Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/J1cwmsMmpKiA-ptAc6cDxgNDqm4.roa
File:                     J1cwmsMmpKiA-ptAc6cDxgNDqm4.roa (raw, json)
Hash identifier:          w9uhA8U7VfUgEL4MaapfjHvXmde+JpYhs32eXs5U+xg=
Subject key identifier:   27:57:30:9A:C3:26:A4:A8:80:FA:9B:40:73:A7:03:C6:03:43:AA:6E
Certificate issuer:       /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial:       018C132E29CA261E1A9918511529177BC02D
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/J1cwmsMmpKiA-ptAc6cDxgNDqm4.roa
Signing time:             Mon 27 Nov 2023 23:47:21 +0000
ROA not before:           Mon 27 Nov 2023 23:47:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.145.154.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Dec 2023 23:44:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:13:2e:29:ca:26:1e:1a:99:18:51:15:29:17:7b:c0:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
        Validity
            Not Before: Nov 27 23:47:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2757309ac326a4a880fa9b4073a703c60343aa6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:14:f2:60:e0:e6:98:c1:91:46:80:b1:01:fa:
                    07:3b:37:dd:da:e1:ab:39:0e:61:16:68:f5:be:f3:
                    8a:47:1e:c9:a5:f7:fe:b5:26:61:9b:8b:bf:f7:ec:
                    b2:a8:c4:46:82:73:fe:08:0b:a2:90:ab:e2:9a:3b:
                    b7:4e:1b:11:fb:7b:4b:d8:0d:3a:63:5c:0c:88:62:
                    c2:00:56:84:d9:ab:2d:39:e4:a5:b7:0b:ae:b3:24:
                    42:6a:89:ac:db:88:b5:a8:e4:a1:fb:ae:31:7b:64:
                    1d:45:56:b4:bb:0d:20:29:6b:09:03:3f:dd:e8:50:
                    b4:7a:a1:c2:66:65:31:61:1a:0a:3d:17:8d:9b:63:
                    b9:44:ec:ed:58:4e:74:8e:15:bb:73:fd:9c:33:cb:
                    3f:ef:25:8b:44:2d:1b:69:2d:e7:a5:b2:6c:79:ac:
                    c3:bc:cd:e3:7e:5d:cf:35:3b:24:8c:53:0f:ce:66:
                    96:ff:95:24:cf:bd:48:05:73:10:93:5b:9f:0c:f5:
                    64:74:74:54:ad:3b:ae:a0:ab:56:56:ca:92:a5:00:
                    a8:07:46:98:bf:b6:69:50:b7:29:e1:91:da:3e:78:
                    63:7a:ff:1f:cd:7b:b9:6d:47:74:f0:27:53:dd:49:
                    f6:e6:d6:8c:b8:21:ef:f1:c6:d0:10:f0:29:5d:8e:
                    c3:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:57:30:9A:C3:26:A4:A8:80:FA:9B:40:73:A7:03:C6:03:43:AA:6E
            X509v3 Authority Key Identifier:
                keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/J1cwmsMmpKiA-ptAc6cDxgNDqm4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:fa:3e:70:a7:9a:fd:34:25:d3:20:3d:eb:cd:01:c1:8d:15:
         98:59:81:06:74:98:f7:d5:2a:b0:bd:3c:e0:e9:57:9e:6e:2f:
         06:16:bf:66:5b:d5:46:42:22:70:33:22:4b:0b:99:6d:89:56:
         7a:cf:fa:53:c5:c2:a4:2c:3a:6e:61:87:97:72:c0:2d:7e:f1:
         f9:c1:02:67:35:8b:e2:e2:e1:f4:5b:7e:d3:ed:02:de:c5:5e:
         78:03:81:f7:1a:2f:6d:5a:79:9d:24:59:3d:b2:57:50:b7:13:
         63:f5:15:d0:7f:fb:57:fc:3b:5d:b0:fb:c7:81:e1:10:c0:9e:
         a2:7f:fc:d8:59:dd:8a:5f:ce:6e:c5:6b:05:63:15:e4:e6:0e:
         65:5e:71:65:dd:5e:40:43:52:37:b2:be:56:19:58:d9:a5:de:
         27:55:a0:6d:56:58:6b:b2:48:81:e5:37:3c:7a:4f:3f:e6:a2:
         f6:49:53:14:e0:6b:ad:b9:4b:3e:12:ef:08:5f:ef:f9:a7:01:
         d3:2d:a7:ea:0b:f0:26:8c:2c:98:10:34:97:f7:28:41:69:a0:
         ef:7e:09:33:84:2e:28:64:1e:92:7e:bf:dc:3d:0e:7c:74:1e:
         d2:23:99:67:bd:25:1b:30:6c:ee:8f:4c:ac:1d:c8:4f:6c:d3:
         ef:b9:39:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwTLinKJh4amRhRFSkXe8AtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMxMTI3MjM0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzU3MzA5YWMzMjZhNGE4ODBmYTliNDA3M2E3MDNjNjAzNDNhYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxTyYODmmMGRRoCxAfoHOzfd2uGr
OQ5hFmj1vvOKRx7Jpff+tSZhm4u/9+yyqMRGgnP+CAuikKvimju3ThsR+3tL2A06
Y1wMiGLCAFaE2astOeSltwuusyRCaoms24i1qOSh+64xe2QdRVa0uw0gKWsJAz/d
6FC0eqHCZmUxYRoKPReNm2O5ROztWE50jhW7c/2cM8s/7yWLRC0baS3npbJseazD
vM3jfl3PNTskjFMPzmaW/5Ukz71IBXMQk1ufDPVkdHRUrTuuoKtWVsqSpQCoB0aY
v7ZpULcp4ZHaPnhjev8fzXu5bUd08CdT3Un25taMuCHv8cbQEPApXY7DWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdXMJrDJqSogPqbQHOnA8YDQ6puMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvSjFjd21zTW1wS2lBLXB0QWM2Y0R4Z05EcW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZGaMA0G
CSqGSIb3DQEBCwUAA4IBAQAo+j5wp5r9NCXTID3rzQHBjRWYWYEGdJj31SqwvTzg
6Veebi8GFr9mW9VGQiJwMyJLC5ltiVZ6z/pTxcKkLDpuYYeXcsAtfvH5wQJnNYvi
4uH0W37T7QLexV54A4H3Gi9tWnmdJFk9sldQtxNj9RXQf/tX/DtdsPvHgeEQwJ6i
f/zYWd2KX85uxWsFYxXk5g5lXnFl3V5AQ1I3sr5WGVjZpd4nVaBtVlhrskiB5Tc8
ek8/5qL2SVMU4GutuUs+Eu8IX+/5pwHTLafqC/AmjCyYEDSX9yhBaaDvfgkzhC4o
ZB6Sfr/cPQ58dB7SI5lnvSUbMGzuj0ysHchPbNPvuTln
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:42 2024 by rpki-client on console-ams.rpki-client.org