Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rYW5gEGY8uYsf2uyu0fnlmIMGp0.roa
File:                     rYW5gEGY8uYsf2uyu0fnlmIMGp0.roa (raw, json)
Hash identifier:          TZ7qFG7YDL/qOo3hKPGBOOyVplpsIIT2Rp3NE2UFeFc=
Subject key identifier:   AD:85:B9:80:41:98:F2:E6:2C:7F:6B:B2:BB:47:E7:96:62:0C:1A:9D
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018DF412CC047ACB5187F451868D1754A0B5
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rYW5gEGY8uYsf2uyu0fnlmIMGp0.roa
Signing time:             Thu 29 Feb 2024 08:54:49 +0000
ROA not before:           Thu 29 Feb 2024 08:54:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57013
IP address blocks:        45.159.86.0/24 maxlen: 24
                          185.187.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 May 2024 16:12:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f4:12:cc:04:7a:cb:51:87:f4:51:86:8d:17:54:a0:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Feb 29 08:54:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ad85b9804198f2e62c7f6bb2bb47e796620c1a9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:d1:4b:17:a0:c6:47:01:34:5c:5c:04:d7:d5:
                    a5:7a:84:d2:21:eb:e2:51:82:3c:01:d5:29:e0:08:
                    c9:cb:ee:38:ef:4d:cb:da:67:9a:19:c1:a7:b5:63:
                    67:38:9a:9e:96:ce:2a:6e:d8:fa:05:11:19:59:23:
                    a5:04:97:65:2a:a5:e4:79:a1:80:20:f4:3c:94:2c:
                    d1:52:e5:07:6e:e3:58:73:69:b0:e5:af:47:93:10:
                    06:c2:6c:8d:8c:e3:cf:14:34:0b:80:54:e4:fc:19:
                    5d:bf:ed:39:67:97:d8:a4:a6:1e:68:24:f3:77:f3:
                    63:2e:ef:bb:80:f0:77:3a:f5:c6:cc:ac:60:6a:25:
                    58:70:bc:09:20:3a:1b:56:ad:64:4f:09:e5:b4:b0:
                    f9:c5:97:b4:63:d0:98:42:3b:cf:44:95:14:4d:52:
                    97:e4:86:e3:36:b2:87:67:1c:67:0f:0f:22:7d:55:
                    2e:e1:e2:6c:24:0c:6e:39:c5:9c:03:ab:17:58:a7:
                    08:d4:1a:ad:fc:c0:01:ad:fb:b1:e1:9c:6b:1c:b2:
                    f6:6c:00:46:38:bd:70:9f:23:75:7b:2e:38:74:f4:
                    22:6d:71:db:6d:ec:19:64:bb:7e:f5:e4:d4:13:cb:
                    11:e7:2d:9f:98:db:b6:7f:e7:3e:3f:b9:d1:3c:41:
                    01:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:85:B9:80:41:98:F2:E6:2C:7F:6B:B2:BB:47:E7:96:62:0C:1A:9D
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rYW5gEGY8uYsf2uyu0fnlmIMGp0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.86.0/24
                  185.187.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:45:fd:84:8a:4a:90:ba:6b:fd:b2:68:1e:86:ef:5f:4f:e6:
         83:6f:25:cc:5b:40:7e:aa:bd:20:f6:3a:bd:90:ef:04:86:28:
         a2:fa:9a:70:c0:c7:11:1a:96:d4:da:a3:a3:e4:13:70:db:36:
         94:b3:2d:7f:fe:b9:3c:3e:39:57:a5:94:21:a0:3a:1c:84:eb:
         4d:e3:07:2b:8d:79:4f:c9:8c:a9:48:7d:81:52:e9:6e:dc:6f:
         6e:b5:2d:17:99:96:6c:3f:ac:b4:f2:fa:da:c2:2e:09:b0:4d:
         ae:39:1e:d6:35:c3:fc:a6:5f:0e:34:03:75:9a:08:1b:9b:c7:
         7b:ac:65:8c:47:00:d2:90:8f:0b:03:c9:c5:b2:2a:4f:8c:b9:
         d3:6c:68:6b:0a:ea:24:08:0d:e2:b8:24:12:be:57:66:cb:08:
         bd:62:92:ef:93:87:d2:ca:24:d5:87:a7:58:10:d4:27:4a:0b:
         90:ac:f5:69:43:e2:2a:87:12:ce:b7:1e:31:ac:87:8b:e5:c2:
         d7:07:5c:81:76:cf:3b:36:27:cb:28:ab:ae:c9:84:47:da:c9:
         2f:a4:95:e3:b1:24:2f:fc:fe:26:35:eb:f5:15:66:89:bb:de:
         9e:18:00:5f:fd:73:e6:b9:49:6c:58:fc:08:0e:dd:ff:5a:7b:
         c1:a5:3f:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY30EswEestRh/RRho0XVKC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI5MDg1NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDg1Yjk4MDQxOThmMmU2MmM3ZjZiYjJiYjQ3ZTc5NjYyMGMxYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9FLF6DGRwE0XFwE19WleoTSIevi
UYI8AdUp4AjJy+44703L2meaGcGntWNnOJqels4qbtj6BREZWSOlBJdlKqXkeaGA
IPQ8lCzRUuUHbuNYc2mw5a9HkxAGwmyNjOPPFDQLgFTk/Bldv+05Z5fYpKYeaCTz
d/NjLu+7gPB3OvXGzKxgaiVYcLwJIDobVq1kTwnltLD5xZe0Y9CYQjvPRJUUTVKX
5IbjNrKHZxxnDw8ifVUu4eJsJAxuOcWcA6sXWKcI1Bqt/MABrfux4ZxrHLL2bABG
OL1wnyN1ey44dPQibXHbbewZZLt+9eTUE8sR5y2fmNu2f+c+P7nRPEEBnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK2FuYBBmPLmLH9rsrtH55ZiDBqdMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvcllXNWdFR1k4dVlzZjJ1eXUwZm5sbUlNR3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ9WAwQA
ubsSMA0GCSqGSIb3DQEBCwUAA4IBAQCCRf2EikqQumv9smgehu9fT+aDbyXMW0B+
qr0g9jq9kO8Ehiii+ppwwMcRGpbU2qOj5BNw2zaUsy1//rk8PjlXpZQhoDochOtN
4wcrjXlPyYypSH2BUulu3G9utS0XmZZsP6y08vrawi4JsE2uOR7WNcP8pl8ONAN1
mggbm8d7rGWMRwDSkI8LA8nFsipPjLnTbGhrCuokCA3iuCQSvldmywi9YpLvk4fS
yiTVh6dYENQnSguQrPVpQ+IqhxLOtx4xrIeL5cLXB1yBds87NifLKKuuyYRH2skv
pJXjsSQv/P4mNev1FWaJu96eGABf/XPmuUlsWPwIDt3/WnvBpT/b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org