Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/4oBajhIrmHyiCaXKOyel8fsJy2o.roa
File:                     4oBajhIrmHyiCaXKOyel8fsJy2o.roa (raw, json)
Hash identifier:          xsbPAGnE2n5nGUb/T1QsyES8ybCmVS3N3Ujk6hZAbsg=
Subject key identifier:   E2:80:5A:8E:12:2B:98:7C:A2:09:A5:CA:3B:27:A5:F1:FB:09:CB:6A
Certificate issuer:       /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial:       018CC726DBD05B196334EE604400306C4BDC
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/4oBajhIrmHyiCaXKOyel8fsJy2o.roa
Signing time:             Mon 01 Jan 2024 22:31:01 +0000
ROA not before:           Mon 01 Jan 2024 22:31:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201619
IP address blocks:        45.148.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 07:47:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:db:d0:5b:19:63:34:ee:60:44:00:30:6c:4b:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
        Validity
            Not Before: Jan  1 22:31:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e2805a8e122b987ca209a5ca3b27a5f1fb09cb6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:8f:6a:93:a5:0c:08:d5:2c:3b:43:39:28:95:
                    95:e6:02:29:44:4d:44:21:dc:6e:0d:d8:48:e2:7a:
                    5b:d8:4f:7d:74:5b:c9:e7:c9:62:60:15:fb:8a:ab:
                    1b:e0:22:6e:01:69:dd:4d:67:3e:7d:00:49:dc:7d:
                    48:60:6c:94:b3:a6:4b:ef:42:7a:b3:fa:c7:cf:5f:
                    35:bf:99:05:8e:8f:b6:e6:81:d4:4e:7b:a0:ae:39:
                    52:12:50:19:80:92:8e:99:f1:a1:1b:77:ed:00:9e:
                    41:3e:b6:ac:bc:a0:5c:ad:77:c5:8c:06:12:33:fa:
                    66:1b:d5:2a:a4:ad:f8:ff:0a:2c:69:e4:5a:f8:6f:
                    eb:d1:ac:30:90:57:1c:0a:10:e2:4c:30:37:38:32:
                    54:8e:45:46:42:6f:0e:de:b4:9f:04:5b:09:a8:bb:
                    de:95:95:be:6b:e2:e5:fe:a1:c5:de:fa:66:c1:00:
                    71:60:7e:57:75:17:7e:24:cd:b7:c0:2b:7f:5c:46:
                    d7:ba:23:1e:96:26:e3:9a:5d:79:62:65:72:6d:24:
                    e6:74:93:f6:86:40:47:b1:de:3b:ef:60:0a:c5:1e:
                    70:c6:c8:2f:51:d4:65:93:7b:1c:21:80:f7:2f:b7:
                    28:70:65:0b:18:f9:47:22:d0:0b:5c:80:e7:88:47:
                    6a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:80:5A:8E:12:2B:98:7C:A2:09:A5:CA:3B:27:A5:F1:FB:09:CB:6A
            X509v3 Authority Key Identifier:
                keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/4oBajhIrmHyiCaXKOyel8fsJy2o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:43:3f:d4:96:49:eb:ce:b8:fd:b1:d9:05:3b:12:f4:7d:7c:
         07:fe:85:88:ac:92:d5:6e:bc:05:4a:c8:04:05:5e:ad:04:4f:
         72:b0:5a:1c:21:fa:d7:be:f5:b9:7d:87:7d:64:c8:c3:bf:22:
         b4:74:e6:7f:1e:3f:20:32:93:cc:85:2c:c1:05:3a:27:c3:fc:
         26:9e:47:65:9c:eb:db:c3:04:d7:0e:84:35:0b:af:47:c7:77:
         33:0f:4c:00:c3:7b:c4:99:58:1f:08:72:f5:e3:cd:dc:da:01:
         d0:b0:e8:de:76:10:cf:b9:91:3e:ae:dc:ba:f7:94:b9:4e:64:
         3c:68:ef:a1:78:54:6d:60:8f:89:ce:bb:a5:0c:d8:fa:cb:5a:
         b9:89:ab:7d:6e:56:5b:e1:5c:2e:85:d6:4e:0d:ff:ac:e4:1f:
         06:74:35:66:54:94:a6:cc:eb:ef:0f:12:9a:57:2a:1d:52:d4:
         b1:6e:87:b0:7d:4b:fc:37:54:0a:e7:73:ff:c9:df:4a:dc:e4:
         25:74:6a:6c:39:31:9b:fb:25:da:cb:5b:15:2a:9d:97:a3:9a:
         ec:7a:5d:5c:80:00:74:ba:b4:7a:c6:71:eb:d0:28:0e:5e:53:
         9a:27:33:c9:40:f5:f9:47:25:99:4e:aa:21:17:e5:0a:86:f4:
         1d:e8:12:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJtvQWxljNO5gRAAwbEvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjQwMTAxMjIzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjgwNWE4ZTEyMmI5ODdjYTIwOWE1Y2EzYjI3YTVmMWZiMDljYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu49qk6UMCNUsO0M5KJWV5gIpRE1E
IdxuDdhI4npb2E99dFvJ58liYBX7iqsb4CJuAWndTWc+fQBJ3H1IYGyUs6ZL70J6
s/rHz181v5kFjo+25oHUTnugrjlSElAZgJKOmfGhG3ftAJ5BPrasvKBcrXfFjAYS
M/pmG9UqpK34/wosaeRa+G/r0awwkFccChDiTDA3ODJUjkVGQm8O3rSfBFsJqLve
lZW+a+Ll/qHF3vpmwQBxYH5XdRd+JM23wCt/XEbXuiMelibjml15YmVybSTmdJP2
hkBHsd4772AKxR5wxsgvUdRlk3scIYD3L7cocGULGPlHItALXIDniEdqWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKAWo4SK5h8ogmlyjsnpfH7CctqMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvNG9CYWpoSXJtSHlpQ2FYS095ZWw4ZnNKeTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZRLMA0G
CSqGSIb3DQEBCwUAA4IBAQCkQz/Ulknrzrj9sdkFOxL0fXwH/oWIrJLVbrwFSsgE
BV6tBE9ysFocIfrXvvW5fYd9ZMjDvyK0dOZ/Hj8gMpPMhSzBBTonw/wmnkdlnOvb
wwTXDoQ1C69Hx3czD0wAw3vEmVgfCHL1483c2gHQsOjedhDPuZE+rty695S5TmQ8
aO+heFRtYI+JzrulDNj6y1q5iat9blZb4VwuhdZODf+s5B8GdDVmVJSmzOvvDxKa
VyodUtSxboewfUv8N1QK53P/yd9K3OQldGpsOTGb+yXay1sVKp2Xo5rsel1cgAB0
urR6xnHr0CgOXlOaJzPJQPX5RyWZTqohF+UKhvQd6BLI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:12 2024 by rpki-client on console-fra.rpki-client.org