Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/suULw5bwoi-k02zh8ipaPiSNB2Y.roa
File:                     suULw5bwoi-k02zh8ipaPiSNB2Y.roa (raw, json)
Hash identifier:          7a10ZEUJB1C5S6ro0yndQLrDuBFgl2x3L6inipA4WSQ=
Subject key identifier:   B2:E5:0B:C3:96:F0:A2:2F:A4:D3:6C:E1:F2:2A:5A:3E:24:8D:07:66
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       018DEFBFEAAAB1BC788A34E54C7406F189AD
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/suULw5bwoi-k02zh8ipaPiSNB2Y.roa
Signing time:             Wed 28 Feb 2024 12:45:48 +0000
ROA not before:           Wed 28 Feb 2024 12:45:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     25369
IP address blocks:        45.150.32.0/23 maxlen: 23
                          45.150.34.0/23 maxlen: 23
                          104.239.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 10:13:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ef:bf:ea:aa:b1:bc:78:8a:34:e5:4c:74:06:f1:89:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Feb 28 12:45:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b2e50bc396f0a22fa4d36ce1f22a5a3e248d0766
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:cf:ea:6f:84:70:cd:63:e7:e5:34:94:f6:91:
                    0b:9c:ad:10:5b:2b:db:cf:eb:a2:c9:26:8a:31:62:
                    cc:00:97:82:11:ee:79:73:ea:34:87:a3:50:08:7c:
                    ac:44:40:29:b8:76:33:46:5f:d9:b2:b9:eb:37:44:
                    36:2b:db:df:b4:1d:b1:df:2a:60:b4:2b:38:fa:96:
                    d0:43:06:ba:47:07:20:ee:10:a0:4c:76:7f:d8:90:
                    a4:88:45:4b:71:03:16:48:e8:c2:f5:10:3d:6d:70:
                    38:ed:dc:e2:50:cb:c9:1e:26:61:cb:98:f2:86:b2:
                    0e:25:02:a4:4f:5c:1a:3c:6c:a8:9f:2e:7f:d5:f0:
                    51:c1:fd:21:c4:85:62:ba:55:2b:52:c7:02:f2:e8:
                    03:e8:f3:c0:e0:35:6d:90:43:10:67:d4:2e:3e:f8:
                    96:6f:98:e2:08:70:e5:34:59:2e:fe:88:5c:57:23:
                    8e:70:dc:41:a3:16:bc:a9:88:db:78:90:b2:31:90:
                    df:11:f0:e6:97:90:b4:90:c1:d7:6f:6f:98:66:16:
                    b9:b3:85:4d:ee:ba:d3:45:44:a0:9f:64:6d:cc:4e:
                    6b:69:e7:f7:e6:1a:57:d3:96:1b:d8:54:e2:6c:b4:
                    7d:32:48:8b:29:8b:f9:90:63:b9:fc:40:8c:33:ab:
                    a7:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:E5:0B:C3:96:F0:A2:2F:A4:D3:6C:E1:F2:2A:5A:3E:24:8D:07:66
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/suULw5bwoi-k02zh8ipaPiSNB2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.32.0/22
                  104.239.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:b5:33:94:59:c4:c7:44:e1:c3:27:18:07:e8:21:1a:86:80:
         10:45:20:4c:c1:ef:bd:73:42:1f:b4:db:8b:1d:5f:05:13:e0:
         3f:e6:ab:26:bb:6f:e3:c5:50:74:58:02:ce:38:6d:37:12:3b:
         9a:d8:84:02:2e:ec:5d:29:7a:c0:84:40:cd:b2:19:fe:c0:e3:
         3a:c4:f7:b8:55:c3:b7:8c:02:32:54:d6:7c:09:2b:2d:13:0c:
         78:13:6c:ff:79:2b:62:f5:22:97:22:17:8e:53:b8:99:d3:85:
         8b:07:06:01:c8:7a:e6:ee:f3:f6:f4:03:78:84:00:52:a3:bb:
         c2:f2:4d:cb:66:15:02:ad:77:7c:45:c0:34:e2:15:dd:ef:fc:
         01:e6:0a:ae:e9:60:66:a9:9e:3c:9e:6d:ca:d4:f1:2d:40:78:
         ba:41:af:7f:a7:3a:a3:3d:47:16:e3:87:bf:c6:e1:56:a0:e8:
         31:f5:f6:b2:e3:c5:2b:4e:03:67:f0:f1:de:83:d8:2c:49:f3:
         a3:d0:0e:bf:cd:2d:89:61:e2:ec:69:55:c5:77:f6:70:36:c0:
         69:45:15:54:b1:9b:4b:81:36:98:3a:a9:d2:dc:9b:0a:3c:f7:
         63:09:9c:60:3c:a7:65:26:f2:c7:2a:a1:1b:92:81:ad:83:80:
         21:4d:92:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3vv+qqsbx4ijTlTHQG8YmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMjI4MTI0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmU1MGJjMzk2ZjBhMjJmYTRkMzZjZTFmMjJhNWEzZTI0OGQwNzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc/qb4RwzWPn5TSU9pELnK0QWyvb
z+uiySaKMWLMAJeCEe55c+o0h6NQCHysREApuHYzRl/ZsrnrN0Q2K9vftB2x3ypg
tCs4+pbQQwa6Rwcg7hCgTHZ/2JCkiEVLcQMWSOjC9RA9bXA47dziUMvJHiZhy5jy
hrIOJQKkT1waPGyony5/1fBRwf0hxIViulUrUscC8ugD6PPA4DVtkEMQZ9QuPviW
b5jiCHDlNFku/ohcVyOOcNxBoxa8qYjbeJCyMZDfEfDml5C0kMHXb2+YZha5s4VN
7rrTRUSgn2RtzE5raef35hpX05Yb2FTibLR9MkiLKYv5kGO5/ECMM6unDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLLlC8OW8KIvpNNs4fIqWj4kjQdmMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvc3VVTHc1YndvaS1rMDJ6aDhpcGFQaVNOQjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZYgAwQA
aO8vMA0GCSqGSIb3DQEBCwUAA4IBAQBNtTOUWcTHROHDJxgH6CEahoAQRSBMwe+9
c0IftNuLHV8FE+A/5qsmu2/jxVB0WALOOG03Ejua2IQCLuxdKXrAhEDNshn+wOM6
xPe4VcO3jAIyVNZ8CSstEwx4E2z/eSti9SKXIheOU7iZ04WLBwYByHrm7vP29AN4
hABSo7vC8k3LZhUCrXd8RcA04hXd7/wB5gqu6WBmqZ48nm3K1PEtQHi6Qa9/pzqj
PUcW44e/xuFWoOgx9fay48UrTgNn8PHeg9gsSfOj0A6/zS2JYeLsaVXFd/ZwNsBp
RRVUsZtLgTaYOqnS3JsKPPdjCZxgPKdlJvLHKqEbkoGtg4AhTZKE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org