Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/drP80V4wmGbIzn5DPUwHDvIoqWo.roa
File:                     drP80V4wmGbIzn5DPUwHDvIoqWo.roa (raw, json)
Hash identifier:          8WgUxwP3y4Cet0a4qKFOPrstmVbGS6lIun7xTaxUUng=
Subject key identifier:   76:B3:FC:D1:5E:30:98:66:C8:CE:7E:43:3D:4C:07:0E:F2:28:A9:6A
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018AFB839143EF2307AC677BEA5A29D67265
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/drP80V4wmGbIzn5DPUwHDvIoqWo.roa
Signing time:             Wed 04 Oct 2023 16:26:58 +0000
ROA not before:           Wed 04 Oct 2023 16:26:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200019
IP address blocks:        45.145.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fb:83:91:43:ef:23:07:ac:67:7b:ea:5a:29:d6:72:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Oct  4 16:26:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76b3fcd15e309866c8ce7e433d4c070ef228a96a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:77:24:36:4a:7a:5e:a8:fa:cd:12:51:b9:6b:
                    09:75:7a:8e:47:65:05:0c:b0:ee:6d:cd:f0:18:36:
                    05:3c:32:6e:da:33:cc:1c:9a:e9:19:44:1d:42:95:
                    38:c2:35:c5:72:16:3f:cd:26:1a:ae:c9:e7:7f:80:
                    16:84:21:43:ea:20:2c:fc:b9:62:a5:ac:01:8a:33:
                    c4:2c:a4:6c:c3:e8:10:d9:6f:ab:23:c8:2a:9d:18:
                    b6:4b:23:78:00:f3:4c:1f:f1:d0:6e:a2:01:38:47:
                    b3:4d:0c:4a:90:1a:35:26:86:77:35:24:c9:87:fa:
                    18:8d:a9:b9:55:b2:c2:7e:c5:34:12:c0:d7:75:c6:
                    15:f7:67:6c:ed:79:f2:e1:0c:83:ea:16:de:4e:fb:
                    9c:c2:d2:49:4f:6a:0e:2a:2c:d7:29:a6:b9:da:1a:
                    a3:aa:26:3a:38:df:ff:d1:81:29:0f:5c:1f:0f:4d:
                    4f:f3:5e:c8:b7:e8:4c:93:93:c8:6a:01:75:75:23:
                    d4:cc:87:6c:4e:27:1a:30:21:8f:6d:1f:29:9c:ce:
                    12:87:f0:e6:6a:21:8a:c2:4b:0c:77:b9:67:77:f0:
                    a1:ef:21:e8:f4:f3:85:08:07:d6:2b:53:b6:49:c1:
                    89:d1:69:a8:c6:55:f9:9e:67:b0:9d:f6:d7:90:a3:
                    50:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:B3:FC:D1:5E:30:98:66:C8:CE:7E:43:3D:4C:07:0E:F2:28:A9:6A
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/drP80V4wmGbIzn5DPUwHDvIoqWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:bc:b8:66:fe:e7:f0:d0:84:b4:8b:4d:7e:b9:cf:b3:71:8e:
         1c:6f:a4:05:72:5c:4c:19:ff:6d:63:7e:8a:e3:de:d4:bb:48:
         ab:a9:8f:06:64:63:40:2f:6e:53:7d:ca:88:ad:a2:18:45:c6:
         8e:6a:8e:5f:55:c6:26:da:48:ac:4e:77:92:8f:2d:26:2f:7c:
         33:32:67:37:55:b5:19:aa:77:59:05:df:8a:2e:73:a4:ac:f5:
         fc:5b:84:f5:60:18:dd:35:e5:90:a0:d6:cf:7a:b2:10:cb:10:
         e5:25:80:0c:e9:15:cd:c2:6e:f7:dc:6c:8e:f6:2a:9f:6a:b4:
         1b:42:f0:a5:7f:b3:e8:92:34:23:84:f9:ac:e5:c0:9a:9c:11:
         bd:d5:ef:59:c7:d8:01:ce:ff:7f:81:b0:86:3a:f7:dd:bb:07:
         20:39:46:14:80:9f:51:19:34:8b:f2:a3:5c:97:26:d1:53:c1:
         40:2b:4d:2e:d9:88:e2:e2:42:ff:fb:34:9b:0e:3c:92:9d:09:
         14:43:3c:a6:ab:df:66:f5:fc:bd:f4:03:97:5e:b7:3e:fb:c0:
         69:0c:6c:79:e6:c8:3b:4b:ed:f3:ec:8b:3a:06:01:42:66:87:
         24:88:cf:84:52:e7:ab:ff:11:00:c8:99:1e:fe:a5:c1:e6:f8:
         2c:37:f8:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr7g5FD7yMHrGd76lop1nJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMxMDA0MTYyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIzZmNkMTVlMzA5ODY2YzhjZTdlNDMzZDRjMDcwZWYyMjhhOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXckNkp6Xqj6zRJRuWsJdXqOR2UF
DLDubc3wGDYFPDJu2jPMHJrpGUQdQpU4wjXFchY/zSYarsnnf4AWhCFD6iAs/Lli
pawBijPELKRsw+gQ2W+rI8gqnRi2SyN4APNMH/HQbqIBOEezTQxKkBo1JoZ3NSTJ
h/oYjam5VbLCfsU0EsDXdcYV92ds7Xny4QyD6hbeTvucwtJJT2oOKizXKaa52hqj
qiY6ON//0YEpD1wfD01P817It+hMk5PIagF1dSPUzIdsTicaMCGPbR8pnM4Sh/Dm
aiGKwksMd7lnd/Ch7yHo9POFCAfWK1O2ScGJ0WmoxlX5nmewnfbXkKNQ2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHaz/NFeMJhmyM5+Qz1MBw7yKKlqMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvZHJQODBWNHdtR2JJem41RFBVd0hEdklvcVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZEAMA0G
CSqGSIb3DQEBCwUAA4IBAQCpvLhm/ufw0IS0i01+uc+zcY4cb6QFclxMGf9tY36K
497Uu0irqY8GZGNAL25TfcqIraIYRcaOao5fVcYm2kisTneSjy0mL3wzMmc3VbUZ
qndZBd+KLnOkrPX8W4T1YBjdNeWQoNbPerIQyxDlJYAM6RXNwm733GyO9iqfarQb
QvClf7PokjQjhPms5cCanBG91e9Zx9gBzv9/gbCGOvfduwcgOUYUgJ9RGTSL8qNc
lybRU8FAK00u2Yji4kL/+zSbDjySnQkUQzymq99m9fy99AOXXrc++8BpDGx55sg7
S+3z7Is6BgFCZockiM+EUuer/xEAyJke/qXB5vgsN/jB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org