Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HgTKmUsm-QSWZLsrkQZoiGHIjHc.roa
File:                     HgTKmUsm-QSWZLsrkQZoiGHIjHc.roa (raw, json)
Hash identifier:          TnE3HFH+02NJNV84QWbmQYEnCxKUGqg14gP5SZru5PU=
Subject key identifier:   1E:04:CA:99:4B:26:F9:04:96:64:BB:2B:91:06:68:88:61:C8:8C:77
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018C68E0FD3D58DCD239B4054D82095CD014
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HgTKmUsm-QSWZLsrkQZoiGHIjHc.roa
Signing time:             Thu 14 Dec 2023 15:10:24 +0000
ROA not before:           Thu 14 Dec 2023 15:10:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204841
IP address blocks:        45.12.252.0/24 maxlen: 24
                          2a0e:97c0:d30::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:68:e0:fd:3d:58:dc:d2:39:b4:05:4d:82:09:5c:d0:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 14 15:10:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e04ca994b26f9049664bb2b9106688861c88c77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:2a:d1:8f:51:bd:d1:45:bf:cb:e4:85:07:a1:
                    bb:74:6b:3f:4c:4c:65:7b:fa:a8:99:70:09:db:c9:
                    02:cb:55:dd:b9:65:55:33:be:b4:e0:86:bb:44:86:
                    b7:37:52:c4:fc:4b:50:e0:55:08:3c:a4:72:7e:28:
                    a7:a0:09:6e:39:db:74:1e:bf:77:42:d8:ea:88:a2:
                    c2:8d:02:83:a2:89:be:21:af:c9:75:59:ca:35:d4:
                    15:02:88:42:9b:54:ca:45:f1:71:ea:16:8e:88:03:
                    77:b8:81:8b:34:88:fe:e1:9b:b9:0d:d4:40:17:5e:
                    6f:d4:78:bd:4c:c0:42:54:80:b6:e3:c1:6d:02:62:
                    8f:75:62:67:98:9c:52:5e:c3:2e:5e:85:6d:46:2c:
                    3d:68:93:fb:5c:1b:c1:ab:cf:8c:33:34:db:8e:f9:
                    00:d4:51:29:61:97:bc:97:8c:b8:a7:e5:e6:92:3a:
                    58:13:d5:14:34:e6:ed:12:3b:bb:4d:1f:ea:33:91:
                    f4:a9:25:fb:67:ef:8e:5f:17:5e:a1:b8:28:55:54:
                    a2:58:a7:b6:d0:a0:89:04:33:1c:7f:81:24:07:ff:
                    e7:bd:3d:8d:28:0b:33:74:d5:69:39:62:5c:1b:63:
                    c8:9d:4d:75:a1:71:53:12:56:a3:09:c8:4c:51:55:
                    ce:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:04:CA:99:4B:26:F9:04:96:64:BB:2B:91:06:68:88:61:C8:8C:77
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HgTKmUsm-QSWZLsrkQZoiGHIjHc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.252.0/24
                IPv6:
                  2a0e:97c0:d30::/44

    Signature Algorithm: sha256WithRSAEncryption
         5b:70:4a:e7:b2:5f:6f:c9:82:98:92:19:5a:e9:de:e5:fe:b7:
         5b:57:5e:7c:0c:29:9a:bc:c4:6d:82:3c:48:2b:ef:80:e2:5f:
         4d:ab:ee:db:35:f0:89:5e:09:32:3d:fb:90:95:cc:66:36:ee:
         60:47:96:18:e2:18:19:84:ac:88:fc:04:33:02:fd:d5:ee:9e:
         1d:fc:56:3d:1d:11:7e:3d:e4:59:73:b9:a7:0a:d9:c7:5f:d4:
         28:58:a7:2d:cb:76:89:9e:db:fd:30:90:8b:6f:9c:e8:05:95:
         7c:69:3f:91:92:a5:bd:22:2c:2a:22:eb:0a:f9:83:fe:49:34:
         45:01:b9:85:4d:82:86:75:99:31:82:91:de:73:9c:73:4f:5f:
         31:6f:e5:9d:b2:d8:e2:20:43:6e:89:1d:77:21:78:82:26:58:
         e3:df:1a:61:69:6b:79:eb:b8:8c:29:69:a5:d9:d6:38:5e:26:
         35:69:ab:51:f0:d6:64:89:76:7b:c0:f9:78:13:1f:b6:81:18:
         fb:6f:10:2d:fe:fe:a6:0d:b2:48:ea:4e:6f:13:e2:7d:07:8b:
         a1:25:75:23:c4:98:48:6e:9d:43:59:af:ab:f8:53:12:cb:b9:
         7f:1f:1e:b2:80:fa:e2:f2:e7:cb:22:9d:26:c9:a0:3a:6d:f8:
         70:ef:8c:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxo4P09WNzSObQFTYIJXNAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjE0MTUxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA0Y2E5OTRiMjZmOTA0OTY2NGJiMmI5MTA2Njg4ODYxYzg4Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjirRj1G90UW/y+SFB6G7dGs/TExl
e/qomXAJ28kCy1XduWVVM7604Ia7RIa3N1LE/EtQ4FUIPKRyfiinoAluOdt0Hr93
QtjqiKLCjQKDoom+Ia/JdVnKNdQVAohCm1TKRfFx6haOiAN3uIGLNIj+4Zu5DdRA
F15v1Hi9TMBCVIC248FtAmKPdWJnmJxSXsMuXoVtRiw9aJP7XBvBq8+MMzTbjvkA
1FEpYZe8l4y4p+XmkjpYE9UUNObtEju7TR/qM5H0qSX7Z++OXxdeobgoVVSiWKe2
0KCJBDMcf4EkB//nvT2NKAszdNVpOWJcG2PInU11oXFTElajCchMUVXOVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB4EyplLJvkElmS7K5EGaIhhyIx3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSGdUS21Vc20tUVNXWkxzcmtRWm9pR0hJakhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQz8MA8E
AgACMAkDBwQqDpfADTAwDQYJKoZIhvcNAQELBQADggEBAFtwSueyX2/JgpiSGVrp
3uX+t1tXXnwMKZq8xG2CPEgr74DiX02r7ts18IleCTI9+5CVzGY27mBHlhjiGBmE
rIj8BDMC/dXunh38Vj0dEX495FlzuacK2cdf1ChYpy3Ldome2/0wkItvnOgFlXxp
P5GSpb0iLCoi6wr5g/5JNEUBuYVNgoZ1mTGCkd5znHNPXzFv5Z2y2OIgQ26JHXch
eIImWOPfGmFpa3nruIwpaaXZ1jheJjVpq1Hw1mSJdnvA+XgTH7aBGPtvEC3+/qYN
skjqTm8T4n0Hi6EldSPEmEhunUNZr6v4UxLLuX8fHrKA+uLy58sinSbJoDpt+HDv
jFU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org