Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/DzmSxjK1Ish5Q-AQmmWBiBjyuPs.roa
File:                     DzmSxjK1Ish5Q-AQmmWBiBjyuPs.roa (raw, json)
Hash identifier:          QbuGqQWo2lEb9U6ACeCuTG+EtVLxlqHbEnmMFsJActk=
Subject key identifier:   0F:39:92:C6:32:B5:22:C8:79:43:E0:10:9A:65:81:88:18:F2:B8:FB
Certificate issuer:       /CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Certificate serial:       018916E3D7F43D059259A237637311128A02
Authority key identifier: 5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/DzmSxjK1Ish5Q-AQmmWBiBjyuPs.roa
Signing time:             Sun 02 Jul 2023 13:56:18 +0000
ROA not before:           Sun 02 Jul 2023 13:56:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        45.89.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 07 Jul 2023 15:39:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:16:e3:d7:f4:3d:05:92:59:a2:37:63:73:11:12:8a:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
        Validity
            Not Before: Jul  2 13:56:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f3992c632b522c87943e0109a65818818f2b8fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:6e:b1:e7:59:5b:92:75:3e:0d:79:5f:c2:03:
                    53:82:37:f9:97:22:05:b5:a9:40:85:8f:0c:01:dc:
                    ad:bb:c3:dd:69:61:f8:9b:27:91:bc:59:90:74:26:
                    da:dc:db:35:fa:bc:85:2b:b5:2c:3e:1d:a1:6c:c8:
                    fc:46:c0:0c:3f:f4:c0:92:17:91:3e:17:5a:08:1d:
                    a6:1d:70:55:0e:96:ec:c4:f1:42:5e:80:b8:6e:e1:
                    e7:a5:e4:a8:f1:a0:b2:ef:65:af:9b:d7:f7:ae:76:
                    98:82:f6:2e:a3:a3:6f:08:16:fe:53:f8:02:75:2b:
                    c2:65:f3:43:a6:d6:cd:3e:42:4e:c2:78:a9:32:dd:
                    0a:86:5f:d1:f0:1a:a8:c8:c5:30:b7:48:47:72:8c:
                    5c:2b:d2:44:2d:48:7b:54:d4:c8:19:57:0a:1d:61:
                    29:68:df:63:0d:2f:1d:81:7e:4d:87:bd:3e:fa:a0:
                    f9:3f:27:ca:93:6b:a8:cc:ea:39:89:86:9b:d8:70:
                    49:f3:0c:40:b6:6a:25:b4:62:54:4b:76:6a:1f:fb:
                    8e:61:af:6f:64:c6:a4:ea:d3:13:8d:5e:8c:60:71:
                    d5:98:b3:3d:36:4b:4d:c7:9c:33:d9:70:6f:5b:b5:
                    44:c3:1b:6c:3c:13:c6:4b:5f:0f:5e:c9:d4:c2:0b:
                    9f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:39:92:C6:32:B5:22:C8:79:43:E0:10:9A:65:81:88:18:F2:B8:FB
            X509v3 Authority Key Identifier:
                keyid:5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/DzmSxjK1Ish5Q-AQmmWBiBjyuPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Xu4NfnMISkLkx_cRjyOD_P82m6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:48:4c:e2:3a:7a:77:95:2b:43:f3:c0:5f:6c:88:e8:07:db:
         ec:e1:a0:b7:6d:bd:b5:ef:76:63:bd:18:51:6b:5a:bc:db:85:
         b3:2f:9a:8d:31:15:28:fc:95:72:50:3f:d9:82:b3:6c:87:84:
         70:65:af:db:fe:7e:04:7d:59:d5:ca:7f:95:a8:29:35:0b:64:
         ba:da:6e:7e:52:78:9c:be:db:04:41:f8:cc:f7:1e:bf:ad:e5:
         fe:c5:60:ae:26:b8:74:25:96:f6:7f:9c:14:64:4f:76:4c:5c:
         fd:35:a2:ad:90:ea:29:77:b0:cb:32:f4:56:98:d2:2c:a9:47:
         d1:cb:e2:9c:ef:45:65:cc:e0:c3:39:e7:77:e7:f9:66:8a:bc:
         4c:b5:02:02:d5:5e:ab:dc:b0:18:c6:d9:81:9a:97:55:43:31:
         9d:73:61:09:98:8b:88:7b:73:eb:97:e6:e9:93:61:c2:68:2a:
         19:e1:8a:1c:d2:ff:f5:8d:bf:80:b0:e2:54:85:89:17:d3:5b:
         29:06:87:fd:ac:26:09:70:29:4f:86:30:75:1a:c7:a0:75:d2:
         f5:cb:66:17:cc:05:ea:2c:4e:d8:09:fc:c3:38:a8:8d:03:90:
         43:1f:44:03:a0:e3:a1:bf:aa:5e:c3:4d:a4:4f:9f:8a:a3:20:
         73:da:15:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkW49f0PQWSWaI3Y3MREooCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWUwZDdlNzMwODRhNDJlNGM3ZjcxMThmMjM4M2ZjZmYz
NjliYTQwHhcNMjMwNzAyMTM1NjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjM5OTJjNjMyYjUyMmM4Nzk0M2UwMTA5YTY1ODE4ODE4ZjJiOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5W6x51lbknU+DXlfwgNTgjf5lyIF
talAhY8MAdytu8PdaWH4myeRvFmQdCba3Ns1+ryFK7UsPh2hbMj8RsAMP/TAkheR
PhdaCB2mHXBVDpbsxPFCXoC4buHnpeSo8aCy72Wvm9f3rnaYgvYuo6NvCBb+U/gC
dSvCZfNDptbNPkJOwnipMt0Khl/R8BqoyMUwt0hHcoxcK9JELUh7VNTIGVcKHWEp
aN9jDS8dgX5Nh70++qD5PyfKk2uozOo5iYab2HBJ8wxAtmoltGJUS3ZqH/uOYa9v
ZMak6tMTjV6MYHHVmLM9NktNx5wz2XBvW7VEwxtsPBPGS18PXsnUwgufQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA85ksYytSLIeUPgEJplgYgY8rj7MB8GA1UdIwQY
MBaAFF7uDX5zCEpC5Mf3EY8jg/z/NpukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgt
ZGRjMjY2NTY0NmNjLzEvRHptU3hqSzFJc2g1US1BUW1tV0JpQmp5dVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgtZGRjMjY2NTY0NmNj
LzEvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVkcMA0G
CSqGSIb3DQEBCwUAA4IBAQBWSEziOnp3lStD88BfbIjoB9vs4aC3bb2173ZjvRhR
a1q824WzL5qNMRUo/JVyUD/ZgrNsh4RwZa/b/n4EfVnVyn+VqCk1C2S62m5+Unic
vtsEQfjM9x6/reX+xWCuJrh0JZb2f5wUZE92TFz9NaKtkOopd7DLMvRWmNIsqUfR
y+Kc70VlzODDOed35/lmirxMtQIC1V6r3LAYxtmBmpdVQzGdc2EJmIuIe3Prl+bp
k2HCaCoZ4Yoc0v/1jb+AsOJUhYkX01spBof9rCYJcClPhjB1GsegddL1y2YXzAXq
LE7YCfzDOKiNA5BDH0QDoOOhv6pew02kT5+KoyBz2hVd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:11 2024 by rpki-client on console-ams.rpki-client.org