Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/YMwMP_y-Ypcpz3fOVIUlQJ4wTYU.roa
File:                     YMwMP_y-Ypcpz3fOVIUlQJ4wTYU.roa (raw, json)
Hash identifier:          0Vveen1JMPchwvRr09VFYlx+7VE48/AEdGMXw+IN/pc=
Subject key identifier:   60:CC:0C:3F:FC:BE:62:97:29:CF:77:CE:54:85:25:40:9E:30:4D:85
Certificate issuer:       /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial:       018D8A112574A478422E919736D7AAB9F85E
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/YMwMP_y-Ypcpz3fOVIUlQJ4wTYU.roa
Signing time:             Thu 08 Feb 2024 18:53:15 +0000
ROA not before:           Thu 08 Feb 2024 18:53:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201364
IP address blocks:        45.10.56.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 03 Mar 2024 20:25:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8a:11:25:74:a4:78:42:2e:91:97:36:d7:aa:b9:f8:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
        Validity
            Not Before: Feb  8 18:53:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=60cc0c3ffcbe629729cf77ce548525409e304d85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d2:8d:2b:68:85:cc:6f:10:49:9c:5a:4f:0e:
                    a9:21:f7:06:6c:8d:05:ee:3c:4e:75:53:74:a0:77:
                    c2:a4:f3:68:1a:3c:2d:26:5d:33:86:36:eb:b1:9d:
                    b9:c2:53:11:2e:3f:ac:7b:d2:40:1f:d9:37:14:41:
                    8b:2f:54:01:49:0c:45:c4:f8:c5:61:b1:17:c7:5e:
                    24:c2:dc:98:55:77:60:50:ba:b1:30:dc:ab:db:64:
                    55:56:84:46:8b:99:1e:97:7e:72:9f:95:5f:07:98:
                    4c:cc:e7:53:50:b4:b7:26:b8:6c:dc:e0:32:18:fa:
                    6e:b8:3c:31:c0:69:ad:30:b7:f4:ea:b7:70:18:01:
                    ab:99:d6:cc:05:87:73:d9:df:33:98:45:44:96:d3:
                    82:54:e7:bb:c6:3d:90:bf:5d:3b:cb:71:48:0d:a9:
                    9b:b1:8b:9f:21:42:25:05:d4:44:5a:17:65:d2:99:
                    46:37:fd:7a:37:7b:eb:32:b7:09:06:c3:32:43:1c:
                    9e:0a:95:38:38:8a:3c:c5:85:78:53:c4:42:6d:60:
                    7f:9b:46:15:74:b1:89:3d:84:62:37:8f:7d:64:b5:
                    d4:be:fe:6d:1c:fb:37:0f:73:4c:b1:c6:0c:19:51:
                    42:27:1a:b9:d0:f3:4a:cb:b6:cc:44:30:ef:ae:02:
                    c3:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:CC:0C:3F:FC:BE:62:97:29:CF:77:CE:54:85:25:40:9E:30:4D:85
            X509v3 Authority Key Identifier:
                keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/YMwMP_y-Ypcpz3fOVIUlQJ4wTYU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:ee:ab:3e:cc:ed:fc:a9:e6:eb:8d:97:e9:06:60:e0:52:aa:
         3c:99:62:c6:63:d0:2b:ce:b3:d8:31:b0:2f:c2:a9:b6:a9:35:
         37:9a:15:27:bd:6c:b4:16:48:c5:43:c1:b8:d9:d6:44:49:76:
         7a:d0:12:a6:4e:37:81:15:65:88:8e:b8:9d:86:51:9c:28:0b:
         4a:82:62:eb:cc:7c:e3:42:3d:c3:a2:b1:68:ab:28:b8:e4:31:
         b1:3e:f4:8a:eb:12:73:9c:8b:f1:b7:1d:39:bc:a6:46:2b:e0:
         3c:13:4a:74:08:c8:ec:fc:fd:4c:3c:cc:7a:2b:fb:34:39:d9:
         91:f0:28:ed:c7:ce:ea:0d:a7:e2:57:e1:c3:1b:7c:1f:db:95:
         79:b5:10:39:f4:ec:bd:d9:1b:ce:3f:9b:14:44:5c:c6:f0:d3:
         03:f3:1d:30:b3:47:5e:cc:14:e5:38:d5:f6:97:97:02:50:29:
         87:21:67:21:75:88:7b:e5:e0:82:cc:3c:23:56:f0:6b:e8:ad:
         a2:10:d7:4a:08:c9:f7:fe:65:73:17:a5:58:07:9b:bc:5f:f5:
         d8:0b:de:9a:5e:d8:f7:32:62:cb:8f:81:cf:8f:be:fa:64:51:
         f5:11:65:2c:29:a1:d5:d0:90:25:c8:39:73:77:77:0c:47:12:
         16:dd:50:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2KESV0pHhCLpGXNtequfheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwMjA4MTg1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGNjMGMzZmZjYmU2Mjk3MjljZjc3Y2U1NDg1MjU0MDllMzA0ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotKNK2iFzG8QSZxaTw6pIfcGbI0F
7jxOdVN0oHfCpPNoGjwtJl0zhjbrsZ25wlMRLj+se9JAH9k3FEGLL1QBSQxFxPjF
YbEXx14kwtyYVXdgULqxMNyr22RVVoRGi5kel35yn5VfB5hMzOdTULS3Jrhs3OAy
GPpuuDwxwGmtMLf06rdwGAGrmdbMBYdz2d8zmEVEltOCVOe7xj2Qv107y3FIDamb
sYufIUIlBdREWhdl0plGN/16N3vrMrcJBsMyQxyeCpU4OIo8xYV4U8RCbWB/m0YV
dLGJPYRiN499ZLXUvv5tHPs3D3NMscYMGVFCJxq50PNKy7bMRDDvrgLDkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDMDD/8vmKXKc93zlSFJUCeME2FMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvWU13TVBfeS1ZcGNwejNmT1ZJVWxRSjR3VFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQo4MA0G
CSqGSIb3DQEBCwUAA4IBAQAx7qs+zO38qebrjZfpBmDgUqo8mWLGY9ArzrPYMbAv
wqm2qTU3mhUnvWy0FkjFQ8G42dZESXZ60BKmTjeBFWWIjridhlGcKAtKgmLrzHzj
Qj3DorFoqyi45DGxPvSK6xJznIvxtx05vKZGK+A8E0p0CMjs/P1MPMx6K/s0OdmR
8Cjtx87qDafiV+HDG3wf25V5tRA59Oy92RvOP5sURFzG8NMD8x0ws0dezBTlONX2
l5cCUCmHIWchdYh75eCCzDwjVvBr6K2iENdKCMn3/mVzF6VYB5u8X/XYC96aXtj3
MmLLj4HPj776ZFH1EWUsKaHV0JAlyDlzd3cMRxIW3VCi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:30 2024 by rpki-client on console-fra.rpki-client.org