Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/ytrh1pVcYQLres5FG7F-n9xEy0A.roa
File:                     ytrh1pVcYQLres5FG7F-n9xEy0A.roa (raw, json)
Hash identifier:          mU18SDIb+zQuuQLQJprefuo5SJMD9cMY4xXVnBndmiE=
Subject key identifier:   CA:DA:E1:D6:95:5C:61:02:EB:7A:CE:45:1B:B1:7E:9F:DC:44:CB:40
Certificate issuer:       /CN=e8d062a969d2142bb8506a571180b45bd0fab934
Certificate serial:       01856F3919BAC52B904BC4E26E90C63C35AF
Authority key identifier: E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/ytrh1pVcYQLres5FG7F-n9xEy0A.roa
Signing time:             Sun 01 Jan 2023 21:24:51 +0000
ROA not before:           Sun 01 Jan 2023 21:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42521
IP address blocks:        45.150.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:19:ba:c5:2b:90:4b:c4:e2:6e:90:c6:3c:35:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8d062a969d2142bb8506a571180b45bd0fab934
        Validity
            Not Before: Jan  1 21:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cadae1d6955c6102eb7ace451bb17e9fdc44cb40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:ef:5e:ba:6a:52:73:cc:75:22:78:f7:cf:2d:
                    82:2b:c4:03:ea:69:af:a7:13:5d:a7:9b:77:03:2c:
                    b8:03:bb:8e:3a:b7:4c:1e:81:f7:f2:8a:75:31:d8:
                    01:b2:60:b8:19:72:2d:9b:7c:c4:33:1b:84:6a:be:
                    39:a4:23:9d:5d:28:4b:c1:35:a4:15:5d:cc:cd:b5:
                    d3:7b:04:88:45:57:ea:00:2c:57:41:29:42:15:2e:
                    2f:7a:4e:7c:ce:fa:67:e1:53:8c:8d:4f:fb:33:50:
                    ed:82:3b:88:90:b3:1c:1b:4e:70:70:c3:43:34:30:
                    1a:ab:dd:7c:8d:b4:da:bd:66:69:a3:72:6e:43:7f:
                    fb:16:09:1e:f8:fa:c1:9e:d0:b2:95:6e:9b:ee:bc:
                    e4:9f:2e:60:0e:4a:5b:9f:2e:48:c6:59:21:6c:d0:
                    ff:cc:98:a7:69:0a:5d:0a:7e:e8:50:42:c5:c8:6f:
                    e8:f5:51:42:e8:a0:ed:4c:cf:0a:19:c3:56:5d:94:
                    17:b0:a7:b6:fa:ee:6a:76:95:5a:da:80:9c:68:1b:
                    d6:3c:2d:98:5a:35:52:1c:82:5d:e6:c2:c1:a2:ab:
                    ba:10:a2:9c:31:14:0f:6b:e2:01:8a:c8:56:ef:86:
                    41:a6:9c:ec:89:a6:1a:fa:7a:d6:80:7a:fc:3a:0f:
                    da:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:DA:E1:D6:95:5C:61:02:EB:7A:CE:45:1B:B1:7E:9F:DC:44:CB:40
            X509v3 Authority Key Identifier:
                keyid:E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/ytrh1pVcYQLres5FG7F-n9xEy0A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:ec:64:ad:92:2c:bb:95:b1:3d:e4:19:86:d1:e2:c7:cb:61:
         6f:3f:83:08:78:f1:a6:4a:f0:f8:6d:76:0c:d2:bc:a4:c7:02:
         62:72:bb:0c:01:e3:3e:55:da:b5:1f:af:46:05:02:de:c2:3f:
         46:69:cf:e7:f5:f0:aa:15:da:73:03:4a:1c:df:1c:22:c8:d6:
         b7:06:26:9d:32:2d:76:84:0c:e4:62:79:71:84:75:a2:70:a9:
         44:13:1c:64:94:a7:e9:40:ea:11:f2:28:2d:c0:7c:09:ad:d2:
         05:c3:02:6e:1b:0b:dc:f1:8d:fc:4b:5c:49:a4:ca:c3:b4:dc:
         95:c2:5f:a0:9b:06:05:f5:48:94:39:dd:96:d1:b3:8a:61:db:
         f2:75:ed:75:b7:21:c4:48:76:e8:5b:b7:66:87:68:41:b3:04:
         83:7d:9e:e0:2b:86:0c:c5:79:b1:3d:c1:c9:7d:a8:a3:bf:78:
         80:9d:29:02:45:f9:90:59:aa:83:70:2a:77:39:34:78:87:2f:
         38:db:2c:37:99:9b:43:d5:f1:44:1a:b6:69:7f:6e:a3:d4:4b:
         f6:b9:25:91:38:d1:59:cf:24:e7:75:5c:70:11:72:8e:04:51:
         e9:67:56:45:6e:f6:14:37:63:ba:ed:a3:3c:54:f0:46:35:6d:
         66:de:09:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvORm6xSuQS8TibpDGPDWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZDA2MmE5NjlkMjE0MmJiODUwNmE1NzExODBiNDViZDBm
YWI5MzQwHhcNMjMwMTAxMjEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWRhZTFkNjk1NWM2MTAyZWI3YWNlNDUxYmIxN2U5ZmRjNDRjYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0e9eumpSc8x1Inj3zy2CK8QD6mmv
pxNdp5t3Ayy4A7uOOrdMHoH38op1MdgBsmC4GXItm3zEMxuEar45pCOdXShLwTWk
FV3MzbXTewSIRVfqACxXQSlCFS4vek58zvpn4VOMjU/7M1DtgjuIkLMcG05wcMND
NDAaq918jbTavWZpo3JuQ3/7Fgke+PrBntCylW6b7rzkny5gDkpbny5IxlkhbND/
zJinaQpdCn7oUELFyG/o9VFC6KDtTM8KGcNWXZQXsKe2+u5qdpVa2oCcaBvWPC2Y
WjVSHIJd5sLBoqu6EKKcMRQPa+IBishW74ZBppzsiaYa+nrWgHr8Og/a3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMra4daVXGEC63rORRuxfp/cRMtAMB8GA1UdIwQY
MBaAFOjQYqlp0hQruFBqVxGAtFvQ+rk0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk5CaXFXblNGQ3U0VUdwWEVZQzBXOUQ2dVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hOTkxNmEtMTNiZi00NzcwLThlNDQt
NThiNmE1Nzg0YWI3LzEveXRyaDFwVmNZUUxyZXM1Rkc3Ri1uOXhFeTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hOTkxNmEtMTNiZi00NzcwLThlNDQtNThiNmE1Nzg0YWI3
LzEvNk5CaXFXblNGQ3U0VUdwWEVZQzBXOUQ2dVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZbOMA0G
CSqGSIb3DQEBCwUAA4IBAQA37GStkiy7lbE95BmG0eLHy2FvP4MIePGmSvD4bXYM
0rykxwJicrsMAeM+Vdq1H69GBQLewj9Gac/n9fCqFdpzA0oc3xwiyNa3BiadMi12
hAzkYnlxhHWicKlEExxklKfpQOoR8igtwHwJrdIFwwJuGwvc8Y38S1xJpMrDtNyV
wl+gmwYF9UiUOd2W0bOKYdvyde11tyHESHboW7dmh2hBswSDfZ7gK4YMxXmxPcHJ
faijv3iAnSkCRfmQWaqDcCp3OTR4hy842yw3mZtD1fFEGrZpf26j1Ev2uSWRONFZ
zyTndVxwEXKOBFHpZ1ZFbvYUN2O67aM8VPBGNW1m3gmT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:04 2024 by rpki-client on console-fra.rpki-client.org