Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/gU_UqT2phd_XvOY9B02gXjYlku0.roa
File:                     gU_UqT2phd_XvOY9B02gXjYlku0.roa (raw, json)
Hash identifier:          5NGVjFr/S2hb1Agg1GbtavmFYcqZR5xoaqntYRDLq7k=
Subject key identifier:   81:4F:D4:A9:3D:A9:85:DF:D7:BC:E6:3D:07:4D:A0:5E:36:25:92:ED
Certificate issuer:       /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial:       018C1688ED12A4049AFEED48FA9475A016E2
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/gU_UqT2phd_XvOY9B02gXjYlku0.roa
Signing time:             Tue 28 Nov 2023 15:25:21 +0000
ROA not before:           Tue 28 Nov 2023 15:25:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        45.142.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:16:88:ed:12:a4:04:9a:fe:ed:48:fa:94:75:a0:16:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
        Validity
            Not Before: Nov 28 15:25:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=814fd4a93da985dfd7bce63d074da05e362592ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:85:e1:bf:19:91:97:ce:92:37:c3:2b:06:ad:
                    03:27:cf:ea:4a:6b:5b:74:08:72:93:e8:fc:ff:21:
                    ef:70:0b:aa:01:8d:b9:fe:04:4c:8d:df:44:f0:8f:
                    08:7e:78:68:65:ff:d0:fa:a1:95:b5:e2:36:e5:f3:
                    c4:08:39:54:77:68:30:eb:ac:3a:96:e1:47:bc:e4:
                    e6:d2:82:ec:7c:89:36:98:8f:57:ff:b1:7a:75:c0:
                    52:68:13:bc:48:37:e8:69:f7:c4:2e:9c:38:09:5a:
                    3b:46:2a:1e:75:e3:d7:64:42:6d:51:bc:bf:ea:7d:
                    31:1b:0f:1e:9d:2a:01:61:48:dc:f0:5e:67:ec:af:
                    e7:dc:ab:42:c0:95:2e:c6:fa:b7:6b:be:c8:ef:f7:
                    ac:dc:26:25:5b:f7:2c:c1:b8:05:12:ad:f3:c2:96:
                    73:7c:b5:54:2a:89:81:c3:ad:19:20:06:68:26:ba:
                    f4:ac:31:32:f3:b3:08:ed:4a:69:2c:c3:8f:b5:9d:
                    7a:1e:03:21:67:9e:df:d6:cd:84:94:15:5a:f7:bb:
                    cd:de:29:3b:d7:39:71:2d:61:a7:06:b3:91:3d:b9:
                    25:da:13:56:fa:1e:79:5e:1f:3e:f6:15:bb:4a:87:
                    89:02:0a:60:9e:94:41:3b:43:2a:22:17:d9:bd:14:
                    50:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:4F:D4:A9:3D:A9:85:DF:D7:BC:E6:3D:07:4D:A0:5E:36:25:92:ED
            X509v3 Authority Key Identifier:
                keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/gU_UqT2phd_XvOY9B02gXjYlku0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:1f:c2:bb:de:36:20:21:f9:74:fb:88:97:39:20:9a:5e:3a:
         ec:66:20:b2:ca:8c:cb:e2:2a:fe:41:40:21:2f:9b:59:3a:53:
         03:65:f2:2b:1f:90:9d:8c:2a:89:74:cd:7e:9b:71:72:ba:64:
         03:1f:ce:c1:a0:e7:0b:a6:21:4f:9d:61:0a:01:91:00:34:97:
         3e:34:ab:fe:5b:07:d7:dd:21:7b:72:68:d7:ea:5e:2e:65:70:
         0a:ba:92:07:c4:db:6a:32:c1:8a:fe:03:f7:18:47:98:d0:5d:
         4f:36:ab:f5:07:29:e5:3f:c6:d5:13:65:ec:74:00:8c:85:08:
         a5:5a:7f:21:2d:9f:30:33:7a:03:c3:b0:d3:cb:a7:39:d2:47:
         60:24:6c:4a:51:f1:a2:88:02:72:27:11:78:47:4e:5e:54:75:
         ab:0b:ce:cf:f0:4c:06:89:76:db:ab:ba:48:8b:3e:5e:31:6c:
         fe:cc:51:ec:7e:2c:c0:ae:e9:b5:c1:cb:cf:b0:64:6e:6d:6f:
         30:90:ba:08:fc:b5:3d:84:72:cc:d5:bd:67:04:82:ce:3f:d8:
         bd:23:33:e4:48:8e:e1:92:7f:95:50:6c:43:53:64:fe:ac:a1:
         7b:0c:30:31:91:1b:93:38:21:ba:75:0e:d6:e0:69:e2:62:0f:
         2a:25:f4:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwWiO0SpASa/u1I+pR1oBbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjMxMTI4MTUyNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTRmZDRhOTNkYTk4NWRmZDdiY2U2M2QwNzRkYTA1ZTM2MjU5MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYXhvxmRl86SN8MrBq0DJ8/qSmtb
dAhyk+j8/yHvcAuqAY25/gRMjd9E8I8IfnhoZf/Q+qGVteI25fPECDlUd2gw66w6
luFHvOTm0oLsfIk2mI9X/7F6dcBSaBO8SDfoaffELpw4CVo7RioedePXZEJtUby/
6n0xGw8enSoBYUjc8F5n7K/n3KtCwJUuxvq3a77I7/es3CYlW/cswbgFEq3zwpZz
fLVUKomBw60ZIAZoJrr0rDEy87MI7UppLMOPtZ16HgMhZ57f1s2ElBVa97vN3ik7
1zlxLWGnBrORPbkl2hNW+h55Xh8+9hW7SoeJAgpgnpRBO0MqIhfZvRRQaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFP1Kk9qYXf17zmPQdNoF42JZLtMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvZ1VfVXFUMnBoZF9Ydk9ZOUIwMmdYallsa3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY61MA0G
CSqGSIb3DQEBCwUAA4IBAQAUH8K73jYgIfl0+4iXOSCaXjrsZiCyyozL4ir+QUAh
L5tZOlMDZfIrH5CdjCqJdM1+m3FyumQDH87BoOcLpiFPnWEKAZEANJc+NKv+WwfX
3SF7cmjX6l4uZXAKupIHxNtqMsGK/gP3GEeY0F1PNqv1BynlP8bVE2XsdACMhQil
Wn8hLZ8wM3oDw7DTy6c50kdgJGxKUfGiiAJyJxF4R05eVHWrC87P8EwGiXbbq7pI
iz5eMWz+zFHsfizArum1wcvPsGRubW8wkLoI/LU9hHLM1b1nBILOP9i9IzPkSI7h
kn+VUGxDU2T+rKF7DDAxkRuTOCG6dQ7W4GniYg8qJfR+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:29 2024 by rpki-client on console-ams.rpki-client.org