Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/6sAAZc1jz1qslMVpxUqiAgjyC2E.roa
File:                     6sAAZc1jz1qslMVpxUqiAgjyC2E.roa (raw, json)
Hash identifier:          naNGK/pwlUc73tGrH7huzCScLTyWFIA6YFTLkJJSZNw=
Subject key identifier:   EA:C0:00:65:CD:63:CF:5A:AC:94:C5:69:C5:4A:A2:02:08:F2:0B:61
Certificate issuer:       /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial:       01942369BD9905B9FBC13DCA56F9BC10947B
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/6sAAZc1jz1qslMVpxUqiAgjyC2E.roa
Signing time:             Wed 01 Jan 2025 19:48:39 +0000
ROA not before:           Wed 01 Jan 2025 19:48:39 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     29802
IP address blocks:        45.140.247.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 20 Jan 2025 22:25:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:23:69:bd:99:05:b9:fb:c1:3d:ca:56:f9:bc:10:94:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
        Validity
            Not Before: Jan  1 19:48:39 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=eac00065cd63cf5aac94c569c54aa20208f20b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b3:26:42:c0:5e:d7:97:67:23:9b:ff:90:95:
                    46:df:c5:20:8e:fb:d9:52:2b:ff:6d:b5:21:c2:2c:
                    37:98:53:7f:d1:0a:15:90:0b:56:9c:2f:71:c4:3a:
                    4b:f7:00:ac:d4:6b:33:af:20:8f:96:a3:7b:44:fd:
                    83:68:3c:4f:fd:8d:17:00:6b:44:48:75:9e:7b:de:
                    1d:3f:52:9e:1b:d3:5b:f3:01:1a:9e:0b:4a:14:36:
                    b9:da:71:f7:dc:f1:d0:a7:85:61:53:d2:d0:5c:ac:
                    b4:a2:e9:f7:1f:a7:d2:f7:0b:5b:04:d9:82:da:42:
                    f2:26:e9:b1:e5:c3:92:29:3c:6a:52:06:e7:23:92:
                    15:d4:07:7e:e0:5a:db:47:e1:fd:6b:b3:26:5e:9f:
                    54:ed:fe:b3:d9:c8:fe:22:5f:72:73:49:ed:cd:5f:
                    3a:28:19:72:93:81:16:c6:59:4a:01:c3:46:16:82:
                    c0:e8:1d:27:6b:f1:5d:fa:55:76:3d:0e:c6:c3:da:
                    4b:8f:7d:f0:91:f0:c9:0e:67:c2:88:be:a8:65:1a:
                    64:d1:01:b3:3d:69:46:21:91:88:e4:b1:cd:10:ba:
                    17:1b:3b:86:07:0e:e4:9b:f3:fe:24:63:78:ea:25:
                    4e:63:90:3c:c7:9a:f6:91:0a:b4:e4:15:ac:b4:c0:
                    65:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:C0:00:65:CD:63:CF:5A:AC:94:C5:69:C5:4A:A2:02:08:F2:0B:61
            X509v3 Authority Key Identifier:
                keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/6sAAZc1jz1qslMVpxUqiAgjyC2E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:42:68:63:21:50:78:8f:0a:b9:bd:d5:6c:a4:c1:12:42:70:
         3b:17:f9:77:cb:08:3b:fb:f5:16:56:bc:53:16:76:13:d6:40:
         9c:a5:0e:30:13:45:1c:1d:01:45:4e:a1:e2:75:cf:b8:9d:ad:
         ec:30:46:74:a7:05:7a:f2:cc:c2:fc:03:16:49:0c:ea:1e:02:
         f3:89:8a:ec:ae:93:4e:ee:bb:11:ee:b7:88:f4:9e:5b:63:fe:
         99:9b:95:94:d7:e9:d0:b9:88:9e:d7:15:ff:c9:db:a7:fd:ee:
         13:cc:eb:45:3d:51:b6:8f:e7:e3:26:08:b5:d0:39:32:14:e7:
         18:06:e4:0e:5f:f1:14:5d:0b:26:0e:7e:45:9a:f4:d2:d6:1c:
         51:db:83:d4:28:61:d0:09:a6:4a:f3:f3:3d:f7:71:9b:32:72:
         af:86:e0:53:c6:ce:d8:3d:81:d4:54:fb:36:90:80:c7:2e:0a:
         d9:ef:88:9e:a9:d1:b2:8d:15:b8:28:99:dc:6c:cd:9e:1b:7a:
         6d:c2:8e:a0:01:9e:86:0c:66:b7:ad:83:bc:94:b3:b2:cb:c7:
         1b:d0:8f:94:eb:a4:84:2c:df:a8:5e:42:f6:30:a6:5d:80:48:
         44:f4:1f:a6:7d:5b:bd:8c:2c:a5:d3:75:93:f3:4c:ff:5f:2b:
         2d:2a:89:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjab2ZBbn7wT3KVvm8EJR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjUwMTAxMTk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWMwMDA2NWNkNjNjZjVhYWM5NGM1NjljNTRhYTIwMjA4ZjIwYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbMmQsBe15dnI5v/kJVG38UgjvvZ
Uiv/bbUhwiw3mFN/0QoVkAtWnC9xxDpL9wCs1GszryCPlqN7RP2DaDxP/Y0XAGtE
SHWee94dP1KeG9Nb8wEangtKFDa52nH33PHQp4VhU9LQXKy0oun3H6fS9wtbBNmC
2kLyJumx5cOSKTxqUgbnI5IV1Ad+4FrbR+H9a7MmXp9U7f6z2cj+Il9yc0ntzV86
KBlyk4EWxllKAcNGFoLA6B0na/Fd+lV2PQ7Gw9pLj33wkfDJDmfCiL6oZRpk0QGz
PWlGIZGI5LHNELoXGzuGBw7km/P+JGN46iVOY5A8x5r2kQq05BWstMBlEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOrAAGXNY89arJTFacVKogII8gthMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvNnNBQVpjMWp6MXFzbE1WcHhVcWlBZ2p5QzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYz3MA0G
CSqGSIb3DQEBCwUAA4IBAQDDQmhjIVB4jwq5vdVspMESQnA7F/l3ywg7+/UWVrxT
FnYT1kCcpQ4wE0UcHQFFTqHidc+4na3sMEZ0pwV68szC/AMWSQzqHgLziYrsrpNO
7rsR7reI9J5bY/6Zm5WU1+nQuYie1xX/ydun/e4TzOtFPVG2j+fjJgi10DkyFOcY
BuQOX/EUXQsmDn5FmvTS1hxR24PUKGHQCaZK8/M993GbMnKvhuBTxs7YPYHUVPs2
kIDHLgrZ74ieqdGyjRW4KJncbM2eG3ptwo6gAZ6GDGa3rYO8lLOyy8cb0I+U66SE
LN+oXkL2MKZdgEhE9B+mfVu9jCyl03WT80z/XystKomy
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:50:21 2025 by rpki-client