Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/S8Bqg7pzbtPMhgHdnLZ4V1DhxFU.roa
File:                     S8Bqg7pzbtPMhgHdnLZ4V1DhxFU.roa (raw, json)
Hash identifier:          8TilCcgViiG6Gq/N8O/dyDa/yMbCUuoV2eyOcw/aAvY=
Subject key identifier:   4B:C0:6A:83:BA:73:6E:D3:CC:86:01:DD:9C:B6:78:57:50:E1:C4:55
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       01878E450AA3B7206C532226890DC88194D1
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/S8Bqg7pzbtPMhgHdnLZ4V1DhxFU.roa
Signing time:             Mon 17 Apr 2023 08:11:42 +0000
ROA not before:           Mon 17 Apr 2023 08:11:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212335
IP address blocks:        45.143.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8e:45:0a:a3:b7:20:6c:53:22:26:89:0d:c8:81:94:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Apr 17 08:11:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4bc06a83ba736ed3cc8601dd9cb6785750e1c455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b1:df:a8:49:9a:4a:4d:51:11:24:ef:e1:46:
                    04:c8:91:f1:a8:4d:73:81:db:f6:1f:9d:d2:42:5e:
                    d4:8a:02:c7:b5:db:4e:eb:9d:0e:69:87:c6:6a:82:
                    27:e1:b5:74:19:68:77:df:da:ca:9d:6d:d5:9a:62:
                    4f:a2:60:57:44:e8:dd:f4:2c:21:f5:48:38:dc:42:
                    3a:47:9a:d0:3a:c3:4f:de:42:79:fa:e3:67:55:fb:
                    4f:6f:1d:2f:68:89:86:a0:1e:b7:91:01:e5:4f:c1:
                    5f:f7:d8:5b:f4:c0:15:3a:4e:5d:50:a4:7a:02:f6:
                    81:e8:58:56:70:5c:88:4f:d2:a8:47:65:db:6f:23:
                    77:a2:43:61:da:31:30:fb:11:8e:80:d8:7e:23:bb:
                    00:3b:11:22:c4:49:b2:cc:02:9e:3a:8e:bd:c8:01:
                    1b:fb:f8:f3:ac:69:bb:ce:cb:17:e3:61:a1:34:31:
                    0a:b9:b4:14:cd:44:f3:4d:d4:39:68:6f:2f:d1:2b:
                    d3:75:2a:71:b1:56:8a:ce:8b:08:32:fe:bb:94:b0:
                    c1:30:f7:75:6d:b1:a5:80:51:36:2a:60:20:e3:dc:
                    6b:e7:10:04:0d:9a:07:b0:6a:4a:c9:b1:23:b4:0e:
                    ba:50:bf:82:4f:82:96:9c:4a:45:19:34:20:61:8e:
                    a0:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:C0:6A:83:BA:73:6E:D3:CC:86:01:DD:9C:B6:78:57:50:E1:C4:55
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/S8Bqg7pzbtPMhgHdnLZ4V1DhxFU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:66:55:59:eb:4f:4b:67:e2:61:80:05:a7:e5:82:e2:65:c6:
         c0:2b:65:da:97:88:b0:85:39:dc:4a:75:0f:a2:d6:04:c5:5e:
         10:f2:0c:42:51:0c:64:aa:10:95:8c:cd:6e:27:70:71:17:08:
         80:46:05:4b:33:b9:e2:dd:30:c4:91:0f:bf:1d:4d:98:31:69:
         16:53:7e:75:b2:03:71:ef:50:6c:52:0f:67:46:e6:5c:aa:6c:
         b5:0b:3e:52:d3:9f:2f:d8:60:73:87:5a:04:14:4a:cd:09:d0:
         c4:6d:dd:6d:6f:76:4f:55:43:f2:82:af:8a:e5:74:8c:9b:ca:
         31:65:4d:15:fe:4a:fe:e9:29:d2:d6:63:59:41:09:f1:16:51:
         17:12:85:87:94:4d:7a:1f:9a:68:19:3d:38:2d:67:a9:e8:00:
         18:41:85:b0:14:f2:0d:09:ea:1e:47:16:0a:b0:17:b7:09:29:
         51:7f:e7:0c:85:37:a4:09:de:2d:a6:a8:90:92:ec:01:5c:d0:
         7e:ba:99:f0:3f:4d:97:05:92:3e:78:be:1b:e0:97:77:84:16:
         55:b6:fd:4d:8c:f6:ee:29:4a:20:c4:a4:b6:cb:30:e8:20:b5:
         95:d8:1d:55:38:bd:2e:16:c7:03:28:9e:bc:11:42:7a:eb:e2:
         3b:40:6e:18
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYeORQqjtyBsUyImiQ3IgZTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwNDE3MDgxMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmMwNmE4M2JhNzM2ZWQzY2M4NjAxZGQ5Y2I2Nzg1NzUwZTFjNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbHfqEmaSk1RESTv4UYEyJHxqE1z
gdv2H53SQl7UigLHtdtO650OaYfGaoIn4bV0GWh339rKnW3VmmJPomBXROjd9Cwh
9Ug43EI6R5rQOsNP3kJ5+uNnVftPbx0vaImGoB63kQHlT8Ff99hb9MAVOk5dUKR6
AvaB6FhWcFyIT9KoR2XbbyN3okNh2jEw+xGOgNh+I7sAOxEixEmyzAKeOo69yAEb
+/jzrGm7zssX42GhNDEKubQUzUTzTdQ5aG8v0SvTdSpxsVaKzosIMv67lLDBMPd1
bbGlgFE2KmAg49xr5xAEDZoHsGpKybEjtA66UL+CT4KWnEpFGTQgYY6gIwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEvAaoO6c27TzIYB3Zy2eFdQ4cRVMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL1M4QnFnN3B6YnRQTWhnSGRuTFo0VjFEaHhGVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtjwcw
DQYJKoZIhvcNAQELBQADggEBAHVmVVnrT0tn4mGABaflguJlxsArZdqXiLCFOdxK
dQ+i1gTFXhDyDEJRDGSqEJWMzW4ncHEXCIBGBUszueLdMMSRD78dTZgxaRZTfnWy
A3HvUGxSD2dG5lyqbLULPlLTny/YYHOHWgQUSs0J0MRt3W1vdk9VQ/KCr4rldIyb
yjFlTRX+Sv7pKdLWY1lBCfEWURcShYeUTXofmmgZPTgtZ6noABhBhbAU8g0J6h5H
FgqwF7cJKVF/5wyFN6QJ3i2mqJCS7AFc0H66mfA/TZcFkj54vhvgl3eEFlW2/U2M
9u4pSiDEpLbLMOggtZXYHVU4vS4WxwMonrwRQnrr4jtAbhg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org