Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/0Xc0FEq-skU3xar5-rluZjt3Moc.roa
File:                     0Xc0FEq-skU3xar5-rluZjt3Moc.roa (raw, json)
Hash identifier:          hRat69lzZ2rRu92AexgDdq3KJr4wRQFJLPYRCLoFFCM=
Subject key identifier:   D1:77:34:14:4A:BE:B2:45:37:C5:AA:F9:FA:B9:6E:66:3B:77:32:87
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       0188A587638A9D188DCA1C49EC755CEE4957
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/0Xc0FEq-skU3xar5-rluZjt3Moc.roa
Signing time:             Sat 10 Jun 2023 13:38:13 +0000
ROA not before:           Sat 10 Jun 2023 13:38:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59651
IP address blocks:        45.143.6.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Jun 2023 15:59:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:a5:87:63:8a:9d:18:8d:ca:1c:49:ec:75:5c:ee:49:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Jun 10 13:38:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d17734144abeb24537c5aaf9fab96e663b773287
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:94:f5:92:96:6e:1c:a5:17:2b:85:a9:6f:0e:
                    7e:7b:0a:b1:76:fd:ef:de:f6:3f:41:4e:40:ed:6a:
                    8c:c9:64:49:54:76:c7:21:4d:09:db:70:ac:de:e4:
                    05:1c:31:8c:b3:fa:07:83:9f:3e:5e:f0:d2:02:af:
                    43:69:8e:dd:c9:eb:b9:a4:8d:de:18:4f:5e:25:14:
                    0b:0e:53:2f:4f:bc:fe:4f:46:57:e4:51:b5:d9:96:
                    12:37:1d:85:cb:1f:a9:2a:14:43:24:ed:9a:f1:8f:
                    0a:8f:1a:4b:78:f2:da:41:72:8e:f1:17:b2:10:fe:
                    54:3c:92:33:fd:79:f9:43:30:bb:05:c0:b3:ed:78:
                    23:7e:65:ec:cd:9d:03:ec:e6:70:f0:23:a8:22:74:
                    74:fa:42:18:77:74:55:dc:91:18:89:90:52:f2:97:
                    ed:32:f4:28:fd:bf:38:14:09:7e:48:46:b6:7d:54:
                    85:a4:82:a9:44:33:a0:f4:05:a8:2a:70:34:c9:6e:
                    04:e4:b8:ea:22:36:a1:f0:0c:50:3b:d8:dd:47:6e:
                    da:7c:db:f8:d6:3f:b3:e3:f1:8d:bf:26:f2:08:c5:
                    87:2f:08:3b:61:a1:22:3d:84:db:82:f4:43:88:4c:
                    24:b8:4a:b9:7d:f8:d2:b0:06:8b:90:22:63:5c:16:
                    d6:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:77:34:14:4A:BE:B2:45:37:C5:AA:F9:FA:B9:6E:66:3B:77:32:87
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/0Xc0FEq-skU3xar5-rluZjt3Moc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:e2:bf:0b:a8:5e:fd:47:21:17:a9:0c:52:d3:f9:88:0b:63:
         90:91:f7:da:09:07:e1:ce:d7:d8:a0:4a:d6:cf:8b:cd:d3:41:
         13:c7:f0:97:bf:c9:42:25:9e:ca:59:36:d8:df:cd:3a:0e:91:
         5b:41:d0:dd:7f:c2:db:1f:d5:d6:77:f1:1a:55:8b:3e:20:fd:
         58:35:74:bd:cb:85:15:fd:42:67:78:38:f1:c8:93:ca:02:5a:
         7c:6b:e5:31:26:fb:5d:16:5f:c5:c6:be:6a:f7:3c:54:27:55:
         bd:e7:4c:a5:f2:d1:6b:dd:ae:00:e4:00:cd:2d:7a:1f:22:ab:
         55:6d:53:fa:10:c3:56:e0:24:c2:4b:b7:d6:85:08:fe:0e:c9:
         63:23:35:b0:23:a5:ae:df:bc:cf:e7:73:cf:ae:dc:81:00:18:
         00:fb:33:52:66:ce:a7:a9:c3:a5:5e:4d:de:22:72:23:9e:cd:
         89:79:4a:15:42:99:61:01:ff:cc:f3:bc:8d:f7:72:c3:7e:46:
         df:3b:3a:2c:18:bd:f4:be:42:2a:b7:55:f4:56:42:39:22:fc:
         a3:d7:87:0e:05:38:a8:4e:b2:47:a4:ac:d2:fd:00:07:96:0d:
         7f:8b:50:e3:44:4c:22:ca:f9:37:00:f9:a0:7c:8d:35:85:a6:
         55:73:c7:05
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYilh2OKnRiNyhxJ7HVc7klXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwNjEwMTMzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTc3MzQxNDRhYmViMjQ1MzdjNWFhZjlmYWI5NmU2NjNiNzczMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJT1kpZuHKUXK4Wpbw5+ewqxdv3v
3vY/QU5A7WqMyWRJVHbHIU0J23Cs3uQFHDGMs/oHg58+XvDSAq9DaY7dyeu5pI3e
GE9eJRQLDlMvT7z+T0ZX5FG12ZYSNx2Fyx+pKhRDJO2a8Y8KjxpLePLaQXKO8Rey
EP5UPJIz/Xn5QzC7BcCz7XgjfmXszZ0D7OZw8COoInR0+kIYd3RV3JEYiZBS8pft
MvQo/b84FAl+SEa2fVSFpIKpRDOg9AWoKnA0yW4E5LjqIjah8AxQO9jdR27afNv4
1j+z4/GNvybyCMWHLwg7YaEiPYTbgvRDiEwkuEq5ffjSsAaLkCJjXBbWuQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNF3NBRKvrJFN8Wq+fq5bmY7dzKHMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xLzBYYzBGRXEtc2tVM3hhcjUtcmx1Wmp0M01vYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtjwYw
DQYJKoZIhvcNAQELBQADggEBAFbivwuoXv1HIRepDFLT+YgLY5CR99oJB+HO19ig
StbPi83TQRPH8Je/yUIlnspZNtjfzToOkVtB0N1/wtsf1dZ38RpViz4g/Vg1dL3L
hRX9Qmd4OPHIk8oCWnxr5TEm+10WX8XGvmr3PFQnVb3nTKXy0WvdrgDkAM0teh8i
q1VtU/oQw1bgJMJLt9aFCP4OyWMjNbAjpa7fvM/nc8+u3IEAGAD7M1Jmzqepw6Ve
Td4iciOezYl5ShVCmWEB/8zzvI33csN+Rt87OiwYvfS+Qiq3VfRWQjki/KPXhw4F
OKhOskekrNL9AAeWDX+LUONETCLK+TcA+aB8jTWFplVzxwU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:14 2024 by rpki-client on console-ams.rpki-client.org