Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/r_yzYOvcYTDS0QbZeZc71RoP9TE.roa
File:                     r_yzYOvcYTDS0QbZeZc71RoP9TE.roa (raw, json)
Hash identifier:          0tm/8MS9WpWVG2IG+OoJ9PLvdrryfQlfQwIquE+p7kQ=
Subject key identifier:   AF:FC:B3:60:EB:DC:61:30:D2:D1:06:D9:79:97:3B:D5:1A:0F:F5:31
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       0188B6772C1D84B357883CE95C76F1FD1BF5
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/r_yzYOvcYTDS0QbZeZc71RoP9TE.roa
Signing time:             Tue 13 Jun 2023 20:34:03 +0000
ROA not before:           Tue 13 Jun 2023 20:34:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57097
IP address blocks:        45.155.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 28 Jul 2023 10:40:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b6:77:2c:1d:84:b3:57:88:3c:e9:5c:76:f1:fd:1b:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Jun 13 20:34:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=affcb360ebdc6130d2d106d979973bd51a0ff531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:b8:7f:3d:99:a8:f4:3a:69:9a:1d:ed:f6:85:
                    35:35:c0:44:92:57:6b:84:d4:eb:bc:94:0b:c9:1a:
                    71:1c:13:7e:7b:c9:92:95:1d:f0:16:47:cd:55:c1:
                    c4:35:7a:7c:9a:71:41:6a:7f:29:7b:4a:bc:c5:30:
                    04:12:0c:c4:52:48:f6:27:2a:13:8d:4a:51:79:2c:
                    b0:5d:13:1a:b8:ed:b8:27:c1:f4:ca:26:37:ed:67:
                    0c:66:69:b0:f1:ca:b7:bc:7a:7c:24:9a:39:df:54:
                    e2:d0:a6:3d:c0:5d:8a:0e:c2:1a:e6:9a:a8:10:b3:
                    57:cf:bf:a3:85:61:7a:0b:c9:2f:e9:d7:bd:2f:a0:
                    65:e6:66:c0:3a:48:b2:d4:33:95:1d:26:48:3a:b3:
                    97:d9:cc:80:2f:a2:3c:df:b9:75:aa:0c:eb:86:35:
                    87:0d:eb:2c:08:47:16:c7:45:04:8a:b8:d5:48:34:
                    fc:75:bf:17:ea:52:4c:cb:76:3c:aa:89:b1:29:91:
                    c9:c8:fc:be:9a:ea:a0:90:0a:99:9c:9d:1c:ff:6f:
                    54:b7:78:45:b9:14:d8:39:7b:b6:63:7d:92:5c:99:
                    e4:6e:5d:70:74:b4:b1:50:80:da:1e:3b:02:85:7b:
                    3d:eb:19:63:69:31:23:53:5f:3d:30:52:4b:20:9d:
                    14:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:FC:B3:60:EB:DC:61:30:D2:D1:06:D9:79:97:3B:D5:1A:0F:F5:31
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/r_yzYOvcYTDS0QbZeZc71RoP9TE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:7a:10:21:a1:d7:14:f9:03:96:69:4c:a7:1c:40:e6:81:d1:
         44:0a:26:24:c8:da:14:4d:54:39:71:6f:72:a5:0f:12:b3:7b:
         5c:83:f2:6d:d6:5d:52:66:81:f9:b4:01:88:12:05:5f:8b:a1:
         92:82:9f:69:09:f7:9e:e4:06:1f:6e:d8:d7:dd:b1:8c:f8:40:
         2a:44:d7:6b:e8:ca:6b:dc:a4:0e:a0:8c:be:24:64:68:22:f5:
         de:7a:63:d7:2a:f8:7c:20:b8:0e:8c:3c:7f:b5:ca:2c:7d:73:
         3e:ee:c8:5c:19:55:88:3c:60:d1:c7:ba:03:0f:fb:3c:44:db:
         0f:8d:ed:72:5a:c8:f8:c1:92:96:c9:97:9a:17:90:a3:79:66:
         ca:2d:b0:ff:9f:2a:31:77:de:8d:b9:dc:d7:4c:77:81:dd:5e:
         e5:f0:81:31:cc:3f:4c:2f:5b:14:0b:c4:67:44:c7:9d:43:cd:
         7f:35:23:93:2a:b3:60:a2:50:71:22:2e:f7:b1:fc:ba:65:d3:
         f1:f7:04:d4:77:18:0f:56:6f:26:be:f8:78:88:57:36:19:ca:
         67:ed:78:b4:73:6d:7c:78:6a:b5:ec:5a:f7:74:dd:a0:93:31:
         dd:fe:23:7a:0e:22:13:2a:39:41:29:cc:3c:94:4b:c6:2c:87:
         cd:40:d6:dd
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYi2dywdhLNXiDzpXHbx/Rv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwNjEzMjAzNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmZjYjM2MGViZGM2MTMwZDJkMTA2ZDk3OTk3M2JkNTFhMGZmNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbh/PZmo9Dppmh3t9oU1NcBEkldr
hNTrvJQLyRpxHBN+e8mSlR3wFkfNVcHENXp8mnFBan8pe0q8xTAEEgzEUkj2JyoT
jUpReSywXRMauO24J8H0yiY37WcMZmmw8cq3vHp8JJo531Ti0KY9wF2KDsIa5pqo
ELNXz7+jhWF6C8kv6de9L6Bl5mbAOkiy1DOVHSZIOrOX2cyAL6I837l1qgzrhjWH
DessCEcWx0UEirjVSDT8db8X6lJMy3Y8qomxKZHJyPy+muqgkAqZnJ0c/29Ut3hF
uRTYOXu2Y32SXJnkbl1wdLSxUIDaHjsChXs96xljaTEjU189MFJLIJ0UHwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK/8s2Dr3GEw0tEG2XmXO9UaD/UxMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL3JfeXpZT3ZjWVREUzBRYlplWmM3MVJvUDlURS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtm6Yw
DQYJKoZIhvcNAQELBQADggEBAHB6ECGh1xT5A5ZpTKccQOaB0UQKJiTI2hRNVDlx
b3KlDxKze1yD8m3WXVJmgfm0AYgSBV+LoZKCn2kJ957kBh9u2NfdsYz4QCpE12vo
ymvcpA6gjL4kZGgi9d56Y9cq+HwguA6MPH+1yix9cz7uyFwZVYg8YNHHugMP+zxE
2w+N7XJayPjBkpbJl5oXkKN5ZsotsP+fKjF33o253NdMd4HdXuXwgTHMP0wvWxQL
xGdEx51DzX81I5Mqs2CiUHEiLvex/Lpl0/H3BNR3GA9Wbya++HiIVzYZymfteLRz
bXx4arXsWvd03aCTMd3+I3oOIhMqOUEpzDyUS8Ysh81A1t0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:15 2024 by rpki-client on console-ams.rpki-client.org