:c7:fb:ea:34:2b:c8:82:74:93:da:2e:
                    f7:d9:55:a2:af:69:49:3c:08:54:95:c3:12:ea:5b:
                    25:6f:84:52:84:14:78:ab:b7:d6:9d:ad:12:e2:91:
                    fb:92:96:2f:fe:de:0b:ae:12:84:f8:36:b4:9f:f3:
                    59:8b:aa:13:d3:b8:d7:e4:5e:5c:f9:22:38:f9:f4:
                    73:de:03:f0:00:9a:ae:0d:64:e1:4a:ec:f6:71:95:
                    48:7a:55:1d:2f:e6:f7:d2:ba:c0:27:ac:0f:3e:0e:
                    9a:26:9c:f6:f4:ba:9b:93:82:de:88:73:7d:5c:b5:
                    3c:45:8b:72:31:d3:7b:7f:c9:51:b9:81:fd:17:57:
                    b6:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:21:79:91:69:1C:3F:23:93:50:E5:8D:99:D3:E9:D7:B5:57:7E:E2
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/DiF5kWkcPyOTUOWNmdPp17VXfuI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:cf:ff:32:c2:27:01:84:4a:a1:13:36:30:44:4d:7f:89:c6:
         82:96:bf:86:ad:c4:de:87:dc:a6:f8:9a:be:80:62:05:5e:cd:
         f9:a7:05:d7:f9:f7:30:21:aa:5b:f0:25:e6:76:51:a7:cb:e6:
         44:8a:31:f5:29:46:b5:8e:89:42:9f:cc:70:25:de:d7:51:9c:
         bf:24:96:cb:93:5d:9f:00:8a:b8:de:6c:fe:df:33:86:81:e6:
         88:49:8c:6c:cd:e6:34:a7:bb:5e:84:1a:19:8c:92:ec:d1:1c:
         65:55:2c:f4:cb:88:60:b0:a6:f8:f6:67:5c:14:2f:b2:30:de:
         02:41:06:af:54:73:3b:a0:e9:8c:fa:38:e9:24:fd:54:78:f1:
         a4:e2:f6:9e:61:f4:12:8f:5e:b0:f2:b8:51:4a:43:12:58:05:
         97:ee:f3:28:9d:df:73:02:a2:00:0d:fe:58:ab:e7:68:b9:e8:
         cb:ee:11:4f:8c:5b:06:68:26:2a:48:90:04:d0:90:6f:4b:8c:
         9a:7f:e8:04:71:a6:c0:77:dd:5c:a8:b0:ae:d3:da:aa:26:e5:
         d0:90:a4:4e:96:b2:17:85:01:66:30:78:37:88:74:d9:27:fd:
         58:91:1a:d1:99:de:aa:78:7a:c2:0a:6b:d5:b4:27:53:bb:68:
         bb:79:ca:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zoi4XwZoD+M9KOjqnYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTIxNzk5MTY5MWMzZjIzOTM1MGU1OGQ5OWQzZTlkN2I1NTc3ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPQWHMQeBD4+dB1gKt5HVZJzyvzI
Z94Q424t5Gw0zbAFyATQ/Fw46XEGqq111cII9HAGWRzt70jk3nf4aHSPwyIOIzu3
N0Ldj+liZ9HFauUuNululRTS709R8aH+g2+x4Xzq2Jy2YjXkiQjNZUiRwiAsNtFC
PjP1jCSix/vqNCvIgnST2i732VWir2lJPAhUlcMS6lslb4RShBR4q7fWna0S4pH7
kpYv/t4LrhKE+Da0n/NZi6oT07jX5F5c+SI4+fRz3gPwAJquDWThSuz2cZVIelUd
L+b30rrAJ6wPPg6aJpz29Lqbk4LeiHN9XLU8RYtyMdN7f8lRuYH9F1e2VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4heZFpHD8jk1DljZnT6de1V37iMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvRGlGNWtXa2NQeU9UVU9XTm1kUHAxN1ZYZnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu8MA0G
CSqGSIb3DQEBCwUAA4IBAQAKz/8ywicBhEqhEzYwRE1/icaClr+GrcTeh9ym+Jq+
gGIFXs35pwXX+fcwIapb8CXmdlGny+ZEijH1KUa1jolCn8xwJd7XUZy/JJbLk12f
AIq43mz+3zOGgeaISYxszeY0p7tehBoZjJLs0RxlVSz0y4hgsKb49mdcFC+yMN4C
QQavVHM7oOmM+jjpJP1UePGk4vaeYfQSj16w8rhRSkMSWAWX7vMond9zAqIADf5Y
q+douejL7hFPjFsGaCYqSJAE0JBvS4yaf+gEcabAd91cqLCu09qqJuXQkKROlrIX
hQFmMHg3iHTZJ/1YkRrRmd6qeHrCCmvVtCdTu2i7ecp6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org