Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/5ezLsshUDz3mR4zmRSj00pJNGc0.roa
File:                     5ezLsshUDz3mR4zmRSj00pJNGc0.roa (raw, json)
Hash identifier:          d1ax+lSPqLRlHhe0QwztWy9UzY60J1Fi2Ti5xhlJLb8=
Subject key identifier:   E5:EC:CB:B2:C8:54:0F:3D:E6:47:8C:E6:45:28:F4:D2:92:4D:19:CD
Certificate issuer:       /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial:       018570DE590BD7864765F795DA3EBCD46170
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/5ezLsshUDz3mR4zmRSj00pJNGc0.roa
Signing time:             Mon 02 Jan 2023 05:04:57 +0000
ROA not before:           Mon 02 Jan 2023 05:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60558
IP address blocks:        185.145.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 May 2023 02:58:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:de:59:0b:d7:86:47:65:f7:95:da:3e:bc:d4:61:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
        Validity
            Not Before: Jan  2 05:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5eccbb2c8540f3de6478ce64528f4d2924d19cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:56:5d:0f:17:d9:c4:0a:2e:a4:09:6e:93:34:
                    1e:10:5d:c2:30:0c:1b:04:1e:5e:18:4c:0f:28:f1:
                    8e:8f:6d:75:3b:39:2b:c1:9f:1c:5b:73:80:10:a9:
                    da:ae:4a:46:0b:66:3e:9c:c4:4a:c9:5e:c5:34:3a:
                    34:24:45:74:8f:aa:33:a5:01:9b:17:3e:7d:6c:7a:
                    88:3a:dd:59:74:a3:dc:53:a5:d7:99:a0:60:bb:83:
                    3b:5a:69:70:48:1e:ca:15:62:ca:04:7e:3e:13:11:
                    ae:35:df:7a:1d:63:bf:5d:9e:30:d3:ae:99:ac:e2:
                    59:70:4b:d5:74:54:84:7b:1f:5f:5a:f3:6a:4b:e3:
                    03:28:80:a0:e8:a2:e9:45:f3:93:74:31:2e:67:ba:
                    7e:c0:08:45:d9:85:d4:8c:14:97:1c:68:69:52:7e:
                    65:14:c2:5c:eb:d6:8f:73:7a:04:66:b9:1e:ce:43:
                    84:ee:30:a3:9d:67:2d:4d:cf:f2:96:d0:e5:c6:dc:
                    77:23:1b:ae:0f:74:83:a8:8f:bc:dc:9c:c4:69:01:
                    60:bc:28:b3:62:2c:d4:ce:b3:83:6e:2f:d7:a0:5f:
                    3e:ad:2b:4a:4b:7a:69:e4:26:46:73:33:e4:33:ca:
                    e8:4e:f6:31:34:71:71:eb:d0:d5:f0:2e:1e:eb:bc:
                    23:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:EC:CB:B2:C8:54:0F:3D:E6:47:8C:E6:45:28:F4:D2:92:4D:19:CD
            X509v3 Authority Key Identifier:
                keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/5ezLsshUDz3mR4zmRSj00pJNGc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:d7:3d:e6:fc:a8:f2:8c:fe:ad:77:bd:97:6b:51:b2:da:6f:
         df:0d:a0:c6:3a:97:fa:a4:78:28:57:0e:9d:7b:3c:c9:0c:0d:
         9a:34:2d:7a:35:e4:df:71:ce:b2:9f:39:f2:b0:4c:f8:00:83:
         4b:06:a1:83:dd:e3:7d:e6:c5:48:d8:26:12:eb:ed:89:4e:e1:
         97:a5:47:e0:5c:02:cd:84:57:d1:66:2e:36:94:3a:87:1c:31:
         8b:9d:df:93:0e:de:f3:65:45:65:44:e3:65:4e:88:33:9f:b0:
         87:88:cf:c7:b9:bf:4d:99:93:bd:a4:db:16:23:be:3d:bc:a6:
         43:f2:f0:5c:9d:68:8f:ee:c9:57:ad:43:c0:89:2b:5b:ca:ec:
         2e:c3:ec:4b:8d:4c:fa:f4:c1:5d:70:a7:ab:9d:d8:3d:da:40:
         c4:1a:3d:3b:94:33:24:0a:cc:34:02:f0:de:35:f4:b0:8c:30:
         93:1f:88:6d:25:b4:b5:f0:5d:e4:ad:5e:62:f4:96:1c:ef:47:
         5b:e6:6e:47:5d:a3:1f:ae:b2:72:6c:d8:dd:d8:77:6e:d9:1d:
         d6:42:ee:27:23:39:b1:de:06:2d:52:9f:22:3f:d4:21:09:95:
         d4:b4:0c:0d:c7:44:95:30:5d:cd:75:4d:11:28:72:fb:99:a7:
         ea:31:71:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3lkL14ZHZfeV2j681GFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjMwMTAyMDUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWVjY2JiMmM4NTQwZjNkZTY0NzhjZTY0NTI4ZjRkMjkyNGQxOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVZdDxfZxAoupAlukzQeEF3CMAwb
BB5eGEwPKPGOj211OzkrwZ8cW3OAEKnarkpGC2Y+nMRKyV7FNDo0JEV0j6ozpQGb
Fz59bHqIOt1ZdKPcU6XXmaBgu4M7WmlwSB7KFWLKBH4+ExGuNd96HWO/XZ4w066Z
rOJZcEvVdFSEex9fWvNqS+MDKICg6KLpRfOTdDEuZ7p+wAhF2YXUjBSXHGhpUn5l
FMJc69aPc3oEZrkezkOE7jCjnWctTc/yltDlxtx3IxuuD3SDqI+83JzEaQFgvCiz
YizUzrODbi/XoF8+rStKS3pp5CZGczPkM8roTvYxNHFx69DV8C4e67wjeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOXsy7LIVA895keM5kUo9NKSTRnNMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvNWV6THNzaFVEejNtUjR6bVJTajAwcEpOR2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZEtMA0G
CSqGSIb3DQEBCwUAA4IBAQBb1z3m/KjyjP6td72Xa1Gy2m/fDaDGOpf6pHgoVw6d
ezzJDA2aNC16NeTfcc6ynznysEz4AINLBqGD3eN95sVI2CYS6+2JTuGXpUfgXALN
hFfRZi42lDqHHDGLnd+TDt7zZUVlRONlTogzn7CHiM/Hub9NmZO9pNsWI749vKZD
8vBcnWiP7slXrUPAiStbyuwuw+xLjUz69MFdcKerndg92kDEGj07lDMkCsw0AvDe
NfSwjDCTH4htJbS18F3krV5i9JYc70db5m5HXaMfrrJybNjd2Hdu2R3WQu4nIzmx
3gYtUp8iP9QhCZXUtAwNx0SVMF3NdU0RKHL7mafqMXHG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:41 2024 by rpki-client on console-fra.rpki-client.org