Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RbPmXguAiintB1wd1jY24RydKDw.roa
File:                     RbPmXguAiintB1wd1jY24RydKDw.roa (raw, json)
Hash identifier:          oIhzMipUG9Ja8mInyw/vs1qc5tGHRkp93nExw4X6Ps0=
Subject key identifier:   45:B3:E6:5E:0B:80:8A:29:ED:07:5C:1D:D6:36:36:E1:1C:9D:28:3C
Certificate issuer:       /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial:       018CC8DF93D33C351709BB2F3B8D03C7AEAB
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RbPmXguAiintB1wd1jY24RydKDw.roa
Signing time:             Tue 02 Jan 2024 06:32:24 +0000
ROA not before:           Tue 02 Jan 2024 06:32:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9009
IP address blocks:        185.158.248.0/24 maxlen: 24
                          2a0b:7140:7::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 11 Apr 2024 08:27:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:93:d3:3c:35:17:09:bb:2f:3b:8d:03:c7:ae:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
        Validity
            Not Before: Jan  2 06:32:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=45b3e65e0b808a29ed075c1dd63636e11c9d283c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8d:c1:f4:98:72:13:50:01:98:0e:6b:40:e3:
                    22:06:62:a0:47:ef:5d:10:de:b8:a9:ea:11:3b:3b:
                    78:ba:ae:3c:34:8f:59:db:90:54:db:fc:c0:f7:33:
                    53:79:bb:ba:b6:bc:47:67:5e:5d:b6:ae:c2:e9:4f:
                    24:40:40:61:79:5a:1a:eb:55:d9:81:56:ba:59:0f:
                    f2:ee:a4:c3:bc:48:f8:ac:4a:53:26:6e:a8:f5:a0:
                    9b:72:3e:b0:a7:f3:19:a6:f7:9a:01:14:7b:44:c9:
                    05:5a:71:0c:90:73:25:38:62:3f:b2:a7:bf:84:41:
                    26:c2:2b:8d:3f:82:8a:28:8a:45:cc:d7:36:37:03:
                    77:c3:b9:bb:34:52:1c:c6:40:77:65:39:93:f5:be:
                    13:b1:92:30:3c:6e:65:00:78:cf:1d:a7:cb:c5:6e:
                    c7:22:03:02:ee:17:5c:c9:82:5c:ad:99:c7:fd:c5:
                    42:ea:59:ab:38:7a:19:c6:56:e1:1b:2b:c9:b2:b6:
                    c5:85:4a:85:4f:db:0a:bb:c6:d8:05:db:74:da:85:
                    2f:89:4a:fc:ef:42:5c:fc:2b:54:d2:f6:de:96:09:
                    fa:d4:cf:4d:37:fe:c4:87:b9:a8:ba:a1:45:97:45:
                    19:13:f5:cf:eb:71:7e:4a:75:2f:0e:a1:08:0d:fd:
                    2b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:B3:E6:5E:0B:80:8A:29:ED:07:5C:1D:D6:36:36:E1:1C:9D:28:3C
            X509v3 Authority Key Identifier:
                keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RbPmXguAiintB1wd1jY24RydKDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.158.248.0/24
                IPv6:
                  2a0b:7140:7::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:05:5f:ba:d1:0c:7d:18:2a:04:45:e0:76:9b:01:ed:0e:dd:
         4b:64:e9:bf:e8:0b:8d:08:6a:66:a6:dd:7c:d0:4c:55:41:53:
         f8:33:df:97:9a:6b:e3:d1:6e:f1:17:24:f7:92:ac:82:5b:e3:
         ba:c9:24:98:b4:9c:74:d0:8b:09:6d:c4:b7:62:50:5f:85:4f:
         64:b9:41:8b:c6:f8:2a:67:e5:5e:be:89:fc:16:b7:bd:08:6f:
         41:d6:2f:3e:c4:58:9e:4a:12:2b:1f:f2:83:ee:a8:29:2d:83:
         1a:4a:5f:56:09:4b:8b:9f:84:18:f1:15:10:8e:68:4e:7a:35:
         c0:3f:5e:c8:b0:dd:4f:4e:1e:81:d3:19:76:3d:fb:2d:7c:1a:
         c5:90:f2:4d:c6:a7:3b:47:0f:1e:28:3c:94:c1:8d:54:01:53:
         1f:62:10:25:ee:60:46:50:f4:43:26:cb:bf:4b:15:55:37:dc:
         fb:15:41:8a:be:fc:14:f6:8c:97:ff:7f:2a:29:81:dd:17:b3:
         5a:e2:6c:d9:79:46:05:94:eb:26:fc:cd:9c:bf:7e:e3:18:c3:
         3f:8d:a5:3b:9d:13:40:0c:ff:15:10:90:56:9b:85:cb:7c:c3:
         61:53:a4:32:73:5d:d3:76:a9:41:9f:0b:6c:77:56:66:03:8f:
         c9:f8:44:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI35PTPDUXCbsvO40Dx66rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwMTAyMDYzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWIzZTY1ZTBiODA4YTI5ZWQwNzVjMWRkNjM2MzZlMTFjOWQyODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo3B9JhyE1ABmA5rQOMiBmKgR+9d
EN64qeoROzt4uq48NI9Z25BU2/zA9zNTebu6trxHZ15dtq7C6U8kQEBheVoa61XZ
gVa6WQ/y7qTDvEj4rEpTJm6o9aCbcj6wp/MZpveaARR7RMkFWnEMkHMlOGI/sqe/
hEEmwiuNP4KKKIpFzNc2NwN3w7m7NFIcxkB3ZTmT9b4TsZIwPG5lAHjPHafLxW7H
IgMC7hdcyYJcrZnH/cVC6lmrOHoZxlbhGyvJsrbFhUqFT9sKu8bYBdt02oUviUr8
70Jc/CtU0vbelgn61M9NN/7Eh7mouqFFl0UZE/XP63F+SnUvDqEIDf0r3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEWz5l4LgIop7QdcHdY2NuEcnSg8MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvUmJQbVhndUFpaW50QjF3ZDFqWTI0UnlkS0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuZ74MA8E
AgACMAkDBwAqC3FAAAcwDQYJKoZIhvcNAQELBQADggEBABUFX7rRDH0YKgRF4Hab
Ae0O3Utk6b/oC40Iamam3XzQTFVBU/gz35eaa+PRbvEXJPeSrIJb47rJJJi0nHTQ
iwltxLdiUF+FT2S5QYvG+Cpn5V6+ifwWt70Ib0HWLz7EWJ5KEisf8oPuqCktgxpK
X1YJS4ufhBjxFRCOaE56NcA/Xsiw3U9OHoHTGXY9+y18GsWQ8k3GpztHDx4oPJTB
jVQBUx9iECXuYEZQ9EMmy79LFVU33PsVQYq+/BT2jJf/fyopgd0Xs1ribNl5RgWU
6yb8zZy/fuMYwz+NpTudE0AM/xUQkFabhct8w2FTpDJzXdN2qUGfC2x3VmYDj8n4
RDc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org