Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/yhWtwozaMyxM4F-eB2jM9uUAvFI.roa
File:                     yhWtwozaMyxM4F-eB2jM9uUAvFI.roa (raw, json)
Hash identifier:          k6VsxXn/LApJiwJeU1qcoYJ45E2mbbUs006tiX5MYxY=
Subject key identifier:   CA:15:AD:C2:8C:DA:33:2C:4C:E0:5F:9E:07:68:CC:F6:E5:00:BC:52
Certificate issuer:       /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial:       018CC8DFA2D6586ADF1C408672BFDA8074F8
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/yhWtwozaMyxM4F-eB2jM9uUAvFI.roa
Signing time:             Tue 02 Jan 2024 06:32:28 +0000
ROA not before:           Tue 02 Jan 2024 06:32:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43180
IP address blocks:        45.135.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Sep 2024 02:56:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:a2:d6:58:6a:df:1c:40:86:72:bf:da:80:74:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
        Validity
            Not Before: Jan  2 06:32:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ca15adc28cda332c4ce05f9e0768ccf6e500bc52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b1:c2:5f:b4:a2:f5:ba:2b:3e:6e:fd:20:ae:
                    77:36:51:51:9f:4e:8b:07:40:44:60:5a:79:3d:b7:
                    c3:45:0e:a9:4c:b6:02:74:c7:3d:26:bb:93:a1:1f:
                    35:eb:04:75:67:11:fc:5c:86:3e:7c:e1:3c:4e:d2:
                    f8:c5:70:39:0c:f6:25:34:c2:aa:48:49:c3:53:3b:
                    b2:ae:9f:30:56:6c:c5:a1:57:ea:fb:6f:64:20:cb:
                    0f:c9:a1:7e:3b:c9:dc:46:0d:67:91:d3:b0:76:ab:
                    d2:39:22:af:29:9d:e2:f2:ca:71:34:dc:46:80:79:
                    02:05:26:31:a0:08:09:17:5c:4b:ad:5b:44:43:61:
                    14:03:e6:e5:d6:df:c3:8c:d9:9e:2d:ee:4d:c7:96:
                    f5:ae:aa:60:20:c3:1c:0e:68:86:aa:2a:2c:85:b2:
                    aa:14:e6:b8:4b:b2:69:eb:6c:a7:78:19:bf:d0:c5:
                    24:df:b9:9c:a9:dc:23:44:3a:69:bf:7a:57:68:ae:
                    1c:35:16:32:f7:7c:1d:b5:39:77:b0:e4:59:5d:f0:
                    37:00:69:16:11:f7:72:b5:aa:78:1e:99:49:e5:a2:
                    63:9b:57:67:b1:e5:0e:75:da:4c:87:88:72:61:c3:
                    75:30:26:b2:9e:1c:e9:90:c6:13:3d:de:6e:34:e5:
                    70:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:15:AD:C2:8C:DA:33:2C:4C:E0:5F:9E:07:68:CC:F6:E5:00:BC:52
            X509v3 Authority Key Identifier:
                keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/yhWtwozaMyxM4F-eB2jM9uUAvFI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:69:a0:fd:29:e6:87:5a:53:59:34:87:a9:58:cf:6e:da:d3:
         e4:8c:f6:a5:8f:16:f8:e5:0c:9f:df:40:bd:dd:02:23:9d:1a:
         fc:2d:91:1e:49:18:3a:f6:58:17:f2:8f:64:a9:b7:ad:53:05:
         58:0c:e9:7c:00:2b:de:0c:7a:ff:b3:1f:85:75:91:42:3c:0a:
         0a:40:65:0b:7e:d1:e8:1a:92:72:6b:12:09:f2:11:1c:b3:b6:
         a4:f5:2e:e9:2a:4d:80:3d:47:26:32:2f:65:39:c4:33:1b:e6:
         6d:a1:46:b8:ca:9e:80:6c:2f:80:9b:96:99:5d:23:66:cc:6d:
         57:47:c2:9b:4c:77:63:4b:ff:58:5c:d7:4b:f7:08:88:bd:d5:
         05:ac:95:7e:0b:62:7f:ed:3f:2d:49:3f:f8:2f:e8:97:1e:00:
         92:07:45:1f:e0:14:07:90:4b:b8:63:54:ed:ea:8c:ca:d8:18:
         c0:c6:d3:b5:26:fa:d8:24:c4:9e:ce:8b:8c:a7:b9:eb:81:e0:
         fa:40:97:b4:f6:05:8e:3c:bc:ac:59:c6:e2:fd:52:86:d6:5f:
         f1:5b:8a:8b:4c:ef:5d:d4:75:88:96:64:02:5d:57:0e:95:92:
         01:cb:77:91:76:50:bf:a6:d1:6f:82:e4:26:a6:63:f9:2d:b9:
         a7:24:9c:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI36LWWGrfHECGcr/agHT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE1YWRjMjhjZGEzMzJjNGNlMDVmOWUwNzY4Y2NmNmU1MDBiYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7HCX7Si9borPm79IK53NlFRn06L
B0BEYFp5PbfDRQ6pTLYCdMc9JruToR816wR1ZxH8XIY+fOE8TtL4xXA5DPYlNMKq
SEnDUzuyrp8wVmzFoVfq+29kIMsPyaF+O8ncRg1nkdOwdqvSOSKvKZ3i8spxNNxG
gHkCBSYxoAgJF1xLrVtEQ2EUA+bl1t/DjNmeLe5Nx5b1rqpgIMMcDmiGqioshbKq
FOa4S7Jp62yneBm/0MUk37mcqdwjRDppv3pXaK4cNRYy93wdtTl3sORZXfA3AGkW
Efdytap4HplJ5aJjm1dnseUOddpMh4hyYcN1MCaynhzpkMYTPd5uNOVwVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoVrcKM2jMsTOBfngdozPblALxSMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEveWhXdHdvemFNeXhNNEYtZUIyak05dVVBdkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYfsMA0G
CSqGSIb3DQEBCwUAA4IBAQCiaaD9KeaHWlNZNIepWM9u2tPkjPaljxb45Qyf30C9
3QIjnRr8LZEeSRg69lgX8o9kqbetUwVYDOl8ACveDHr/sx+FdZFCPAoKQGULftHo
GpJyaxIJ8hEcs7ak9S7pKk2APUcmMi9lOcQzG+ZtoUa4yp6AbC+Am5aZXSNmzG1X
R8KbTHdjS/9YXNdL9wiIvdUFrJV+C2J/7T8tST/4L+iXHgCSB0Uf4BQHkEu4Y1Tt
6ozK2BjAxtO1JvrYJMSezouMp7nrgeD6QJe09gWOPLysWcbi/VKG1l/xW4qLTO9d
1HWIlmQCXVcOlZIBy3eRdlC/ptFvguQmpmP5LbmnJJzT
-----END CERTIFICATE-----
Generated at Fri Sep 6 04:24:09 2024 by rpki-client on console-fra.rpki-client.org