Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/3pb7KY9jMd3wAicXe7osow4MEEc.roa
File:                     3pb7KY9jMd3wAicXe7osow4MEEc.roa (raw, json)
Hash identifier:          S+aXkdB/f1QOHXhuT3OpFTm/qiKZ7F7KIoPVdwQ62bs=
Subject key identifier:   DE:96:FB:29:8F:63:31:DD:F0:02:27:17:7B:BA:2C:A3:0E:0C:10:47
Certificate issuer:       /CN=78356c6a831680e9b8b7c95514953007a9407e87
Certificate serial:       018573038EA4F167487964D94BF48C866035
Authority key identifier: 78:35:6C:6A:83:16:80:E9:B8:B7:C9:55:14:95:30:07:A9:40:7E:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eDVsaoMWgOm4t8lVFJUwB6lAfoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/3pb7KY9jMd3wAicXe7osow4MEEc.roa
Signing time:             Mon 02 Jan 2023 15:04:50 +0000
ROA not before:           Mon 02 Jan 2023 15:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34997
IP address blocks:        45.87.156.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Jun 2023 13:08:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:03:8e:a4:f1:67:48:79:64:d9:4b:f4:8c:86:60:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=78356c6a831680e9b8b7c95514953007a9407e87
        Validity
            Not Before: Jan  2 15:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=de96fb298f6331ddf00227177bba2ca30e0c1047
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:6d:69:eb:b6:d1:e4:bc:2e:eb:1a:1a:7e:fd:
                    5e:39:c2:f9:df:c1:6b:cd:d0:dc:49:3e:ed:ca:b5:
                    90:8a:0a:1c:43:12:a8:1f:a4:e1:22:aa:02:c0:93:
                    f7:38:09:56:a7:cb:b5:02:cc:86:1e:77:5e:65:d2:
                    dc:f1:97:f8:f9:e1:d9:7d:59:d5:30:e0:83:98:61:
                    6b:07:06:f0:bf:c5:2d:ad:d4:97:d7:3f:31:5f:8e:
                    be:8f:7b:ce:9c:ff:70:88:94:e6:90:ec:be:4b:b8:
                    3e:1c:3e:87:b8:6b:c5:00:10:d4:90:a1:00:ec:65:
                    4d:b8:61:f4:9b:84:6d:c0:2a:f4:ec:43:2d:38:c1:
                    3d:7c:2d:e7:8e:d7:e2:eb:d8:a2:dc:43:26:5c:a1:
                    ea:ad:6e:bb:30:82:68:1b:59:3c:d8:a1:c0:6e:a1:
                    9d:5c:c9:b6:e2:7e:a0:c4:a6:ec:82:69:09:7f:dd:
                    7c:93:89:9d:d9:0f:e8:45:a0:19:87:f1:67:e9:d0:
                    40:7b:cf:72:94:a3:84:97:a5:07:51:2c:20:b5:b2:
                    7f:9d:30:e3:65:ca:52:f0:e6:6a:51:20:d5:c3:4b:
                    7b:96:2b:cc:f4:b4:7a:59:7f:c4:0a:4c:ea:86:98:
                    66:46:af:8f:61:65:b0:44:9d:49:39:be:85:4e:21:
                    8a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:96:FB:29:8F:63:31:DD:F0:02:27:17:7B:BA:2C:A3:0E:0C:10:47
            X509v3 Authority Key Identifier:
                keyid:78:35:6C:6A:83:16:80:E9:B8:B7:C9:55:14:95:30:07:A9:40:7E:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eDVsaoMWgOm4t8lVFJUwB6lAfoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/3pb7KY9jMd3wAicXe7osow4MEEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/eDVsaoMWgOm4t8lVFJUwB6lAfoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.87.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         86:11:e5:8a:b1:63:ae:35:45:c4:6d:f2:7c:38:11:c6:db:4b:
         16:66:95:03:9b:a9:5b:92:61:0a:96:df:ec:79:f3:c5:22:0c:
         bf:16:dc:ba:13:8c:cd:38:9a:6c:a6:a6:53:23:16:66:df:b0:
         8e:ca:e4:a8:23:19:e9:3e:72:cb:f4:e8:3c:57:09:38:5a:c2:
         54:e4:e8:8c:40:bc:70:bf:de:5d:92:38:47:9a:da:ea:5b:c8:
         2c:c7:20:8b:c5:b8:8f:dc:38:fe:e1:65:6c:19:6e:00:aa:4d:
         0a:aa:04:ae:8c:db:5f:0a:57:7d:5c:91:e4:3e:32:8d:b5:55:
         57:02:31:ba:23:9b:de:de:74:5b:b5:8c:bd:28:f5:ac:1a:01:
         b2:59:6b:16:ed:71:63:40:22:97:b0:79:a0:82:99:b0:df:17:
         c9:6c:93:38:ea:c2:b3:77:13:eb:25:92:c0:5e:85:f3:0e:fa:
         88:15:cf:96:d9:f8:c0:19:2e:98:75:c2:7c:f6:40:19:e7:34:
         19:68:7d:a8:d2:8c:aa:df:48:da:8d:07:c4:32:3d:85:51:d3:
         58:a9:1d:48:b6:ed:28:d5:5c:db:ae:0f:68:e1:b6:45:a7:8f:
         58:86:27:2a:f4:bf:f6:e0:84:9c:47:81:11:7f:26:4d:d0:bd:
         5e:c5:27:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA46k8WdIeWTZS/SMhmA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MzU2YzZhODMxNjgwZTliOGI3Yzk1NTE0OTUzMDA3YTk0
MDdlODcwHhcNMjMwMTAyMTUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTk2ZmIyOThmNjMzMWRkZjAwMjI3MTc3YmJhMmNhMzBlMGMxMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq21p67bR5Lwu6xoafv1eOcL538Fr
zdDcST7tyrWQigocQxKoH6ThIqoCwJP3OAlWp8u1AsyGHndeZdLc8Zf4+eHZfVnV
MOCDmGFrBwbwv8UtrdSX1z8xX46+j3vOnP9wiJTmkOy+S7g+HD6HuGvFABDUkKEA
7GVNuGH0m4RtwCr07EMtOME9fC3njtfi69ii3EMmXKHqrW67MIJoG1k82KHAbqGd
XMm24n6gxKbsgmkJf918k4md2Q/oRaAZh/Fn6dBAe89ylKOEl6UHUSwgtbJ/nTDj
ZcpS8OZqUSDVw0t7livM9LR6WX/ECkzqhphmRq+PYWWwRJ1JOb6FTiGKVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6W+ymPYzHd8AInF3u6LKMODBBHMB8GA1UdIwQY
MBaAFHg1bGqDFoDpuLfJVRSVMAepQH6HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZURWc2FvTVdnT200dDhsVkZKVXdCNmxBZm9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84ZDkxMzYtMWNiMi00MzQ5LWFiODYt
NWRjMzkyZGU2MzdiLzEvM3BiN0tZOWpNZDN3QWljWGU3b3NvdzRNRUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84ZDkxMzYtMWNiMi00MzQ5LWFiODYtNWRjMzkyZGU2Mzdi
LzEvZURWc2FvTVdnT200dDhsVkZKVXdCNmxBZm9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVecMA0G
CSqGSIb3DQEBCwUAA4IBAQCGEeWKsWOuNUXEbfJ8OBHG20sWZpUDm6lbkmEKlt/s
efPFIgy/Fty6E4zNOJpspqZTIxZm37COyuSoIxnpPnLL9Og8Vwk4WsJU5OiMQLxw
v95dkjhHmtrqW8gsxyCLxbiP3Dj+4WVsGW4Aqk0KqgSujNtfCld9XJHkPjKNtVVX
AjG6I5ve3nRbtYy9KPWsGgGyWWsW7XFjQCKXsHmggpmw3xfJbJM46sKzdxPrJZLA
XoXzDvqIFc+W2fjAGS6YdcJ89kAZ5zQZaH2o0oyq30jajQfEMj2FUdNYqR1Itu0o
1Vzbrg9o4bZFp49Yhicq9L/24IScR4ERfyZN0L1exSe2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:24 2024 by rpki-client on console-fra.rpki-client.org