Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/gGdEsgjZwjrzoRl1KVcGZxNdS2s.roa
File:                     gGdEsgjZwjrzoRl1KVcGZxNdS2s.roa (raw, json)
Hash identifier:          55CWT4v+90H6HK9rCGFnKd64hClqkBU1bTesKew1wug=
Subject key identifier:   80:67:44:B2:08:D9:C2:3A:F3:A1:19:75:29:57:06:67:13:5D:4B:6B
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       018606F24CDA9FA624CAFE32C090A2FCBBA5
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/gGdEsgjZwjrzoRl1KVcGZxNdS2s.roa
Signing time:             Tue 31 Jan 2023 08:29:47 +0000
ROA not before:           Tue 31 Jan 2023 08:29:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59651
IP address blocks:        45.155.165.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Feb 2023 05:40:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:06:f2:4c:da:9f:a6:24:ca:fe:32:c0:90:a2:fc:bb:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Jan 31 08:29:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=806744b208d9c23af3a1197529570667135d4b6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:81:47:0b:b6:1e:9a:3d:14:ae:ed:da:0b:3b:
                    07:b9:69:ad:77:ad:59:8b:4c:50:87:5c:f3:ae:d2:
                    88:bb:73:ef:c8:2d:91:aa:7f:db:a6:36:5d:e1:7a:
                    10:4c:68:22:84:71:56:30:89:4b:70:29:09:ce:d1:
                    05:8c:03:6f:ce:03:34:de:b5:1c:da:d7:17:2d:9e:
                    1f:a1:3f:54:a4:75:59:8c:80:4f:51:e5:14:60:3a:
                    5a:87:01:d5:e0:2b:61:8a:de:7e:73:3a:4e:47:06:
                    df:03:57:b1:74:83:72:89:9c:96:c8:93:01:75:5a:
                    22:f9:db:47:73:30:a6:5a:44:a8:b2:c3:0c:91:e3:
                    f9:5c:89:7a:66:9c:5f:40:f5:0f:dd:66:66:70:c5:
                    f4:71:63:ba:00:10:a2:7e:ac:d3:e6:89:e1:59:b0:
                    2d:d6:ab:51:ef:f8:2f:0a:c5:cb:f3:e3:66:00:7a:
                    79:64:c7:b8:7b:9b:c5:7c:b5:c6:90:43:74:b0:f6:
                    48:89:b4:d3:a4:0b:29:3e:82:70:a2:34:aa:08:9c:
                    c4:a3:fb:11:28:3a:8e:80:82:3f:3a:1d:8e:9e:9f:
                    37:1e:97:2b:d7:af:f6:05:dc:eb:4a:5e:09:28:68:
                    2b:e3:7b:ba:17:97:b5:d1:4c:2e:41:66:30:50:64:
                    1e:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:67:44:B2:08:D9:C2:3A:F3:A1:19:75:29:57:06:67:13:5D:4B:6B
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/gGdEsgjZwjrzoRl1KVcGZxNdS2s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:ea:3a:38:20:df:fc:2b:43:43:5c:87:6d:b8:40:6d:13:5c:
         1a:fa:91:a2:1e:ce:78:df:09:57:4f:5a:55:ba:91:35:19:f0:
         bf:c9:49:33:39:34:1b:b2:a6:fb:a7:66:81:e0:68:b2:5c:fc:
         07:29:12:28:49:27:a2:fe:73:2e:c0:9b:23:4d:29:a8:7f:b4:
         15:90:7a:4f:6e:1d:9a:76:b2:9a:cf:8c:0e:9b:b3:96:32:2e:
         c9:c9:05:f8:5f:85:bd:c4:4f:9c:f1:ea:ae:05:f9:04:67:87:
         a2:22:0c:55:e4:50:6b:82:b2:a4:17:ff:d7:ce:73:41:8d:f4:
         a7:35:fb:03:c4:42:99:d6:6d:d7:53:e9:bc:1b:fa:a9:d5:3c:
         31:fb:13:d7:57:e8:94:b0:76:72:74:45:78:5c:b1:e5:a8:3d:
         96:e3:df:ac:3b:4e:90:ee:24:f0:d6:58:ef:9c:1b:8e:f0:64:
         81:4c:1a:88:e1:5d:c7:89:2e:d3:6a:e8:9c:15:57:51:84:dd:
         fa:08:23:54:9c:07:18:5a:fe:cf:43:7e:92:b5:e0:be:b7:e6:
         4d:71:c0:80:f7:37:a0:0d:a6:1d:2d:04:ad:7f:4a:fc:ae:f8:
         a8:e9:11:14:38:67:b9:06:5d:b7:31:5e:66:a6:9f:12:8f:4f:
         68:4a:47:9e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYYG8kzan6Ykyv4ywJCi/LulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwMTMxMDgyOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY3NDRiMjA4ZDljMjNhZjNhMTE5NzUyOTU3MDY2NzEzNWQ0YjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4FHC7Yemj0Uru3aCzsHuWmtd61Z
i0xQh1zzrtKIu3PvyC2Rqn/bpjZd4XoQTGgihHFWMIlLcCkJztEFjANvzgM03rUc
2tcXLZ4foT9UpHVZjIBPUeUUYDpahwHV4Cthit5+czpORwbfA1exdINyiZyWyJMB
dVoi+dtHczCmWkSossMMkeP5XIl6ZpxfQPUP3WZmcMX0cWO6ABCifqzT5onhWbAt
1qtR7/gvCsXL8+NmAHp5ZMe4e5vFfLXGkEN0sPZIibTTpAspPoJwojSqCJzEo/sR
KDqOgII/Oh2Onp83Hpcr16/2BdzrSl4JKGgr43u6F5e10UwuQWYwUGQePQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIBnRLII2cI686EZdSlXBmcTXUtrMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL2dHZEVzZ2pad2pyem9SbDFLVmNHWnhOZFMycy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtm6Uw
DQYJKoZIhvcNAQELBQADggEBAC7qOjgg3/wrQ0Nch224QG0TXBr6kaIeznjfCVdP
WlW6kTUZ8L/JSTM5NBuypvunZoHgaLJc/AcpEihJJ6L+cy7AmyNNKah/tBWQek9u
HZp2sprPjA6bs5YyLsnJBfhfhb3ET5zx6q4F+QRnh6IiDFXkUGuCsqQX/9fOc0GN
9Kc1+wPEQpnWbddT6bwb+qnVPDH7E9dX6JSwdnJ0RXhcseWoPZbj36w7TpDuJPDW
WO+cG47wZIFMGojhXceJLtNq6JwVV1GE3foII1ScBxha/s9DfpK14L635k1xwID3
N6ANph0tBK1/Svyu+KjpERQ4Z7kGXbcxXmamnxKPT2hKR54=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:15 2024 by rpki-client on console-ams.rpki-client.org