Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/DgnVaJqKymK5Mkp85GaFnt3eNfY.roa
File:                     DgnVaJqKymK5Mkp85GaFnt3eNfY.roa (raw, json)
Hash identifier:          bKhHE6NHwWg3qTK9VFcoxgeJi3Wxqn1iKrit8Tjyfpc=
Subject key identifier:   0E:09:D5:68:9A:8A:CA:62:B9:32:4A:7C:E4:66:85:9E:DD:DE:35:F6
Certificate issuer:       /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial:       018A981D46CA4B0D00F50FD6B10D75C346EF
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/DgnVaJqKymK5Mkp85GaFnt3eNfY.roa
Signing time:             Fri 15 Sep 2023 09:12:50 +0000
ROA not before:           Fri 15 Sep 2023 09:12:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.145.153.0/24 maxlen: 24
                          80.83.88.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 20:41:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:98:1d:46:ca:4b:0d:00:f5:0f:d6:b1:0d:75:c3:46:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
        Validity
            Not Before: Sep 15 09:12:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e09d5689a8aca62b9324a7ce466859eddde35f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:f8:13:1e:d4:67:5d:25:89:ab:74:c0:b4:e6:
                    9f:ac:d7:82:7c:72:7a:1f:8e:a5:a4:1e:8c:a0:77:
                    07:6d:68:1a:e3:69:c0:c4:ba:15:53:de:86:fc:9f:
                    e0:76:f3:7f:23:c7:df:25:b8:c9:39:3d:eb:a6:da:
                    1c:e1:7a:dc:8d:b2:57:91:7a:1a:af:a6:65:0c:2b:
                    95:a7:50:94:ce:d0:f7:bc:23:25:3e:7e:d5:14:03:
                    e3:58:ee:a9:5a:0e:99:49:49:7e:e1:5f:f1:8f:ba:
                    a7:23:01:b7:6f:49:db:bc:87:8d:ad:76:8c:69:6f:
                    45:cb:84:7f:15:1e:15:07:8d:90:76:6b:4e:60:83:
                    a7:b0:4f:c7:af:44:37:e4:52:4c:3d:8b:ef:fb:14:
                    50:8a:d1:8e:67:d6:a3:d8:db:18:20:b1:cf:c6:c5:
                    15:af:d0:bb:13:db:bf:d4:47:b6:85:13:eb:27:2c:
                    1c:03:4f:6a:dd:43:5b:77:73:1b:82:60:e6:08:b7:
                    af:65:85:70:14:1d:43:c9:d9:e0:18:4c:aa:e8:37:
                    93:65:11:d1:ba:f2:12:a8:56:b4:c5:ba:f8:5d:82:
                    10:70:77:54:2f:3d:21:9d:fe:79:02:26:f4:0c:ce:
                    68:45:5d:11:b7:42:dc:fc:01:03:01:35:29:c0:80:
                    d1:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:09:D5:68:9A:8A:CA:62:B9:32:4A:7C:E4:66:85:9E:DD:DE:35:F6
            X509v3 Authority Key Identifier:
                keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/DgnVaJqKymK5Mkp85GaFnt3eNfY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.153.0/24
                  80.83.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:e1:c3:69:d0:33:e3:c5:57:31:ed:e7:1a:6e:b2:b9:53:36:
         6a:af:68:09:6e:19:bc:a4:ea:ae:0d:e7:a7:7f:e0:53:0b:2d:
         7b:7e:b0:3f:d2:2d:c9:09:ea:77:2d:79:3a:74:64:e3:ca:07:
         89:b7:25:64:00:53:58:c6:9c:7f:b4:c1:16:45:78:ad:e4:72:
         74:77:ab:4a:60:a6:e5:2a:de:99:fc:2f:e6:75:ad:24:76:97:
         14:ca:fa:ae:c7:74:25:16:6c:d5:2f:3e:a9:d2:7d:ec:79:5e:
         e6:60:e4:63:fe:ba:05:d9:14:25:12:f4:1a:0e:f5:0d:ab:59:
         85:67:10:2b:91:e3:2c:4b:91:1b:c0:a0:1f:a2:66:43:05:73:
         ca:ca:51:4d:31:d8:28:4b:44:c8:c9:ea:c3:8a:82:48:fc:98:
         46:98:e9:9d:a1:f4:2c:a7:c9:c0:cd:77:8d:38:74:02:47:80:
         d1:a7:b2:de:f2:77:f8:94:01:72:68:82:1a:3e:2a:34:ae:19:
         c9:79:49:1e:2a:29:52:87:59:04:94:62:a4:09:40:fe:eb:2d:
         06:a3:29:04:b8:88:39:ab:2e:04:51:ea:4c:41:83:a4:09:dc:
         dd:9a:9e:00:83:e3:8a:ef:04:33:e1:a0:3c:e9:93:58:6b:76:
         8d:64:6a:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqYHUbKSw0A9Q/WsQ11w0bvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMwOTE1MDkxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA5ZDU2ODlhOGFjYTYyYjkzMjRhN2NlNDY2ODU5ZWRkZGUzNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvgTHtRnXSWJq3TAtOafrNeCfHJ6
H46lpB6MoHcHbWga42nAxLoVU96G/J/gdvN/I8ffJbjJOT3rptoc4XrcjbJXkXoa
r6ZlDCuVp1CUztD3vCMlPn7VFAPjWO6pWg6ZSUl+4V/xj7qnIwG3b0nbvIeNrXaM
aW9Fy4R/FR4VB42QdmtOYIOnsE/Hr0Q35FJMPYvv+xRQitGOZ9aj2NsYILHPxsUV
r9C7E9u/1Ee2hRPrJywcA09q3UNbd3MbgmDmCLevZYVwFB1DydngGEyq6DeTZRHR
uvISqFa0xbr4XYIQcHdULz0hnf55Aib0DM5oRV0Rt0Lc/AEDATUpwIDRewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA4J1WiaispiuTJKfORmhZ7d3jX2MB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvRGduVmFKcUt5bUs1TWtwODVHYUZudDNlTmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZGZAwQB
UFNYMA0GCSqGSIb3DQEBCwUAA4IBAQAG4cNp0DPjxVcx7ecabrK5UzZqr2gJbhm8
pOquDeenf+BTCy17frA/0i3JCep3LXk6dGTjygeJtyVkAFNYxpx/tMEWRXit5HJ0
d6tKYKblKt6Z/C/mda0kdpcUyvqux3QlFmzVLz6p0n3seV7mYORj/roF2RQlEvQa
DvUNq1mFZxArkeMsS5EbwKAfomZDBXPKylFNMdgoS0TIyerDioJI/JhGmOmdofQs
p8nAzXeNOHQCR4DRp7Le8nf4lAFyaIIaPio0rhnJeUkeKilSh1kElGKkCUD+6y0G
oykEuIg5qy4EUepMQYOkCdzdmp4Ag+OK7wQz4aA86ZNYa3aNZGq8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:25 2024 by rpki-client on console-fra.rpki-client.org