Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/63QKOGG-fFSJeNULeZDW5flEXwY.roa
File:                     63QKOGG-fFSJeNULeZDW5flEXwY.roa (raw, json)
Hash identifier:          EhZSVFHv0ATRU2vQHo9yZLQObbGHc4bnDjsguWdAoMQ=
Subject key identifier:   EB:74:0A:38:61:BE:7C:54:89:78:D5:0B:79:90:D6:E5:F9:44:5F:06
Certificate issuer:       /CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Certificate serial:       01895025F69E282CA72ED5DE5C5056846131
Authority key identifier: B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/63QKOGG-fFSJeNULeZDW5flEXwY.roa
Signing time:             Thu 13 Jul 2023 16:46:52 +0000
ROA not before:           Thu 13 Jul 2023 16:46:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211878
IP address blocks:        45.152.88.0/22 maxlen: 24
                          2a0f:5100::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:50:25:f6:9e:28:2c:a7:2e:d5:de:5c:50:56:84:61:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9032bdb128c86e00b21c77959a8011c40d0650c
        Validity
            Not Before: Jul 13 16:46:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb740a3861be7c548978d50b7990d6e5f9445f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:78:e0:a2:e6:c9:17:1b:7b:f5:6e:4d:46:44:
                    61:a1:cf:ce:85:0d:9a:7b:d1:9e:45:5b:aa:c9:d3:
                    64:a2:b7:68:8b:63:cc:de:ce:ba:64:6b:5e:00:b1:
                    3f:f7:c4:f9:e0:a2:20:a1:02:7e:61:7a:06:6b:51:
                    17:ed:dd:1b:86:22:41:72:e4:39:3f:48:f8:e7:a3:
                    9b:29:14:62:7d:f5:44:74:f3:8f:54:53:5b:54:34:
                    57:56:ab:77:45:d3:4b:f6:ff:44:c6:33:d6:eb:d8:
                    2f:df:7b:70:06:fd:78:90:ed:a3:70:a2:0d:64:91:
                    f2:e5:fc:74:9c:4a:1d:6e:82:0c:b3:30:17:aa:28:
                    80:8a:4f:71:25:1c:a6:3f:f0:d0:d4:5b:ee:00:82:
                    1d:fe:7d:42:f8:48:83:45:20:a4:bd:ad:e5:7f:86:
                    d8:88:6d:13:9e:34:12:09:51:88:cc:c2:6a:f5:0c:
                    30:d9:33:fb:b1:b6:23:3a:c8:1a:26:a5:c1:9c:9b:
                    b5:a2:d4:fd:ed:99:2f:f4:46:c1:49:82:ab:9f:90:
                    15:9c:3d:1a:64:64:ad:e1:a8:aa:82:74:e5:68:43:
                    04:6c:03:6b:a2:de:61:15:d4:93:99:d9:08:a2:ed:
                    00:99:86:47:90:0d:81:c6:46:a2:1c:29:f0:23:a9:
                    77:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:74:0A:38:61:BE:7C:54:89:78:D5:0B:79:90:D6:E5:F9:44:5F:06
            X509v3 Authority Key Identifier:
                keyid:B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/63QKOGG-fFSJeNULeZDW5flEXwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/uQMr2xKMhuALIcd5WagBHEDQZQw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.88.0/22
                IPv6:
                  2a0f:5100::/29

    Signature Algorithm: sha256WithRSAEncryption
         3f:0c:f0:0d:8f:c0:31:e4:50:8d:14:3e:a2:c2:24:34:07:4b:
         b5:ad:50:dc:19:d8:06:3b:e3:a8:93:60:3e:81:c6:9e:c8:34:
         57:ee:ed:3d:ce:57:bf:5b:ce:0d:dd:45:b9:15:3c:57:5d:5a:
         7f:8d:22:28:97:a6:01:68:bc:a1:e9:a2:0b:b4:96:c9:86:5c:
         2e:02:d7:0a:8b:f8:ed:6f:0b:8f:1d:18:3b:b8:32:6c:76:65:
         6c:83:df:9f:04:bd:c0:8d:9a:06:c6:bb:8a:d2:0e:37:2e:8d:
         66:20:b9:ab:70:4a:30:fe:76:b5:68:1d:f2:25:cd:26:d6:df:
         cb:1a:b8:d6:6d:97:c0:81:94:fe:f7:1d:96:50:e6:ab:f4:6b:
         fd:27:13:f2:ea:36:75:3f:7f:c7:70:da:5f:21:33:5b:c2:6c:
         c9:5d:a8:0e:fd:17:66:e8:5f:21:61:96:93:2c:5b:67:ff:6f:
         1a:a0:d5:b2:71:31:17:75:7c:c7:57:7a:2a:56:ac:89:d2:b5:
         cf:d3:79:09:9a:0c:13:e9:db:e1:19:f4:87:d4:b9:08:41:94:
         97:8f:20:d5:d0:59:00:f6:08:db:aa:9f:ad:a7:2d:28:ef:e3:
         e0:6a:f3:66:d0:fe:83:29:6e:1f:b1:3d:fb:5a:6b:ae:f8:e8:
         ab:8c:b5:8a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlQJfaeKCynLtXeXFBWhGExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MDMyYmRiMTI4Yzg2ZTAwYjIxYzc3OTU5YTgwMTFjNDBk
MDY1MGMwHhcNMjMwNzEzMTY0NjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc0MGEzODYxYmU3YzU0ODk3OGQ1MGI3OTkwZDZlNWY5NDQ1ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXjgoubJFxt79W5NRkRhoc/OhQ2a
e9GeRVuqydNkordoi2PM3s66ZGteALE/98T54KIgoQJ+YXoGa1EX7d0bhiJBcuQ5
P0j456ObKRRiffVEdPOPVFNbVDRXVqt3RdNL9v9ExjPW69gv33twBv14kO2jcKIN
ZJHy5fx0nEodboIMszAXqiiAik9xJRymP/DQ1FvuAIId/n1C+EiDRSCkva3lf4bY
iG0TnjQSCVGIzMJq9Qww2TP7sbYjOsgaJqXBnJu1otT97Zkv9EbBSYKrn5AVnD0a
ZGSt4aiqgnTlaEMEbANrot5hFdSTmdkIou0AmYZHkA2BxkaiHCnwI6l3jwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOt0CjhhvnxUiXjVC3mQ1uX5RF8GMB8GA1UdIwQY
MBaAFLkDK9sSjIbgCyHHeVmoARxA0GUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYt
ZmU4NDZmNzVkMTcwLzEvNjNRS09HRy1mRlNKZU5VTGVaRFc1ZmxFWHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYtZmU4NDZmNzVkMTcw
LzEvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZhYMA0E
AgACMAcDBQMqD1EAMA0GCSqGSIb3DQEBCwUAA4IBAQA/DPANj8Ax5FCNFD6iwiQ0
B0u1rVDcGdgGO+Ook2A+gcaeyDRX7u09zle/W84N3UW5FTxXXVp/jSIol6YBaLyh
6aILtJbJhlwuAtcKi/jtbwuPHRg7uDJsdmVsg9+fBL3AjZoGxruK0g43Lo1mILmr
cEow/na1aB3yJc0m1t/LGrjWbZfAgZT+9x2WUOar9Gv9JxPy6jZ1P3/HcNpfITNb
wmzJXagO/Rdm6F8hYZaTLFtn/28aoNWycTEXdXzHV3oqVqyJ0rXP03kJmgwT6dvh
GfSH1LkIQZSXjyDV0FkA9gjbqp+tpy0o7+PgavNm0P6DKW4fsT37Wmuu+OirjLWK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:57 2024 by rpki-client on console-ams.rpki-client.org