Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/OyWiYCOQXvkbixGRwa06lYPfuCE.roa
File:                     OyWiYCOQXvkbixGRwa06lYPfuCE.roa (raw, json)
Hash identifier:          Tj0VDexmjHnbSopj0WODpsTJoE3rj3ho+O7mRUqdclg=
Subject key identifier:   3B:25:A2:60:23:90:5E:F9:1B:8B:11:91:C1:AD:3A:95:83:DF:B8:21
Certificate issuer:       /CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
Certificate serial:       018678F5C28745797CC1773DA133DA685D5B
Authority key identifier: 25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/OyWiYCOQXvkbixGRwa06lYPfuCE.roa
Signing time:             Wed 22 Feb 2023 11:50:17 +0000
ROA not before:           Wed 22 Feb 2023 11:50:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        45.143.132.0/24 maxlen: 24
                          45.143.134.0/24 maxlen: 24
                          45.143.133.0/24 maxlen: 24
                          45.143.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:78:f5:c2:87:45:79:7c:c1:77:3d:a1:33:da:68:5d:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
        Validity
            Not Before: Feb 22 11:50:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b25a26023905ef91b8b1191c1ad3a9583dfb821
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:71:37:55:c4:e6:da:c1:f0:47:7c:e1:5b:f2:
                    01:92:5a:22:df:59:fd:23:6c:1e:fb:f6:79:22:23:
                    f5:d6:ca:7f:03:48:ff:0f:c1:82:12:42:6a:2b:ab:
                    40:4c:82:7b:52:84:d4:36:fb:5a:70:9b:39:9e:82:
                    1e:09:51:11:89:e5:0b:cf:78:bd:ee:22:5a:ba:aa:
                    0b:5c:60:c7:b3:5a:6f:36:c0:2c:72:ff:7d:17:ab:
                    6f:f5:77:d6:87:48:38:f7:e4:48:e7:28:61:21:7b:
                    8b:2e:c1:54:f9:b0:99:4d:29:c7:f4:3f:63:e3:56:
                    e8:bd:82:c9:bb:f8:97:b4:71:f8:7f:93:83:4a:bc:
                    c0:f9:af:15:9e:93:e7:d0:3d:11:85:43:d2:af:fc:
                    45:9b:05:f7:4b:1f:bf:c3:e6:96:f3:b2:54:e9:56:
                    81:89:94:d7:a8:f5:0c:6f:3d:a8:9a:25:24:02:52:
                    d4:c1:77:c3:93:58:2a:cd:77:55:d9:97:9f:b7:d1:
                    e4:95:02:b1:98:ed:55:02:31:0b:4e:b0:66:38:61:
                    e7:e1:32:47:0d:5a:02:e1:88:ba:fb:70:31:08:ca:
                    fe:34:fc:cc:88:a8:b0:b0:5b:08:82:bd:91:58:fb:
                    73:7d:86:1a:68:fc:f9:ff:ea:47:77:a6:13:63:54:
                    b4:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:25:A2:60:23:90:5E:F9:1B:8B:11:91:C1:AD:3A:95:83:DF:B8:21
            X509v3 Authority Key Identifier:
                keyid:25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/OyWiYCOQXvkbixGRwa06lYPfuCE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/JQ599DyC0SChPTyGXx8G9JZEseE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:b0:c7:82:11:45:cf:f5:6d:4d:20:1a:1e:13:ed:ce:d5:9e:
         2e:45:09:4e:82:f6:ab:f3:05:a7:54:f7:f5:61:d7:e2:bf:2f:
         53:d3:f5:a7:67:6e:12:4b:a6:94:13:c8:d2:04:8c:8d:36:90:
         d2:82:38:43:53:c6:d7:3a:54:b2:ca:f8:68:bd:50:56:f2:5c:
         54:bc:3e:53:68:a7:a9:a2:c4:09:27:e0:ea:a6:b6:4f:b7:24:
         16:21:77:29:27:8d:22:e3:f0:b6:df:e6:b5:03:31:3a:09:80:
         39:16:e7:42:58:26:22:de:a5:dc:08:d7:a7:de:f4:cd:13:d9:
         0a:dc:be:ea:b1:82:46:39:36:76:56:ee:46:c9:c1:a4:fd:b1:
         13:10:b0:60:49:fc:63:42:d3:a3:4b:0f:69:6c:c3:90:09:0d:
         dc:4a:c7:13:48:b4:7d:d3:19:7b:b7:98:17:da:78:b7:36:56:
         af:86:ce:e3:40:ad:a0:e6:b0:39:e7:d8:29:25:79:91:a5:23:
         0b:90:91:e6:b4:30:da:32:ff:dd:94:0f:a1:65:a3:eb:71:cb:
         91:09:c7:d5:1a:6a:79:75:c0:be:58:11:ee:1a:01:d8:96:95:
         c2:67:4b:54:46:72:3a:90:65:c0:76:10:c7:9f:fd:6d:ca:c9:
         b3:61:0c:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ49cKHRXl8wXc9oTPaaF1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MGU3ZGY0M2M4MmQxMjBhMTNkM2M4NjVmMWYwNmY0OTY0
NGIxZTEwHhcNMjMwMjIyMTE1MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI1YTI2MDIzOTA1ZWY5MWI4YjExOTFjMWFkM2E5NTgzZGZiODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznE3VcTm2sHwR3zhW/IBkloi31n9
I2we+/Z5IiP11sp/A0j/D8GCEkJqK6tATIJ7UoTUNvtacJs5noIeCVERieULz3i9
7iJauqoLXGDHs1pvNsAscv99F6tv9XfWh0g49+RI5yhhIXuLLsFU+bCZTSnH9D9j
41bovYLJu/iXtHH4f5ODSrzA+a8VnpPn0D0RhUPSr/xFmwX3Sx+/w+aW87JU6VaB
iZTXqPUMbz2omiUkAlLUwXfDk1gqzXdV2Zeft9HklQKxmO1VAjELTrBmOGHn4TJH
DVoC4Yi6+3AxCMr+NPzMiKiwsFsIgr2RWPtzfYYaaPz5/+pHd6YTY1S0LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDslomAjkF75G4sRkcGtOpWD37ghMB8GA1UdIwQY
MBaAFCUOffQ8gtEgoT08hl8fBvSWRLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYt
NGE5YmIyZmU3MzMxLzEvT3lXaVlDT1FYdmtiaXhHUndhMDZsWVBmdUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYtNGE5YmIyZmU3MzMx
LzEvSlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY+EMA0G
CSqGSIb3DQEBCwUAA4IBAQCjsMeCEUXP9W1NIBoeE+3O1Z4uRQlOgvar8wWnVPf1
Ydfivy9T0/WnZ24SS6aUE8jSBIyNNpDSgjhDU8bXOlSyyvhovVBW8lxUvD5TaKep
osQJJ+DqprZPtyQWIXcpJ40i4/C23+a1AzE6CYA5FudCWCYi3qXcCNen3vTNE9kK
3L7qsYJGOTZ2Vu5GycGk/bETELBgSfxjQtOjSw9pbMOQCQ3cSscTSLR90xl7t5gX
2ni3Nlavhs7jQK2g5rA559gpJXmRpSMLkJHmtDDaMv/dlA+hZaPrccuRCcfVGmp5
dcC+WBHuGgHYlpXCZ0tURnI6kGXAdhDHn/1tysmzYQxE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:00 2024 by rpki-client on console-ams.rpki-client.org