Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4OmaZZQXhLgaDx1-_Rmzimi94XA.roa
File:                     4OmaZZQXhLgaDx1-_Rmzimi94XA.roa (raw, json)
Hash identifier:          kYhPMde6qWaWH+Lqv3tLz3nb2G+TA7FbceWJwdYqZWk=
Subject key identifier:   E0:E9:9A:65:94:17:84:B8:1A:0F:1D:7E:FD:19:B3:8A:68:BD:E1:70
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       0186D01A5A0AA887371E85BA8611F9F620EA
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4OmaZZQXhLgaDx1-_Rmzimi94XA.roa
Signing time:             Sat 11 Mar 2023 09:57:13 +0000
ROA not before:           Sat 11 Mar 2023 09:57:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3280
IP address blocks:        45.157.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 10 Jun 2023 22:58:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:d0:1a:5a:0a:a8:87:37:1e:85:ba:86:11:f9:f6:20:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Mar 11 09:57:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0e99a65941784b81a0f1d7efd19b38a68bde170
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c5:59:fb:1c:05:ed:99:18:8f:b6:74:73:ec:
                    be:42:eb:37:23:c9:6e:9b:86:27:73:d1:cf:cc:7e:
                    a7:23:32:f1:6e:8e:38:1b:5c:11:38:52:e4:7a:7b:
                    0a:63:3c:83:c1:59:61:94:1c:61:e4:9d:fe:a7:c3:
                    da:3d:f3:7e:e0:fd:45:01:1b:a7:f3:72:b2:b6:bd:
                    a6:25:29:13:4c:bc:4c:b4:c0:54:48:41:df:52:51:
                    e5:58:0e:1d:5b:d2:49:3f:9f:ed:23:dd:25:de:00:
                    05:7d:84:a2:92:c4:d4:2d:18:a8:33:3a:44:13:89:
                    9b:0f:2c:76:ad:bf:eb:15:e6:f3:23:73:74:ce:91:
                    6a:8a:c3:9e:57:b6:68:61:f5:fe:09:03:75:53:10:
                    51:65:6b:dc:e5:de:e4:83:dc:95:27:b1:3b:61:d0:
                    97:bf:cc:80:ca:99:e1:d0:44:f2:61:4a:5f:0e:56:
                    4b:0a:df:25:cc:9b:6c:3b:9b:70:4a:ca:e3:5b:c0:
                    a8:fd:ad:98:9e:62:99:86:25:32:60:55:93:f7:60:
                    b1:f4:8e:c4:75:b7:d5:f7:7f:17:22:9c:14:0f:4f:
                    11:99:59:bc:49:ea:20:7b:45:0a:08:41:9a:7a:71:
                    c9:c0:6b:da:49:04:2b:08:e6:da:cb:77:f9:78:07:
                    c5:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:E9:9A:65:94:17:84:B8:1A:0F:1D:7E:FD:19:B3:8A:68:BD:E1:70
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4OmaZZQXhLgaDx1-_Rmzimi94XA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:8e:23:40:55:c4:cf:4c:d6:7a:69:df:3d:67:79:33:38:63:
         dd:a2:3a:da:17:ba:47:04:da:f7:c8:3c:28:33:83:dd:65:e7:
         3b:1f:da:52:0c:61:77:68:2b:f2:c9:cd:1f:63:29:19:87:1b:
         23:28:f0:d4:87:6c:22:18:4e:28:97:e9:ed:cb:eb:f8:30:19:
         ff:97:f4:c6:f3:eb:3b:06:09:60:b7:ea:67:12:81:7e:c2:65:
         b7:e4:3b:6d:4c:db:be:2a:1f:6e:67:13:9f:2c:ef:72:9d:8e:
         9c:97:2d:21:61:7a:69:9e:d9:6b:e1:16:a2:40:65:78:d0:71:
         04:83:f3:cc:38:64:08:5b:97:48:bf:e3:e8:6e:68:d9:65:45:
         53:32:70:71:3e:cc:60:12:62:36:7a:0c:cb:07:a5:1b:b4:89:
         26:0a:dd:20:89:4b:3a:c0:17:c8:90:fa:e7:87:af:60:7f:bd:
         a2:ec:e5:c7:62:9f:75:88:a4:20:6d:d2:71:74:e1:84:9b:d0:
         1b:8b:36:aa:5d:34:b6:7a:b6:f9:bd:90:3e:76:6e:c3:26:81:
         b5:7e:4b:d5:2f:92:04:fd:82:4b:f4:d2:ec:78:86:2b:c5:67:
         49:11:63:36:52:e1:a9:b2:9b:f7:c8:96:92:ed:6b:a6:a2:86:
         fa:c8:86:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbQGloKqIc3HoW6hhH59iDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMzExMDk1NzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU5OWE2NTk0MTc4NGI4MWEwZjFkN2VmZDE5YjM4YTY4YmRlMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMVZ+xwF7ZkYj7Z0c+y+Qus3I8lu
m4Ync9HPzH6nIzLxbo44G1wROFLkensKYzyDwVlhlBxh5J3+p8PaPfN+4P1FARun
83Kytr2mJSkTTLxMtMBUSEHfUlHlWA4dW9JJP5/tI90l3gAFfYSiksTULRioMzpE
E4mbDyx2rb/rFebzI3N0zpFqisOeV7ZoYfX+CQN1UxBRZWvc5d7kg9yVJ7E7YdCX
v8yAypnh0ETyYUpfDlZLCt8lzJtsO5twSsrjW8Co/a2YnmKZhiUyYFWT92Cx9I7E
dbfV938XIpwUD08RmVm8Seoge0UKCEGaenHJwGvaSQQrCObay3f5eAfFTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODpmmWUF4S4Gg8dfv0Zs4poveFwMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvNE9tYVpaUVhoTGdhRHgxLV9SbXppbWk5NFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ3QMA0G
CSqGSIb3DQEBCwUAA4IBAQBLjiNAVcTPTNZ6ad89Z3kzOGPdojraF7pHBNr3yDwo
M4PdZec7H9pSDGF3aCvyyc0fYykZhxsjKPDUh2wiGE4ol+nty+v4MBn/l/TG8+s7
Bglgt+pnEoF+wmW35DttTNu+Kh9uZxOfLO9ynY6cly0hYXppntlr4RaiQGV40HEE
g/PMOGQIW5dIv+PobmjZZUVTMnBxPsxgEmI2egzLB6UbtIkmCt0giUs6wBfIkPrn
h69gf72i7OXHYp91iKQgbdJxdOGEm9AbizaqXTS2erb5vZA+dm7DJoG1fkvVL5IE
/YJL9NLseIYrxWdJEWM2UuGpspv3yJaS7Wumoob6yIaL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org