Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/chEzQoqpSuRETrua1gASlNYfB-w.roa
File:                     chEzQoqpSuRETrua1gASlNYfB-w.roa (raw, json)
Hash identifier:          8ImHCIdf9r1FR9MpJE+zbwCnShCwPqor/RJNjcglkao=
Subject key identifier:   72:11:33:42:8A:A9:4A:E4:44:4E:BB:9A:D6:00:12:94:D6:1F:07:EC
Certificate issuer:       /CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Certificate serial:       018E088C2E23C0CA24FE887FABE9CF9D7193
Authority key identifier: 5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/chEzQoqpSuRETrua1gASlNYfB-w.roa
Signing time:             Mon 04 Mar 2024 08:19:48 +0000
ROA not before:           Mon 04 Mar 2024 08:19:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        45.89.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Mar 2024 13:12:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:08:8c:2e:23:c0:ca:24:fe:88:7f:ab:e9:cf:9d:71:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
        Validity
            Not Before: Mar  4 08:19:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=721133428aa94ae4444ebb9ad6001294d61f07ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2a:f6:87:af:ff:d6:05:10:39:66:30:37:f5:
                    e2:a2:48:a8:26:b1:4d:bf:1b:e1:48:49:61:1d:c7:
                    b7:ef:82:73:00:9c:2c:dc:67:9b:35:a3:b8:66:a0:
                    56:bf:5b:4e:1c:9b:d0:b3:23:52:28:5d:91:9e:de:
                    0c:e8:0e:8c:5d:5d:79:1f:a5:e9:01:cb:09:86:43:
                    70:44:90:b5:c0:6e:ac:8b:12:46:b5:a8:95:04:0b:
                    cd:ea:74:bf:d5:ba:b1:84:ce:fb:18:e9:0e:62:f3:
                    d6:42:5c:14:d7:be:18:be:c3:59:ef:f6:6d:0b:80:
                    c5:f0:07:5f:78:32:62:e3:c7:10:94:18:a0:a7:d5:
                    73:3f:b3:f8:62:a7:23:af:1a:1e:54:c5:28:81:d8:
                    37:db:5d:78:cc:b4:e9:1d:09:38:28:e5:f0:79:5e:
                    e4:93:29:b0:42:44:19:44:dd:e8:5c:05:68:8e:b1:
                    56:c0:6c:02:28:24:31:10:8b:f4:b9:59:30:29:3a:
                    30:4e:ee:b8:d7:04:6b:dc:f9:71:d7:d2:34:44:9b:
                    c7:4f:68:e4:f5:a3:5c:58:d4:c0:c0:96:90:81:a5:
                    0f:cf:0d:11:ef:1e:b4:02:23:b7:21:8a:82:a9:c0:
                    c0:73:91:ef:9c:2b:40:20:43:ed:a9:16:01:11:62:
                    fb:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:11:33:42:8A:A9:4A:E4:44:4E:BB:9A:D6:00:12:94:D6:1F:07:EC
            X509v3 Authority Key Identifier:
                keyid:5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/chEzQoqpSuRETrua1gASlNYfB-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Xu4NfnMISkLkx_cRjyOD_P82m6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:5e:e8:0f:d4:8b:bf:c0:5c:72:6a:17:e7:0c:ad:85:f1:08:
         f7:7f:b6:af:a7:2f:c3:2a:d5:22:2e:4f:69:36:2b:e9:39:18:
         36:ca:c3:91:67:39:3a:cd:ae:2c:2d:b3:ad:e5:4c:c5:3e:be:
         91:79:34:d2:a1:f0:9c:62:51:49:5a:30:6c:c7:64:1e:62:61:
         72:8d:5a:4a:39:c2:40:8f:93:d8:97:19:7d:a3:24:d3:67:c1:
         be:0b:a4:e9:8e:bd:d8:b2:f5:91:d8:9d:b9:80:19:54:b9:a3:
         d9:40:29:71:f6:f7:73:75:6f:4a:f3:de:7d:5e:f7:5b:31:3c:
         22:a8:5f:23:a0:95:5c:34:58:4e:8d:5d:f8:c7:18:c5:28:2b:
         e6:1c:49:4d:59:04:96:d3:70:0b:d0:c6:38:85:ed:c7:2b:e1:
         06:b0:6d:7d:47:bb:dc:b6:3b:60:c9:25:77:be:70:d6:74:d8:
         62:2e:31:c1:5d:1d:3c:5f:c3:39:4b:31:29:30:cb:35:bb:55:
         b2:3f:08:20:81:c3:89:85:1f:54:be:c9:d1:e2:2d:4c:56:3e:
         da:bc:14:2a:64:0a:97:2e:09:3e:93:e4:e4:85:47:03:07:13:
         94:aa:68:12:2a:d0:1d:f8:81:bb:0d:f1:ca:70:4f:73:0d:05:
         f1:45:3c:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4IjC4jwMok/oh/q+nPnXGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWUwZDdlNzMwODRhNDJlNGM3ZjcxMThmMjM4M2ZjZmYz
NjliYTQwHhcNMjQwMzA0MDgxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjExMzM0MjhhYTk0YWU0NDQ0ZWJiOWFkNjAwMTI5NGQ2MWYwN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCr2h6//1gUQOWYwN/XiokioJrFN
vxvhSElhHce374JzAJws3GebNaO4ZqBWv1tOHJvQsyNSKF2Rnt4M6A6MXV15H6Xp
AcsJhkNwRJC1wG6sixJGtaiVBAvN6nS/1bqxhM77GOkOYvPWQlwU174YvsNZ7/Zt
C4DF8AdfeDJi48cQlBigp9VzP7P4YqcjrxoeVMUogdg32114zLTpHQk4KOXweV7k
kymwQkQZRN3oXAVojrFWwGwCKCQxEIv0uVkwKTowTu641wRr3Plx19I0RJvHT2jk
9aNcWNTAwJaQgaUPzw0R7x60AiO3IYqCqcDAc5HvnCtAIEPtqRYBEWL7kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIRM0KKqUrkRE67mtYAEpTWHwfsMB8GA1UdIwQY
MBaAFF7uDX5zCEpC5Mf3EY8jg/z/NpukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgt
ZGRjMjY2NTY0NmNjLzEvY2hFelFvcXBTdVJFVHJ1YTFnQVNsTllmQi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgtZGRjMjY2NTY0NmNj
LzEvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVkdMA0G
CSqGSIb3DQEBCwUAA4IBAQAyXugP1Iu/wFxyahfnDK2F8Qj3f7avpy/DKtUiLk9p
NivpORg2ysORZzk6za4sLbOt5UzFPr6ReTTSofCcYlFJWjBsx2QeYmFyjVpKOcJA
j5PYlxl9oyTTZ8G+C6Tpjr3YsvWR2J25gBlUuaPZQClx9vdzdW9K8959XvdbMTwi
qF8joJVcNFhOjV34xxjFKCvmHElNWQSW03AL0MY4he3HK+EGsG19R7vctjtgySV3
vnDWdNhiLjHBXR08X8M5SzEpMMs1u1WyPwgggcOJhR9UvsnR4i1MVj7avBQqZAqX
Lgk+k+TkhUcDBxOUqmgSKtAd+IG7DfHKcE9zDQXxRTwy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:40 2024 by rpki-client on console-fra.rpki-client.org