Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/FGsMmhACZY2iWTmW2MOg54pnxKc.roa
File:                     FGsMmhACZY2iWTmW2MOg54pnxKc.roa (raw, json)
Hash identifier:          DJCHfo1/83dWrOZ6PXDlqqTpB+qXn4ZbIABztRWaicY=
Subject key identifier:   14:6B:0C:9A:10:02:65:8D:A2:59:39:96:D8:C3:A0:E7:8A:67:C4:A7
Certificate issuer:       /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial:       018BABC94C70725D74FF5FCE74C549405222
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/FGsMmhACZY2iWTmW2MOg54pnxKc.roa
Signing time:             Tue 07 Nov 2023 21:56:18 +0000
ROA not before:           Tue 07 Nov 2023 21:56:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.145.154.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 26 Nov 2023 00:03:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ab:c9:4c:70:72:5d:74:ff:5f:ce:74:c5:49:40:52:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
        Validity
            Not Before: Nov  7 21:56:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=146b0c9a1002658da2593996d8c3a0e78a67c4a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:81:b3:93:ff:3b:b4:ca:cf:51:ec:d2:80:21:
                    b0:e6:91:33:58:ef:6c:0e:a3:cf:8a:d6:c3:3c:1a:
                    29:1d:1b:ee:83:26:92:90:5d:1c:cb:97:bf:f4:fd:
                    82:b6:b0:38:1d:81:5d:5b:01:61:d9:85:24:7f:a9:
                    36:a6:55:18:a8:73:25:54:8a:1b:75:16:64:67:ff:
                    71:d9:e4:5e:26:28:ca:d4:f3:f6:95:6f:83:b1:ad:
                    83:51:3a:6c:0f:ec:25:87:1a:7b:9b:76:9e:27:52:
                    78:39:60:41:1d:58:97:52:33:22:0d:1d:78:07:18:
                    80:cf:fa:0f:23:1a:3d:bb:a9:f1:c9:05:8b:93:a3:
                    c4:58:6d:a2:f6:1e:84:99:4e:ac:08:e7:86:2c:b3:
                    33:ff:72:26:ea:da:ef:95:21:7a:c2:63:19:9a:8c:
                    04:7d:c5:d4:ff:08:59:d4:c0:bb:0f:b7:45:a6:af:
                    a6:10:36:c1:b9:97:1d:b4:b5:21:8f:44:fa:d0:17:
                    2a:df:82:9d:50:27:17:e4:bd:ac:47:c6:ce:33:97:
                    9e:54:cd:37:f6:af:4a:32:c1:67:e2:71:57:b3:97:
                    20:80:84:26:85:2e:16:ff:e6:3b:c5:cb:27:2c:3d:
                    75:20:ab:9b:d7:b1:98:39:58:71:3f:1f:4b:3b:f9:
                    87:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:6B:0C:9A:10:02:65:8D:A2:59:39:96:D8:C3:A0:E7:8A:67:C4:A7
            X509v3 Authority Key Identifier:
                keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/FGsMmhACZY2iWTmW2MOg54pnxKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         81:27:e1:da:7a:78:aa:a7:a6:76:59:ee:95:7b:24:d2:a6:ea:
         48:d7:92:e5:ec:82:5f:e6:de:c4:26:a8:b6:61:5d:c6:ec:cc:
         ed:07:af:e4:21:55:ba:1c:31:c0:b6:6b:f9:c0:52:4d:a0:59:
         26:a9:8f:25:4f:b7:fd:9e:ba:f4:38:74:8b:b7:7c:e8:51:09:
         4f:0c:04:b9:65:e7:f4:22:b5:1b:38:9b:6c:c2:d2:ab:6e:96:
         37:b8:e5:2e:5f:fe:5a:de:25:4f:8c:0b:f1:2c:aa:65:2e:b1:
         89:1d:33:ff:02:59:73:72:0d:5c:a8:6d:d9:08:84:c6:29:e7:
         44:31:93:e4:e6:39:10:fe:19:3d:b5:03:fe:05:ec:d2:39:20:
         b9:7d:af:38:f7:9f:3a:a7:c2:1e:e8:dc:f5:6e:a8:01:ce:5a:
         00:0f:69:86:aa:15:3e:79:34:ee:32:45:82:b1:28:a8:59:31:
         49:05:49:fa:7d:b8:83:65:17:db:e3:a2:6a:8e:82:a5:fe:76:
         dc:a7:eb:e3:da:84:db:09:36:08:05:59:3a:83:cf:e4:82:9b:
         a2:6d:eb:53:f9:f5:5b:64:b5:e3:af:a5:77:69:43:d6:27:97:
         00:15:dd:89:63:7c:8e:19:92:05:f0:ab:e1:86:50:02:9d:53:
         7b:46:1d:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuryUxwcl10/1/OdMVJQFIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMxMTA3MjE1NjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDZiMGM5YTEwMDI2NThkYTI1OTM5OTZkOGMzYTBlNzhhNjdjNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14Gzk/87tMrPUezSgCGw5pEzWO9s
DqPPitbDPBopHRvugyaSkF0cy5e/9P2CtrA4HYFdWwFh2YUkf6k2plUYqHMlVIob
dRZkZ/9x2eReJijK1PP2lW+Dsa2DUTpsD+wlhxp7m3aeJ1J4OWBBHViXUjMiDR14
BxiAz/oPIxo9u6nxyQWLk6PEWG2i9h6EmU6sCOeGLLMz/3Im6trvlSF6wmMZmowE
fcXU/whZ1MC7D7dFpq+mEDbBuZcdtLUhj0T60Bcq34KdUCcX5L2sR8bOM5eeVM03
9q9KMsFn4nFXs5cggIQmhS4W/+Y7xcsnLD11IKub17GYOVhxPx9LO/mHGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRrDJoQAmWNolk5ltjDoOeKZ8SnMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvRkdzTW1oQUNaWTJpV1RtVzJNT2c1NHBueEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZGaMA0G
CSqGSIb3DQEBCwUAA4IBAQCBJ+Haeniqp6Z2We6VeyTSpupI15Ll7IJf5t7EJqi2
YV3G7MztB6/kIVW6HDHAtmv5wFJNoFkmqY8lT7f9nrr0OHSLt3zoUQlPDAS5Zef0
IrUbOJtswtKrbpY3uOUuX/5a3iVPjAvxLKplLrGJHTP/Allzcg1cqG3ZCITGKedE
MZPk5jkQ/hk9tQP+BezSOSC5fa849586p8Ie6Nz1bqgBzloAD2mGqhU+eTTuMkWC
sSioWTFJBUn6fbiDZRfb46JqjoKl/nbcp+vj2oTbCTYIBVk6g8/kgpuibetT+fVb
ZLXjr6V3aUPWJ5cAFd2JY3yOGZIF8KvhhlACnVN7Rh03
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:42 2024 by rpki-client on console-ams.rpki-client.org