Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Xd3wzphGMnSJ9wtZyjWVKKEG4Z0.roa
File:                     Xd3wzphGMnSJ9wtZyjWVKKEG4Z0.roa (raw, json)
Hash identifier:          EHbA2gmMLQGtqLZ0wcADU0nKHtTRk3XHLmmYltwbrTc=
Subject key identifier:   5D:DD:F0:CE:98:46:32:74:89:F7:0B:59:CA:35:95:28:A1:06:E1:9D
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01871034C6C74FC16419C6268FD84BA1C1E4
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Xd3wzphGMnSJ9wtZyjWVKKEG4Z0.roa
Signing time:             Thu 23 Mar 2023 20:41:46 +0000
ROA not before:           Thu 23 Mar 2023 20:41:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43297
IP address blocks:        45.145.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:10:34:c6:c7:4f:c1:64:19:c6:26:8f:d8:4b:a1:c1:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Mar 23 20:41:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5dddf0ce9846327489f70b59ca359528a106e19d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:3c:df:d1:f9:57:ab:f0:1b:79:08:67:f9:f2:
                    16:d3:e2:15:44:8d:a2:94:c7:6f:ba:cf:fd:72:fb:
                    ae:12:a5:06:85:0f:03:e2:ef:98:95:78:5a:3f:d9:
                    62:80:a7:1b:04:d8:f0:d4:5d:d0:24:e1:23:73:6d:
                    ed:34:78:ec:36:8a:92:48:a9:52:14:fb:ab:3f:5c:
                    d4:83:14:1b:cc:82:b9:b8:7d:35:2d:cf:cc:ac:51:
                    68:bd:c2:46:40:ca:55:5c:cf:8b:bc:8f:c9:c7:b9:
                    ce:e5:48:4a:9b:fa:af:8c:0b:87:44:64:e8:0a:a4:
                    b1:b6:da:c3:8b:e7:b5:25:7c:8e:05:94:38:1b:3f:
                    b7:81:ea:df:b8:10:3c:c4:20:30:ac:9f:51:1d:bd:
                    19:d2:30:cf:66:35:cd:fe:b6:a5:ec:2a:8a:84:54:
                    be:6b:7f:77:4a:ba:33:69:0c:a3:e1:62:be:70:1e:
                    1c:db:35:ba:8e:87:0d:eb:86:36:82:59:fa:66:94:
                    d2:a8:0d:e7:f7:af:ad:c0:65:f8:dc:53:02:8c:d2:
                    7b:14:76:9b:eb:a8:df:f6:29:07:18:30:52:b4:cd:
                    4f:de:b9:1a:48:7c:65:bc:28:0f:ee:cd:53:5a:77:
                    86:9b:95:57:03:48:bf:d0:b4:34:fb:80:e3:a5:9b:
                    4f:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:DD:F0:CE:98:46:32:74:89:F7:0B:59:CA:35:95:28:A1:06:E1:9D
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Xd3wzphGMnSJ9wtZyjWVKKEG4Z0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:77:f0:e0:3a:22:be:ca:e3:83:a1:88:96:aa:29:3a:06:ca:
         52:97:74:73:6e:ef:10:3e:68:e6:25:aa:38:4f:c0:24:87:fa:
         62:4f:d5:e9:e7:80:41:ae:59:9e:c5:b5:52:be:3a:cc:a4:9f:
         a3:8b:94:51:3a:25:86:76:a6:43:11:54:07:4d:97:cb:23:2d:
         c2:d9:4c:9d:b2:31:79:a7:29:35:46:ad:ae:17:3b:3d:7c:20:
         5e:93:fd:57:1c:21:54:80:e8:a6:36:1f:3c:c9:3b:53:d6:fb:
         62:04:25:ec:b5:f6:3a:db:f3:a7:fe:fd:ac:0d:34:ec:b8:c5:
         fb:ed:0d:5c:91:51:50:bd:68:b7:cf:b1:d2:8a:79:9c:97:35:
         6c:e1:3b:37:7f:55:01:8a:8c:ce:30:1d:b2:4a:b0:04:eb:0f:
         9d:5e:49:a3:51:2b:c0:7d:5e:f8:df:04:f7:8f:de:d9:b2:b8:
         53:48:61:2f:44:0b:27:2d:a6:40:99:57:e7:d9:ab:ce:f7:d4:
         0f:2a:3a:d6:5c:7e:96:6e:d5:91:03:e9:3d:fe:b7:0c:15:ed:
         9d:6e:7c:93:b1:72:11:f3:76:5f:9a:6b:34:5e:88:a8:a0:a2:
         ac:fc:45:4c:d3:86:82:17:04:9e:ef:28:40:63:21:aa:5a:1e:
         9b:2a:6a:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcQNMbHT8FkGcYmj9hLocHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwMzIzMjA0MTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRkZjBjZTk4NDYzMjc0ODlmNzBiNTljYTM1OTUyOGExMDZlMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Dzf0flXq/AbeQhn+fIW0+IVRI2i
lMdvus/9cvuuEqUGhQ8D4u+YlXhaP9ligKcbBNjw1F3QJOEjc23tNHjsNoqSSKlS
FPurP1zUgxQbzIK5uH01Lc/MrFFovcJGQMpVXM+LvI/Jx7nO5UhKm/qvjAuHRGTo
CqSxttrDi+e1JXyOBZQ4Gz+3gerfuBA8xCAwrJ9RHb0Z0jDPZjXN/ral7CqKhFS+
a393SrozaQyj4WK+cB4c2zW6jocN64Y2gln6ZpTSqA3n96+twGX43FMCjNJ7FHab
66jf9ikHGDBStM1P3rkaSHxlvCgP7s1TWneGm5VXA0i/0LQ0+4DjpZtPHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3d8M6YRjJ0ifcLWco1lSihBuGdMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvWGQzd3pwaEdNblNKOXd0WnlqV1ZLS0VHNFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZEBMA0G
CSqGSIb3DQEBCwUAA4IBAQAVd/DgOiK+yuODoYiWqik6BspSl3Rzbu8QPmjmJao4
T8Akh/piT9Xp54BBrlmexbVSvjrMpJ+ji5RROiWGdqZDEVQHTZfLIy3C2UydsjF5
pyk1Rq2uFzs9fCBek/1XHCFUgOimNh88yTtT1vtiBCXstfY62/On/v2sDTTsuMX7
7Q1ckVFQvWi3z7HSinmclzVs4Ts3f1UBiozOMB2ySrAE6w+dXkmjUSvAfV743wT3
j97ZsrhTSGEvRAsnLaZAmVfn2avO99QPKjrWXH6WbtWRA+k9/rcMFe2dbnyTsXIR
83Zfmms0XoiooKKs/EVM04aCFwSe7yhAYyGqWh6bKmpb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org