Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/7xzN_Rvyc_6r1xOH-la7h87mQjA.roa
File:                     7xzN_Rvyc_6r1xOH-la7h87mQjA.roa (raw, json)
Hash identifier:          AzyjVjHMQ/7IyH2D6R9r7c9NpjtKFo35kpcwW1hYEgk=
Subject key identifier:   EF:1C:CD:FD:1B:F2:73:FE:AB:D7:13:87:FA:56:BB:87:CE:E6:42:30
Certificate issuer:       /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial:       01886EA98AC9D9D07CFDC91F33D85785718A
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/7xzN_Rvyc_6r1xOH-la7h87mQjA.roa
Signing time:             Tue 30 May 2023 21:56:24 +0000
ROA not before:           Tue 30 May 2023 21:56:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.145.152.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 12:03:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6e:a9:8a:c9:d9:d0:7c:fd:c9:1f:33:d8:57:85:71:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
        Validity
            Not Before: May 30 21:56:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef1ccdfd1bf273feabd71387fa56bb87cee64230
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e1:1c:be:fd:0b:61:35:30:1d:bc:38:71:dd:
                    ca:d5:a6:0b:ce:8e:67:fa:a4:b3:09:15:b9:e7:3c:
                    b3:6d:f0:4c:14:f2:18:9c:0a:cb:e3:ed:54:18:2b:
                    f8:a4:5e:b3:1b:38:01:8c:73:02:6e:39:e8:18:12:
                    37:46:f0:c3:35:24:0b:d3:fb:75:96:9f:e4:55:97:
                    15:7e:47:cd:b1:5f:29:50:c4:af:6e:24:ac:56:94:
                    c3:ff:b2:bc:55:94:2e:98:a5:3b:ee:ee:e2:cb:19:
                    02:91:02:69:d0:c0:62:6c:cc:88:04:3e:0a:bb:ba:
                    17:39:fa:76:bf:fc:73:41:9c:07:70:dc:6d:1c:3b:
                    76:9e:dc:dc:3a:ce:db:81:e1:57:5d:d1:b9:18:de:
                    85:8e:93:a1:de:89:f4:94:37:f1:ed:cd:da:ea:23:
                    e8:40:e3:a3:90:ca:84:6b:2d:ff:d6:83:2c:c6:27:
                    0d:43:8f:c9:8e:fb:78:20:c4:ea:21:ea:d7:41:1b:
                    28:96:96:f2:69:11:fd:c0:49:ff:df:02:93:04:d5:
                    c6:6c:7d:da:98:da:79:b6:19:a1:1f:e7:42:ba:94:
                    da:cc:b8:5d:f1:89:23:47:b4:85:4b:0e:57:c2:be:
                    d3:21:4e:4b:b2:04:86:88:b8:54:d6:06:6a:b3:05:
                    07:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:1C:CD:FD:1B:F2:73:FE:AB:D7:13:87:FA:56:BB:87:CE:E6:42:30
            X509v3 Authority Key Identifier:
                keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/7xzN_Rvyc_6r1xOH-la7h87mQjA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7e:32:11:36:0a:9f:bb:01:99:b1:f7:a9:dd:91:a4:c1:c9:94:
         32:0e:05:6a:06:20:00:93:a9:0e:86:49:d7:43:ae:50:c0:15:
         60:0e:d6:74:4f:b3:45:db:01:44:b0:11:f4:6c:aa:c2:0e:98:
         8d:12:50:63:30:c3:c2:d5:56:54:97:c7:38:bc:c9:c5:4b:bd:
         d3:72:c8:21:2c:39:3c:d3:82:20:cc:43:5c:42:29:9e:fe:a3:
         ac:a3:af:09:91:95:cd:a4:f2:0e:88:e0:c5:90:16:cf:82:8e:
         3c:a9:da:27:65:5a:5d:2a:28:ce:a7:42:fd:f8:3d:a8:16:27:
         37:2f:82:4b:92:00:cb:cc:a7:8a:c2:27:3a:29:4e:4a:46:92:
         37:22:65:20:1e:15:c8:98:70:d4:88:59:96:a2:b1:fb:fd:f4:
         9c:52:ab:ff:2e:9c:c7:df:90:20:dd:60:74:47:db:7f:eb:3a:
         23:2d:1a:96:84:6a:50:c2:f8:f9:1b:8f:9f:71:ac:46:37:bf:
         0c:f7:78:b7:e4:94:f1:0d:6f:f6:e3:3e:fd:12:45:03:ba:f2:
         20:aa:a6:90:3d:ed:88:ce:66:c6:75:10:a2:94:33:c8:86:75:
         9a:b0:94:11:0a:5a:8b:fa:dc:db:86:3e:a8:4c:f2:6d:ff:77:
         e8:f4:34:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhuqYrJ2dB8/ckfM9hXhXGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMwNTMwMjE1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjFjY2RmZDFiZjI3M2ZlYWJkNzEzODdmYTU2YmI4N2NlZTY0MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluEcvv0LYTUwHbw4cd3K1aYLzo5n
+qSzCRW55zyzbfBMFPIYnArL4+1UGCv4pF6zGzgBjHMCbjnoGBI3RvDDNSQL0/t1
lp/kVZcVfkfNsV8pUMSvbiSsVpTD/7K8VZQumKU77u7iyxkCkQJp0MBibMyIBD4K
u7oXOfp2v/xzQZwHcNxtHDt2ntzcOs7bgeFXXdG5GN6FjpOh3on0lDfx7c3a6iPo
QOOjkMqEay3/1oMsxicNQ4/Jjvt4IMTqIerXQRsolpbyaRH9wEn/3wKTBNXGbH3a
mNp5thmhH+dCupTazLhd8YkjR7SFSw5Xwr7TIU5LsgSGiLhU1gZqswUH8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8czf0b8nP+q9cTh/pWu4fO5kIwMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvN3h6Tl9SdnljXzZyMXhPSC1sYTdoODdtUWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZGYMA0G
CSqGSIb3DQEBCwUAA4IBAQB+MhE2Cp+7AZmx96ndkaTByZQyDgVqBiAAk6kOhknX
Q65QwBVgDtZ0T7NF2wFEsBH0bKrCDpiNElBjMMPC1VZUl8c4vMnFS73TcsghLDk8
04IgzENcQime/qOso68JkZXNpPIOiODFkBbPgo48qdonZVpdKijOp0L9+D2oFic3
L4JLkgDLzKeKwic6KU5KRpI3ImUgHhXImHDUiFmWorH7/fScUqv/LpzH35Ag3WB0
R9t/6zojLRqWhGpQwvj5G4+fcaxGN78M93i35JTxDW/24z79EkUDuvIgqqaQPe2I
zmbGdRCilDPIhnWasJQRClqL+tzbhj6oTPJt/3fo9DSb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:42 2024 by rpki-client on console-ams.rpki-client.org