Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/2reC4hMnyqD-4UqVk31Pf0z98hY.roa
File:                     2reC4hMnyqD-4UqVk31Pf0z98hY.roa (raw, json)
Hash identifier:          aBpUE3jj/lWcoKt47CQ0VkvBj3KgXFRrFf6yu350ppY=
Subject key identifier:   DA:B7:82:E2:13:27:CA:A0:FE:E1:4A:95:93:7D:4F:7F:4C:FD:F2:16
Certificate issuer:       /CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Certificate serial:       01907E55EBAEE37382B268DA309B5B436F90
Authority key identifier: 5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/2reC4hMnyqD-4UqVk31Pf0z98hY.roa
Signing time:             Thu 04 Jul 2024 15:21:18 +0000
ROA not before:           Thu 04 Jul 2024 15:21:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        45.89.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jul 2024 20:46:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:7e:55:eb:ae:e3:73:82:b2:68:da:30:9b:5b:43:6f:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
        Validity
            Not Before: Jul  4 15:21:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dab782e21327caa0fee14a95937d4f7f4cfdf216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:1b:5e:4d:40:17:24:bd:4d:e6:26:cc:90:9a:
                    d4:c9:53:51:52:2b:ee:cb:0a:51:5a:d9:21:59:64:
                    ac:2b:98:07:4f:af:52:3e:08:7f:ca:d3:f5:b6:6f:
                    53:81:63:cd:bb:83:64:7d:cc:1e:6b:e9:11:a7:eb:
                    f5:f9:27:34:07:25:51:b0:e8:98:01:15:8e:d7:e1:
                    3e:b0:96:fc:38:36:7d:9a:41:12:0b:f2:e0:7e:9c:
                    c5:7c:d3:47:db:ac:96:f9:2c:59:b5:8a:00:05:1d:
                    b4:ca:42:36:81:c9:d9:dc:37:a6:ba:8d:f0:d0:15:
                    ca:9e:1f:7d:81:f8:19:a8:68:1f:38:08:91:eb:27:
                    6e:8c:aa:44:56:34:86:f9:3a:cd:d3:95:f0:6c:fe:
                    69:d4:ef:b8:99:d4:b5:04:4f:a7:2c:9b:24:cf:5a:
                    20:b5:5e:fe:b0:5c:0e:b7:68:8b:38:dd:1e:bf:76:
                    71:04:65:48:90:24:3d:3f:8a:6b:6b:b6:84:50:68:
                    e6:66:08:30:78:eb:2b:89:3f:d1:37:76:83:a2:4b:
                    25:b8:e7:18:ee:6a:71:3c:c9:70:23:04:da:e9:4f:
                    f9:c0:84:c6:89:60:ac:0d:65:92:c4:5e:ab:91:8b:
                    eb:17:cc:3c:60:d0:12:6a:8c:96:62:7f:5d:70:61:
                    2a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:B7:82:E2:13:27:CA:A0:FE:E1:4A:95:93:7D:4F:7F:4C:FD:F2:16
            X509v3 Authority Key Identifier:
                keyid:5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/2reC4hMnyqD-4UqVk31Pf0z98hY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Xu4NfnMISkLkx_cRjyOD_P82m6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:cb:ea:4b:4d:f0:ea:2a:a6:31:96:c0:79:08:d3:a1:2c:fc:
         60:eb:05:87:a9:ae:0f:d1:51:c0:5b:2b:3b:6d:a9:cf:16:23:
         be:38:54:7a:83:bc:ce:09:63:55:c8:05:e6:f1:26:5a:85:ed:
         1c:b3:1e:9d:1d:15:20:1c:53:c4:b8:64:2c:05:dc:d0:04:47:
         af:c7:df:85:4f:d2:aa:05:51:80:66:2f:fb:51:9a:0e:83:0b:
         d8:ab:cb:4a:fc:39:56:3e:3a:2a:83:f2:77:44:19:79:7a:68:
         64:21:47:7a:6c:93:e9:65:f3:ac:05:00:76:b3:23:b5:7a:d0:
         d4:53:f5:b6:e0:81:f2:02:28:66:a6:b9:5a:86:21:0a:4c:33:
         d0:f1:a0:bb:44:61:6a:89:1d:55:3f:95:c4:98:86:5d:91:fc:
         03:07:22:13:7b:a6:ff:06:23:68:49:79:93:9c:e2:4b:a5:1d:
         bd:72:45:ba:0e:57:3d:f2:55:ce:fb:2b:75:1c:12:29:d4:c2:
         c3:8c:46:aa:35:f1:24:57:b8:b1:c5:2e:36:3c:86:77:13:48:
         f4:ee:5e:27:ff:31:07:72:58:0b:92:93:e2:e1:74:67:d6:78:
         be:e3:57:ec:50:89:f1:a2:46:e7:77:3a:1d:85:14:75:ec:52:
         4e:8f:d0:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZB+Veuu43OCsmjaMJtbQ2+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWUwZDdlNzMwODRhNDJlNGM3ZjcxMThmMjM4M2ZjZmYz
NjliYTQwHhcNMjQwNzA0MTUyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI3ODJlMjEzMjdjYWEwZmVlMTRhOTU5MzdkNGY3ZjRjZmRmMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRteTUAXJL1N5ibMkJrUyVNRUivu
ywpRWtkhWWSsK5gHT69SPgh/ytP1tm9TgWPNu4Nkfcwea+kRp+v1+Sc0ByVRsOiY
ARWO1+E+sJb8ODZ9mkESC/LgfpzFfNNH26yW+SxZtYoABR20ykI2gcnZ3Demuo3w
0BXKnh99gfgZqGgfOAiR6ydujKpEVjSG+TrN05XwbP5p1O+4mdS1BE+nLJskz1og
tV7+sFwOt2iLON0ev3ZxBGVIkCQ9P4pra7aEUGjmZggweOsriT/RN3aDoksluOcY
7mpxPMlwIwTa6U/5wITGiWCsDWWSxF6rkYvrF8w8YNASaoyWYn9dcGEqeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNq3guITJ8qg/uFKlZN9T39M/fIWMB8GA1UdIwQY
MBaAFF7uDX5zCEpC5Mf3EY8jg/z/NpukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgt
ZGRjMjY2NTY0NmNjLzEvMnJlQzRoTW55cUQtNFVxVmszMVBmMHo5OGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgtZGRjMjY2NTY0NmNj
LzEvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVkdMA0G
CSqGSIb3DQEBCwUAA4IBAQBYy+pLTfDqKqYxlsB5CNOhLPxg6wWHqa4P0VHAWys7
banPFiO+OFR6g7zOCWNVyAXm8SZahe0csx6dHRUgHFPEuGQsBdzQBEevx9+FT9Kq
BVGAZi/7UZoOgwvYq8tK/DlWPjoqg/J3RBl5emhkIUd6bJPpZfOsBQB2syO1etDU
U/W24IHyAihmprlahiEKTDPQ8aC7RGFqiR1VP5XEmIZdkfwDByITe6b/BiNoSXmT
nOJLpR29ckW6Dlc98lXO+yt1HBIp1MLDjEaqNfEkV7ixxS42PIZ3E0j07l4n/zEH
clgLkpPi4XRn1ni+41fsUInxokbndzodhRR17FJOj9Co
-----END CERTIFICATE-----
Generated at Wed Jul 10 22:44:12 2024 by rpki-client on console-fra.rpki-client.org