Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/HDA16Dp63U0nZb0p_t_d-77Yvxc.roa
File:                     HDA16Dp63U0nZb0p_t_d-77Yvxc.roa (raw, json)
Hash identifier:          QC7pTEmZrbd83iqusFpbEwgRtt8ONLoo7m/r05o8LcA=
Subject key identifier:   1C:30:35:E8:3A:7A:DD:4D:27:65:BD:29:FE:DF:DD:FB:BE:D8:BF:17
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       01856B0A327EFE89AA96E6A402CE540EAFE1
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/HDA16Dp63U0nZb0p_t_d-77Yvxc.roa
Signing time:             Sun 01 Jan 2023 01:55:08 +0000
ROA not before:           Sun 01 Jan 2023 01:55:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        45.155.166.0/24 maxlen: 24
                          45.155.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 May 2023 05:04:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:0a:32:7e:fe:89:aa:96:e6:a4:02:ce:54:0e:af:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Jan  1 01:55:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c3035e83a7add4d2765bd29fedfddfbbed8bf17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:85:63:5f:8f:81:ce:05:28:43:bf:ed:a8:e5:
                    e2:7e:fe:84:5c:9e:7a:fe:91:c4:5b:a4:65:8a:9d:
                    99:b0:f6:fe:4d:1c:f6:bc:83:9a:fa:c5:4a:d5:37:
                    86:7e:b4:5f:ee:2a:4d:96:52:9d:18:2e:22:30:c0:
                    74:f3:1d:fb:93:a7:16:e5:9f:4d:83:6c:72:3c:15:
                    a3:60:6f:a0:2e:b4:b2:a1:f2:e1:02:a3:93:27:55:
                    c8:ed:d5:98:9d:af:f8:10:d3:e2:d0:d0:e2:9e:27:
                    c7:ab:55:a1:d3:7a:24:39:b1:2e:d1:e0:bf:13:10:
                    86:48:20:ad:6e:68:ac:96:2d:8f:25:e5:30:26:4d:
                    f3:dc:e6:5d:a4:60:e3:c3:38:b1:77:b0:e1:10:d6:
                    d8:94:04:4d:67:ab:2a:95:92:d6:fb:71:db:ac:d0:
                    9e:48:ec:b4:93:8e:0f:73:41:07:e9:c6:f4:85:c6:
                    ef:a1:b6:fb:9b:a8:2c:90:03:f7:1a:f4:dc:84:dc:
                    4a:54:e6:88:9b:61:64:48:d1:cd:f9:5a:9c:a9:7f:
                    5f:93:b7:a3:4f:86:b1:cd:12:bc:9a:c4:72:99:61:
                    ea:c3:fc:16:ae:4b:b2:ef:76:09:5e:98:96:c1:1d:
                    f3:f4:e6:5e:ff:ea:07:68:37:89:61:4f:88:54:9f:
                    ce:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:30:35:E8:3A:7A:DD:4D:27:65:BD:29:FE:DF:DD:FB:BE:D8:BF:17
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/HDA16Dp63U0nZb0p_t_d-77Yvxc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.166.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:7b:e6:dd:da:bd:8c:9b:c0:85:e7:18:d6:3c:00:c6:62:d0:
         e9:36:8f:5f:bb:ab:1f:6d:71:b1:c5:03:12:67:84:b7:81:ec:
         10:51:c5:85:11:53:4e:da:65:5b:3d:be:51:13:bf:9e:98:fd:
         a3:23:26:e2:67:95:8d:88:cb:ed:fb:cb:45:5b:71:50:50:f8:
         fb:2a:45:52:7d:26:8f:05:c6:fb:1b:b0:f8:9b:3f:0e:05:9a:
         b9:e1:e6:ca:4d:a9:bf:2c:f7:d3:6b:59:4b:35:07:6c:0b:48:
         e0:d4:c6:57:1a:24:8c:48:9c:36:ff:c9:01:f7:5f:5c:54:f3:
         e6:ed:cf:39:a3:12:91:d1:07:7f:69:47:63:5d:28:9e:87:39:
         20:3a:5a:8c:92:e9:95:99:4a:31:db:cd:eb:71:62:a9:ea:01:
         2f:6a:0b:2e:dc:ac:49:76:a2:3c:99:8a:fb:ee:1c:a9:db:ff:
         5d:9f:1e:13:fa:82:89:a3:8b:c7:cc:d0:da:50:2e:56:ec:d4:
         7a:56:2f:93:40:75:76:a2:cb:55:b6:3e:e0:2a:c4:f2:8e:11:
         11:6f:ec:3e:15:2a:8c:37:6c:22:48:55:bc:71:1c:4d:57:ad:
         f6:30:9c:ad:8c:f7:5f:1c:06:3a:17:e6:b5:de:63:90:e9:ab:
         aa:65:82:0c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVrCjJ+/omqluakAs5UDq/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwMTAxMDE1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMwMzVlODNhN2FkZDRkMjc2NWJkMjlmZWRmZGRmYmJlZDhiZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIVjX4+BzgUoQ7/tqOXifv6EXJ56
/pHEW6Rlip2ZsPb+TRz2vIOa+sVK1TeGfrRf7ipNllKdGC4iMMB08x37k6cW5Z9N
g2xyPBWjYG+gLrSyofLhAqOTJ1XI7dWYna/4ENPi0NDinifHq1Wh03okObEu0eC/
ExCGSCCtbmisli2PJeUwJk3z3OZdpGDjwzixd7DhENbYlARNZ6sqlZLW+3HbrNCe
SOy0k44Pc0EH6cb0hcbvobb7m6gskAP3GvTchNxKVOaIm2FkSNHN+VqcqX9fk7ej
T4axzRK8msRymWHqw/wWrkuy73YJXpiWwR3z9OZe/+oHaDeJYU+IVJ/OyQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBwwNeg6et1NJ2W9Kf7f3fu+2L8XMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL0hEQTE2RHA2M1UwblpiMHBfdF9kLTc3WXZ4Yy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtm6Yw
DQYJKoZIhvcNAQELBQADggEBACF75t3avYybwIXnGNY8AMZi0Ok2j1+7qx9tcbHF
AxJnhLeB7BBRxYURU07aZVs9vlETv56Y/aMjJuJnlY2Iy+37y0VbcVBQ+PsqRVJ9
Jo8FxvsbsPibPw4Fmrnh5spNqb8s99NrWUs1B2wLSODUxlcaJIxInDb/yQH3X1xU
8+btzzmjEpHRB39pR2NdKJ6HOSA6WoyS6ZWZSjHbzetxYqnqAS9qCy7crEl2ojyZ
ivvuHKnb/12fHhP6gomji8fM0NpQLlbs1HpWL5NAdXaiy1W2PuAqxPKOERFv7D4V
Kow3bCJIVbxxHE1XrfYwnK2M918cBjoX5rXeY5Dpq6plggw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:14 2024 by rpki-client on console-ams.rpki-client.org