Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/XjGlyx8Mk9DU1EixfogiuRf-UNw.roa
File:                     XjGlyx8Mk9DU1EixfogiuRf-UNw.roa (raw, json)
Hash identifier:          jcscifm64nsCpR8Y/20szcTbo4JOKIdfr1XimkSukjM=
Subject key identifier:   5E:31:A5:CB:1F:0C:93:D0:D4:D4:48:B1:7E:88:22:B9:17:FE:50:DC
Certificate issuer:       /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial:       01886EA98B5BB15A74A4AEAD6F77155B1F61
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/XjGlyx8Mk9DU1EixfogiuRf-UNw.roa
Signing time:             Tue 30 May 2023 21:56:24 +0000
ROA not before:           Tue 30 May 2023 21:56:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44547
IP address blocks:        45.145.154.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 12:03:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6e:a9:8b:5b:b1:5a:74:a4:ae:ad:6f:77:15:5b:1f:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
        Validity
            Not Before: May 30 21:56:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e31a5cb1f0c93d0d4d448b17e8822b917fe50dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6f:2b:d4:62:eb:39:2f:b8:cb:32:8b:a8:ba:
                    e6:79:ea:d4:cf:ef:9f:3b:c6:bc:8b:e5:b2:7a:77:
                    a8:8c:bb:51:bd:31:cb:cd:1f:3b:f2:08:e6:e8:a2:
                    cb:f7:3f:ae:e3:5d:ab:4a:4b:b2:3b:98:9e:43:62:
                    52:75:9e:bc:0b:8a:ce:e5:fd:50:c6:74:46:9f:04:
                    58:6d:ee:87:77:f9:97:7a:ed:92:6d:97:c0:61:24:
                    98:59:93:97:b1:52:e3:51:df:0f:a7:4b:27:35:8a:
                    88:69:f9:51:83:54:f0:52:6e:f1:2a:c2:d2:45:c5:
                    01:00:02:74:12:14:17:78:60:95:39:9d:81:3e:16:
                    a6:6e:aa:8c:73:40:1e:86:88:86:df:f9:6f:ae:1e:
                    8b:2e:19:1e:db:6e:70:65:83:4c:05:51:e7:74:cd:
                    40:42:60:82:4e:18:d5:6a:61:f6:e0:36:df:6b:f4:
                    f7:41:a3:be:b1:51:1f:d6:21:ec:f1:f5:5d:f0:4d:
                    e1:04:a8:89:79:49:a7:cd:96:b6:3c:a3:9f:14:35:
                    5b:73:4b:6a:d3:c5:6b:bc:61:46:51:61:1b:83:9e:
                    78:1d:3b:99:26:ff:9c:b6:ee:76:45:04:21:42:88:
                    98:90:22:47:83:19:93:42:85:54:f4:05:54:0b:03:
                    46:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:31:A5:CB:1F:0C:93:D0:D4:D4:48:B1:7E:88:22:B9:17:FE:50:DC
            X509v3 Authority Key Identifier:
                keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/XjGlyx8Mk9DU1EixfogiuRf-UNw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:47:96:fd:7d:f6:c1:81:92:bf:d9:ed:a6:bc:ce:b0:14:82:
         f6:b5:a0:05:1c:7f:f5:b9:c2:55:fe:9f:6f:4b:f9:0d:7c:22:
         07:06:8e:66:26:dd:66:1e:b6:34:70:21:f2:ed:62:98:86:24:
         6d:85:19:fd:a3:51:5c:81:83:ea:1d:7f:2d:83:29:dd:a9:a2:
         fb:8f:77:78:aa:39:c6:22:0c:d9:40:2b:a4:06:0d:aa:12:a8:
         33:16:34:44:12:c0:a0:aa:64:dc:36:ea:cc:7b:3d:ff:54:96:
         38:72:ea:c8:49:02:a0:02:fd:46:61:9c:a8:55:c1:c0:e6:a8:
         c6:4d:57:0e:d6:fe:e3:21:9d:8f:85:76:7c:95:09:d7:61:5a:
         83:16:89:76:61:05:49:39:09:f8:e7:79:ea:db:57:da:d2:6e:
         97:72:43:a2:d9:93:6c:0c:59:67:65:42:93:57:64:b6:f3:3a:
         11:75:f0:9d:cc:fb:fb:ec:85:97:05:61:0f:23:b6:f1:d9:32:
         be:26:32:13:4b:b8:a0:ec:f5:63:c2:5e:0e:78:a5:83:cf:bb:
         a9:c4:c3:86:21:15:44:19:51:fb:81:20:89:40:30:32:ab:72:
         63:f7:1a:7d:68:55:19:54:72:cd:c2:02:ef:b9:c1:e4:b2:2f:
         5d:5c:a1:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhuqYtbsVp0pK6tb3cVWx9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMwNTMwMjE1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTMxYTVjYjFmMGM5M2QwZDRkNDQ4YjE3ZTg4MjJiOTE3ZmU1MGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs28r1GLrOS+4yzKLqLrmeerUz++f
O8a8i+WyeneojLtRvTHLzR878gjm6KLL9z+u412rSkuyO5ieQ2JSdZ68C4rO5f1Q
xnRGnwRYbe6Hd/mXeu2SbZfAYSSYWZOXsVLjUd8Pp0snNYqIaflRg1TwUm7xKsLS
RcUBAAJ0EhQXeGCVOZ2BPhambqqMc0AehoiG3/lvrh6LLhke225wZYNMBVHndM1A
QmCCThjVamH24Dbfa/T3QaO+sVEf1iHs8fVd8E3hBKiJeUmnzZa2PKOfFDVbc0tq
08VrvGFGUWEbg554HTuZJv+ctu52RQQhQoiYkCJHgxmTQoVU9AVUCwNGUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4xpcsfDJPQ1NRIsX6IIrkX/lDcMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvWGpHbHl4OE1rOURVMUVpeGZvZ2l1UmYtVU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZGaMA0G
CSqGSIb3DQEBCwUAA4IBAQAIR5b9ffbBgZK/2e2mvM6wFIL2taAFHH/1ucJV/p9v
S/kNfCIHBo5mJt1mHrY0cCHy7WKYhiRthRn9o1FcgYPqHX8tgyndqaL7j3d4qjnG
IgzZQCukBg2qEqgzFjREEsCgqmTcNurMez3/VJY4curISQKgAv1GYZyoVcHA5qjG
TVcO1v7jIZ2PhXZ8lQnXYVqDFol2YQVJOQn453nq21fa0m6XckOi2ZNsDFlnZUKT
V2S28zoRdfCdzPv77IWXBWEPI7bx2TK+JjITS7ig7PVjwl4OeKWDz7upxMOGIRVE
GVH7gSCJQDAyq3Jj9xp9aFUZVHLNwgLvucHksi9dXKGa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:26 2024 by rpki-client on console-fra.rpki-client.org