Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/LwTYTaDis0ATH9oIeoPgDEQPjTA.roa
File:                     LwTYTaDis0ATH9oIeoPgDEQPjTA.roa (raw, json)
Hash identifier:          QvtMt34l8ylA+BEABoX1/MCf8hufJOCr50Z0o+cEpxw=
Subject key identifier:   2F:04:D8:4D:A0:E2:B3:40:13:1F:DA:08:7A:83:E0:0C:44:0F:8D:30
Certificate issuer:       /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial:       01897534440ECA30A400932C7C8F0B1B20B5
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/LwTYTaDis0ATH9oIeoPgDEQPjTA.roa
Signing time:             Thu 20 Jul 2023 21:28:26 +0000
ROA not before:           Thu 20 Jul 2023 21:28:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.145.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jul 2023 22:32:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:75:34:44:0e:ca:30:a4:00:93:2c:7c:8f:0b:1b:20:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
        Validity
            Not Before: Jul 20 21:28:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f04d84da0e2b340131fda087a83e00c440f8d30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fa:56:e5:2c:6c:4e:21:3a:8f:38:a0:a1:48:
                    9e:b3:ee:94:35:2b:2b:d0:f4:f7:d1:1c:06:be:df:
                    77:db:5b:3e:93:c6:b7:d0:10:c0:4b:b5:70:88:30:
                    b7:6c:ea:99:a2:b7:80:1b:b8:cc:f7:e3:e1:1f:f8:
                    ee:7b:81:96:b9:25:66:49:de:e8:61:e1:0a:24:fc:
                    c7:0d:26:5e:b4:fc:a3:9e:30:96:6d:5d:72:f4:83:
                    49:1b:b2:f9:2c:82:1e:94:a9:51:83:dc:2e:ef:0c:
                    81:cd:4f:19:16:e2:51:b6:0d:61:2b:f3:20:47:48:
                    94:ee:60:0f:86:b1:30:0c:b5:c2:27:d1:e5:b6:3a:
                    de:b8:49:23:12:d6:a0:b3:38:b8:66:ac:c6:fa:ac:
                    a6:e7:88:33:41:20:9f:02:50:f3:ee:52:45:bf:af:
                    91:16:e3:f9:f1:f8:9d:7e:9a:d8:b9:05:e2:31:93:
                    74:58:70:6f:cf:31:fb:41:4a:a1:da:f2:3a:59:63:
                    51:05:b1:08:c4:6e:d0:0d:2e:79:7b:c3:c5:81:c4:
                    6a:df:d0:b9:55:8c:31:94:a4:44:be:19:d7:6b:97:
                    a2:be:fa:f0:ab:c5:b3:71:e3:ad:55:16:f4:aa:5a:
                    7d:56:be:2f:cc:50:d8:67:a0:29:0d:0f:7f:a1:0c:
                    66:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:04:D8:4D:A0:E2:B3:40:13:1F:DA:08:7A:83:E0:0C:44:0F:8D:30
            X509v3 Authority Key Identifier:
                keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/LwTYTaDis0ATH9oIeoPgDEQPjTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:70:00:cc:0f:fa:9b:a8:a9:39:b9:7d:ad:37:49:96:fd:b8:
         f8:0e:38:00:1f:a6:80:97:bb:be:77:b3:cc:5d:f8:fb:e8:53:
         8c:80:d0:1f:24:bf:ea:de:2a:26:c0:90:94:2c:b9:60:2e:65:
         ad:f6:bb:64:ba:70:9e:8f:1f:e2:44:5c:9d:06:66:8f:54:f0:
         ca:31:67:d5:d2:a4:91:24:a9:75:5b:1d:c0:6d:97:c8:be:50:
         43:94:f7:ce:75:bd:78:01:d9:64:18:27:19:45:bd:51:5f:32:
         1f:93:55:bd:52:ef:87:a8:d2:30:45:23:d3:d2:d1:ad:2b:4a:
         ba:90:77:67:cd:e3:b1:a2:ef:ff:2b:d5:30:d3:2b:dd:63:df:
         71:1b:47:66:4d:16:d3:f4:dd:b6:95:89:67:8b:66:80:38:f2:
         45:6d:17:e3:32:f8:7d:5c:0b:d2:b2:89:6e:81:96:ec:b6:93:
         49:03:0f:7b:fb:9a:92:bb:1e:c1:0c:a3:e8:df:99:3c:7c:e6:
         33:26:88:dd:19:b1:cd:02:65:d5:fe:bd:b9:87:01:e9:64:43:
         4f:1e:b3:17:af:14:bb:28:69:ac:71:d4:02:c2:1c:14:83:8d:
         a1:f8:9b:89:c0:15:59:b7:a2:2d:1a:78:1d:30:2d:42:c0:6d:
         3a:41:6b:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl1NEQOyjCkAJMsfI8LGyC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMwNzIwMjEyODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjA0ZDg0ZGEwZTJiMzQwMTMxZmRhMDg3YTgzZTAwYzQ0MGY4ZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfpW5SxsTiE6jzigoUies+6UNSsr
0PT30RwGvt9321s+k8a30BDAS7VwiDC3bOqZoreAG7jM9+PhH/jue4GWuSVmSd7o
YeEKJPzHDSZetPyjnjCWbV1y9INJG7L5LIIelKlRg9wu7wyBzU8ZFuJRtg1hK/Mg
R0iU7mAPhrEwDLXCJ9HltjreuEkjEtagszi4ZqzG+qym54gzQSCfAlDz7lJFv6+R
FuP58fidfprYuQXiMZN0WHBvzzH7QUqh2vI6WWNRBbEIxG7QDS55e8PFgcRq39C5
VYwxlKREvhnXa5eivvrwq8WzceOtVRb0qlp9Vr4vzFDYZ6ApDQ9/oQxmxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8E2E2g4rNAEx/aCHqD4AxED40wMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvTHdUWVRhRGlzMEFUSDlvSWVvUGdERVFQalRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGZMA0G
CSqGSIb3DQEBCwUAA4IBAQCGcADMD/qbqKk5uX2tN0mW/bj4DjgAH6aAl7u+d7PM
Xfj76FOMgNAfJL/q3iomwJCULLlgLmWt9rtkunCejx/iRFydBmaPVPDKMWfV0qSR
JKl1Wx3AbZfIvlBDlPfOdb14AdlkGCcZRb1RXzIfk1W9Uu+HqNIwRSPT0tGtK0q6
kHdnzeOxou//K9Uw0yvdY99xG0dmTRbT9N22lYlni2aAOPJFbRfjMvh9XAvSsolu
gZbstpNJAw97+5qSux7BDKPo35k8fOYzJojdGbHNAmXV/r25hwHpZENPHrMXrxS7
KGmscdQCwhwUg42h+JuJwBVZt6ItGngdMC1CwG06QWtw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:25 2024 by rpki-client on console-fra.rpki-client.org