Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/ey5cm7yWLpHqTq40e2fWyAdJIMY.roa
File:                     ey5cm7yWLpHqTq40e2fWyAdJIMY.roa (raw, json)
Hash identifier:          YfK1LRrM7e6LvNtDXX1xt3iwUq3lKIwPFUKlHo+0G8Y=
Subject key identifier:   7B:2E:5C:9B:BC:96:2E:91:EA:4E:AE:34:7B:67:D6:C8:07:49:20:C6
Certificate issuer:       /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial:       01856ECBA4D563E23E283B409ED91121F37A
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/ey5cm7yWLpHqTq40e2fWyAdJIMY.roa
Signing time:             Sun 01 Jan 2023 19:25:17 +0000
ROA not before:           Sun 01 Jan 2023 19:25:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204582
IP address blocks:        45.144.44.0/30 maxlen: 30
                          2a0e:eac0:2101::/48 maxlen: 48
                          2a0e:eac0:2020::/44 maxlen: 44
                          2a0e:eac0:2110::/44 maxlen: 44
                          2a0e:eac0:2000::/44 maxlen: 44
                          2a0e:eac0:2100::/44 maxlen: 44
                          2a0e:eac0:2010::/44 maxlen: 44

Validation:               Failed, certificate revoked on Wed 03 May 2023 09:56:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:cb:a4:d5:63:e2:3e:28:3b:40:9e:d9:11:21:f3:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
        Validity
            Not Before: Jan  1 19:25:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b2e5c9bbc962e91ea4eae347b67d6c8074920c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:19:8d:89:94:0b:42:23:3e:11:99:ea:60:6b:
                    a5:64:35:6a:bb:9c:70:a8:ab:ac:78:6d:0d:91:5d:
                    10:ea:1a:0c:8a:90:37:fd:ce:06:61:ba:4e:ba:c5:
                    0f:90:54:19:e4:95:72:46:86:a9:5a:bc:84:de:f2:
                    67:1e:fe:52:82:1b:70:dc:42:ff:a7:22:4c:68:8c:
                    c9:9c:3e:c5:72:cd:d0:89:05:8a:43:3d:0f:10:47:
                    b2:85:9f:92:13:d6:a2:60:03:b2:69:50:0b:1e:06:
                    ec:48:63:a8:ac:df:78:ce:11:a2:1f:51:0c:8c:e5:
                    82:29:54:99:d9:ee:ce:df:72:01:5b:17:d0:99:91:
                    27:cb:37:dd:3c:cd:df:cf:6d:eb:76:08:f8:e9:50:
                    4b:56:83:6e:24:01:58:45:ed:d6:34:e5:f0:fa:49:
                    c5:5b:17:e2:63:4a:07:0e:67:23:e8:75:d4:98:ee:
                    33:7f:db:de:28:41:9b:eb:12:6d:f8:ea:7d:bb:d3:
                    ba:1d:82:83:9f:01:f4:b8:b4:cf:a7:99:fb:3e:71:
                    93:be:9f:75:71:25:36:0f:be:12:5f:73:fd:01:6e:
                    95:62:e3:4c:ab:0a:22:e3:0d:93:00:4a:25:62:9a:
                    ea:cf:4f:77:a3:82:cf:21:89:0f:1d:aa:70:60:5a:
                    aa:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:2E:5C:9B:BC:96:2E:91:EA:4E:AE:34:7B:67:D6:C8:07:49:20:C6
            X509v3 Authority Key Identifier:
                keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/ey5cm7yWLpHqTq40e2fWyAdJIMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.44.0/30
                IPv6:
                  2a0e:eac0:2000::-2a0e:eac0:202f:ffff:ffff:ffff:ffff:ffff
                  2a0e:eac0:2100::/43

    Signature Algorithm: sha256WithRSAEncryption
         60:65:bc:f7:02:b5:72:14:c2:85:9d:33:dc:45:a3:7b:f9:f7:
         b3:97:69:31:b8:e5:43:b5:9c:1a:ed:ae:8f:d7:68:78:66:41:
         15:f9:08:b1:d6:d6:89:93:94:b2:33:0e:1b:c7:42:a6:9b:33:
         68:94:18:1b:a6:ea:8f:51:44:43:a3:76:6e:67:bc:48:ab:d2:
         96:d6:90:4c:f3:cf:c3:e4:ce:0f:75:93:9a:d0:77:19:c5:67:
         5b:c5:78:23:79:c8:98:cf:3b:5f:52:cb:09:4d:8a:00:35:4f:
         20:dd:b1:6f:a4:f3:19:d6:93:af:9b:1b:22:67:eb:0d:93:dc:
         df:7d:dd:a7:78:e7:8c:00:93:69:70:8b:23:e1:7f:f9:97:6a:
         e6:d1:c3:1f:d3:00:0f:18:63:6e:32:26:02:22:45:10:2c:16:
         fc:3b:e3:7e:6e:66:39:be:04:22:a5:b1:3c:9d:7e:56:b7:01:
         a6:90:d0:76:13:92:25:d3:7b:42:51:a0:06:b6:f7:49:93:64:
         91:d1:bb:2f:49:44:d4:36:31:2b:0f:b8:2a:09:cc:c1:74:ef:
         96:3b:73:f1:45:ec:31:ec:93:a4:ae:28:6a:8c:08:96:ee:c8:
         b0:94:5f:2d:6a:26:44:be:b9:28:6e:e0:89:67:d7:da:63:2a:
         f8:b5:79:e0
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVuy6TVY+I+KDtAntkRIfN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjMwMTAxMTkyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJlNWM5YmJjOTYyZTkxZWE0ZWFlMzQ3YjY3ZDZjODA3NDkyMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxmNiZQLQiM+EZnqYGulZDVqu5xw
qKuseG0NkV0Q6hoMipA3/c4GYbpOusUPkFQZ5JVyRoapWryE3vJnHv5Sghtw3EL/
pyJMaIzJnD7Fcs3QiQWKQz0PEEeyhZ+SE9aiYAOyaVALHgbsSGOorN94zhGiH1EM
jOWCKVSZ2e7O33IBWxfQmZEnyzfdPM3fz23rdgj46VBLVoNuJAFYRe3WNOXw+knF
WxfiY0oHDmcj6HXUmO4zf9veKEGb6xJt+Op9u9O6HYKDnwH0uLTPp5n7PnGTvp91
cSU2D74SX3P9AW6VYuNMqwoi4w2TAEolYprqz093o4LPIYkPHapwYFqqkwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHsuXJu8li6R6k6uNHtn1sgHSSDGMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvZXk1Y203eVdMcEhxVHE0MGUyZld5QWRKSU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzANBAIAATAHAwUCLZAsADAi
BAIAAjAcMBEDBgUqDurAIAMHBCoO6sAgIAMHBSoO6sAhADANBgkqhkiG9w0BAQsF
AAOCAQEAYGW89wK1chTChZ0z3EWje/n3s5dpMbjlQ7WcGu2uj9doeGZBFfkIsdbW
iZOUsjMOG8dCppszaJQYG6bqj1FEQ6N2bme8SKvSltaQTPPPw+TOD3WTmtB3GcVn
W8V4I3nImM87X1LLCU2KADVPIN2xb6TzGdaTr5sbImfrDZPc333dp3jnjACTaXCL
I+F/+Zdq5tHDH9MADxhjbjImAiJFECwW/Dvjfm5mOb4EIqWxPJ1+VrcBppDQdhOS
JdN7QlGgBrb3SZNkkdG7L0lE1DYxKw+4KgnMwXTvljtz8UXsMeyTpK4oaowIlu7I
sJRfLWomRL65KG7giWfX2mMq+LV54A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:51 2024 by rpki-client on console-ams.rpki-client.org