Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/Z0yVuSfGULiSJQSu3N7YKHP0QG0.roa
File:                     Z0yVuSfGULiSJQSu3N7YKHP0QG0.roa (raw, json)
Hash identifier:          hCsRX0mqwVQofGxs2ZZXn/g04f5ybNsbFL+6EipZMQU=
Subject key identifier:   67:4C:95:B9:27:C6:50:B8:92:25:04:AE:DC:DE:D8:28:73:F4:40:6D
Certificate issuer:       /CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
Certificate serial:       0185DE8D41B3A81990E8DCAED5A3B10CED68
Authority key identifier: 25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/Z0yVuSfGULiSJQSu3N7YKHP0QG0.roa
Signing time:             Mon 23 Jan 2023 12:14:37 +0000
ROA not before:           Mon 23 Jan 2023 12:14:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60781
IP address blocks:        45.143.133.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 11:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:de:8d:41:b3:a8:19:90:e8:dc:ae:d5:a3:b1:0c:ed:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=250e7df43c82d120a13d3c865f1f06f49644b1e1
        Validity
            Not Before: Jan 23 12:14:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=674c95b927c650b8922504aedcded82873f4406d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:5e:2f:a6:49:e6:34:d3:1a:c3:46:ee:b4:4f:
                    f5:59:b0:5d:bd:2a:09:65:5a:3d:bd:ce:09:40:bb:
                    1e:a0:17:f4:ab:9a:e7:5c:4d:9f:0b:7d:65:d8:ab:
                    76:44:96:bc:38:4a:7c:90:a5:9d:8b:fa:79:7a:b9:
                    1d:8f:55:33:0e:66:ea:23:83:5d:c5:83:4c:db:c7:
                    da:36:3c:ea:b0:d7:45:90:ad:5b:f1:44:79:53:2d:
                    fd:9f:fa:52:35:07:73:04:a1:d8:c2:a3:2e:da:c1:
                    ca:b5:94:bb:0d:54:77:14:93:9e:7b:bf:c9:e3:0a:
                    13:d7:b3:ac:9a:f7:df:3a:87:59:4a:ca:af:f7:ae:
                    8d:f5:f4:0e:4b:af:5e:3c:72:d9:af:d2:f3:b3:13:
                    1c:26:6d:ff:03:cf:66:9b:76:6c:47:e7:43:81:c0:
                    1b:ac:e4:d5:d9:a0:8e:c8:40:02:6b:3d:b0:a3:4c:
                    bd:eb:0c:08:96:30:56:8f:cf:a0:95:8b:01:e8:d7:
                    0a:19:0e:30:9f:19:17:84:a2:e4:4f:b2:1c:48:11:
                    0f:50:7b:46:94:c5:d1:8e:82:27:0b:35:c4:3f:0a:
                    40:74:62:9e:4c:fa:b7:f8:24:04:69:df:c3:a1:60:
                    f2:96:68:a0:cb:af:b7:3d:c5:67:b2:f3:ad:c5:55:
                    af:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:4C:95:B9:27:C6:50:B8:92:25:04:AE:DC:DE:D8:28:73:F4:40:6D
            X509v3 Authority Key Identifier:
                keyid:25:0E:7D:F4:3C:82:D1:20:A1:3D:3C:86:5F:1F:06:F4:96:44:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQ599DyC0SChPTyGXx8G9JZEseE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/Z0yVuSfGULiSJQSu3N7YKHP0QG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7d2e64-10d9-4a4e-a4c6-4a9bb2fe7331/1/JQ599DyC0SChPTyGXx8G9JZEseE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:a0:8e:b0:58:42:00:86:c9:9b:26:59:15:17:1b:bd:95:ae:
         ca:3e:a4:ba:17:60:6d:24:29:4b:ec:46:53:72:00:f6:c8:73:
         63:f3:cf:f7:9d:88:81:24:aa:b0:69:88:23:c5:ab:f9:bf:77:
         fc:39:7b:8a:2d:77:6b:ae:7e:07:dc:5a:a2:01:4a:0f:42:e7:
         8d:5f:bd:57:31:fb:bb:a8:8c:91:d1:7b:53:24:a9:6b:de:f7:
         12:b4:86:7e:31:2f:24:db:27:fc:52:da:fc:58:47:df:dd:f7:
         c1:b4:a7:7b:96:0e:bb:34:6b:85:d2:cf:c8:2d:e9:82:3b:0d:
         00:81:47:25:90:5b:b9:7e:4d:ed:94:1a:d8:1d:23:2c:ab:c9:
         80:38:8f:be:69:af:91:62:d0:9f:73:d5:41:50:10:61:b7:38:
         8f:88:6a:a2:71:e4:5f:48:71:23:f3:ad:7b:30:fb:de:7b:fa:
         09:75:09:ca:fe:e5:66:ad:bd:26:04:da:c2:c8:ca:ab:e9:95:
         c6:f4:40:05:e1:d7:a0:a8:53:fc:55:68:24:e7:54:ac:50:a6:
         74:d7:76:41:65:58:5e:de:43:ec:02:70:f1:6f:1a:50:89:af:
         0e:cb:ca:95:e3:b6:92:32:7d:19:0b:c3:f2:c7:b3:a9:b3:e1:
         5a:07:45:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXejUGzqBmQ6Nyu1aOxDO1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MGU3ZGY0M2M4MmQxMjBhMTNkM2M4NjVmMWYwNmY0OTY0
NGIxZTEwHhcNMjMwMTIzMTIxNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzRjOTViOTI3YzY1MGI4OTIyNTA0YWVkY2RlZDgyODczZjQ0MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF4vpknmNNMaw0butE/1WbBdvSoJ
ZVo9vc4JQLseoBf0q5rnXE2fC31l2Kt2RJa8OEp8kKWdi/p5erkdj1UzDmbqI4Nd
xYNM28faNjzqsNdFkK1b8UR5Uy39n/pSNQdzBKHYwqMu2sHKtZS7DVR3FJOee7/J
4woT17OsmvffOodZSsqv966N9fQOS69ePHLZr9LzsxMcJm3/A89mm3ZsR+dDgcAb
rOTV2aCOyEACaz2wo0y96wwIljBWj8+glYsB6NcKGQ4wnxkXhKLkT7IcSBEPUHtG
lMXRjoInCzXEPwpAdGKeTPq3+CQEad/DoWDylmigy6+3PcVnsvOtxVWv9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdMlbknxlC4kiUErtze2Chz9EBtMB8GA1UdIwQY
MBaAFCUOffQ8gtEgoT08hl8fBvSWRLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYt
NGE5YmIyZmU3MzMxLzEvWjB5VnVTZkdVTGlTSlFTdTNON1lLSFAwUUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZDJlNjQtMTBkOS00YTRlLWE0YzYtNGE5YmIyZmU3MzMx
LzEvSlE1OTlEeUMwU0NoUFR5R1h4OEc5SlpFc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY+FMA0G
CSqGSIb3DQEBCwUAA4IBAQBOoI6wWEIAhsmbJlkVFxu9la7KPqS6F2BtJClL7EZT
cgD2yHNj88/3nYiBJKqwaYgjxav5v3f8OXuKLXdrrn4H3FqiAUoPQueNX71XMfu7
qIyR0XtTJKlr3vcStIZ+MS8k2yf8Utr8WEff3ffBtKd7lg67NGuF0s/ILemCOw0A
gUclkFu5fk3tlBrYHSMsq8mAOI++aa+RYtCfc9VBUBBhtziPiGqiceRfSHEj8617
MPvee/oJdQnK/uVmrb0mBNrCyMqr6ZXG9EAF4degqFP8VWgk51SsUKZ013ZBZVhe
3kPsAnDxbxpQia8Oy8qV47aSMn0ZC8Pyx7Ops+FaB0WV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:30 2024 by rpki-client on console-fra.rpki-client.org