Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/9P6ZvGxuhvk6yVLR6Qn48s900Ko.roa
File:                     9P6ZvGxuhvk6yVLR6Qn48s900Ko.roa (raw, json)
Hash identifier:          EtTj75u8zTKnDatinhT6vervHFJyMpu90NCvtxZoIkw=
Subject key identifier:   F4:FE:99:BC:6C:6E:86:F9:3A:C9:52:D1:E9:09:F8:F2:CF:74:D0:AA
Certificate issuer:       /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial:       01856C9CB56C1E8EA0D0B8965064994C7B81
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/9P6ZvGxuhvk6yVLR6Qn48s900Ko.roa
Signing time:             Sun 01 Jan 2023 09:14:47 +0000
ROA not before:           Sun 01 Jan 2023 09:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57795
IP address blocks:        45.154.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:9c:b5:6c:1e:8e:a0:d0:b8:96:50:64:99:4c:7b:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
        Validity
            Not Before: Jan  1 09:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4fe99bc6c6e86f93ac952d1e909f8f2cf74d0aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f4:4b:41:77:30:45:98:3a:a8:99:0f:ed:f7:
                    db:b7:56:be:12:a6:e9:0f:f9:2e:f6:fc:ab:22:61:
                    22:48:66:2b:31:5b:54:ed:2c:8d:a0:f1:cb:24:f0:
                    2f:5b:71:39:c2:ab:c4:a3:27:1d:46:c0:13:9c:88:
                    2f:de:a7:a0:bc:de:62:58:45:a4:47:c2:1f:ef:f7:
                    e4:c5:dc:6d:1e:6a:f0:0c:be:67:c9:60:68:52:8d:
                    30:ef:58:0a:1f:b6:fc:23:94:b1:53:e6:27:41:54:
                    fd:a2:f3:c0:13:4e:da:1e:61:86:3c:7d:01:68:d2:
                    d4:b4:00:57:69:bc:2c:91:1e:8f:24:4b:1b:da:d8:
                    18:a4:b3:2e:cb:7b:d1:e0:63:94:ef:83:67:ea:93:
                    75:89:47:24:ad:f2:ae:71:d1:9f:66:e6:0d:98:bc:
                    44:5d:89:05:0f:08:87:a4:44:5e:e2:8d:99:c4:51:
                    69:c4:48:fa:ce:3e:9a:25:29:0b:52:63:68:68:7a:
                    26:14:e7:f2:56:51:1a:cc:a3:0b:25:17:e2:b9:18:
                    ac:2f:41:6b:58:55:6d:e5:df:50:7c:6c:4b:df:a1:
                    4d:d4:fd:3b:fe:50:cd:a2:55:81:7d:c9:06:d0:35:
                    0a:16:3b:1e:b3:c0:ce:fc:8d:9a:9c:60:54:4d:6a:
                    a2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:FE:99:BC:6C:6E:86:F9:3A:C9:52:D1:E9:09:F8:F2:CF:74:D0:AA
            X509v3 Authority Key Identifier:
                keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/9P6ZvGxuhvk6yVLR6Qn48s900Ko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:29:c5:fa:dc:47:a7:5a:46:1b:ba:e7:4e:fd:c0:18:6d:31:
         95:b4:20:86:79:1a:93:7c:1f:18:4a:c6:df:b3:8e:68:26:92:
         29:3d:2f:3d:a7:af:30:59:f8:3d:1f:af:4d:f4:f7:25:59:b6:
         cb:d8:31:1a:e0:b0:88:67:8b:04:e0:e4:89:9a:eb:95:e0:25:
         d4:35:9b:50:60:a8:d3:82:b2:fe:ad:d1:a0:ef:bc:bc:a4:10:
         d5:48:23:bf:57:3a:7b:37:f7:14:d2:0e:47:bd:6b:dd:0d:a6:
         d4:91:11:ff:e0:d7:af:70:30:0c:d1:1e:0f:88:1f:34:21:9d:
         77:97:67:4a:ef:f4:a8:dd:b1:93:fc:b9:86:cf:e2:38:d4:be:
         0c:1e:61:38:b7:16:97:84:34:5c:f5:52:86:ac:0d:ab:04:3f:
         3e:f0:06:24:3d:07:c5:24:b6:3e:9f:89:c0:1f:5d:1f:3a:c2:
         85:05:11:2a:29:c1:bb:a1:1b:24:6b:f0:9d:36:27:2b:dc:de:
         48:1f:4b:d8:05:b8:b9:aa:cb:50:52:af:b9:83:69:42:c6:f7:
         03:58:bc:b7:eb:8e:bf:a8:4f:e9:18:33:78:6e:31:1b:24:64:
         0e:84:e6:e1:0a:9f:5b:e9:5c:9a:64:f6:6c:2d:0f:ab:df:08:
         83:bc:40:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnLVsHo6g0LiWUGSZTHuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjMwMTAxMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGZlOTliYzZjNmU4NmY5M2FjOTUyZDFlOTA5ZjhmMmNmNzRkMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/RLQXcwRZg6qJkP7ffbt1a+Eqbp
D/ku9vyrImEiSGYrMVtU7SyNoPHLJPAvW3E5wqvEoycdRsATnIgv3qegvN5iWEWk
R8If7/fkxdxtHmrwDL5nyWBoUo0w71gKH7b8I5SxU+YnQVT9ovPAE07aHmGGPH0B
aNLUtABXabwskR6PJEsb2tgYpLMuy3vR4GOU74Nn6pN1iUckrfKucdGfZuYNmLxE
XYkFDwiHpERe4o2ZxFFpxEj6zj6aJSkLUmNoaHomFOfyVlEazKMLJRfiuRisL0Fr
WFVt5d9QfGxL36FN1P07/lDNolWBfckG0DUKFjses8DO/I2anGBUTWqiGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPT+mbxsbob5OslS0ekJ+PLPdNCqMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvOVA2WnZHeHVodms2eVZMUjZRbjQ4czkwMEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZouMA0G
CSqGSIb3DQEBCwUAA4IBAQCoKcX63EenWkYbuudO/cAYbTGVtCCGeRqTfB8YSsbf
s45oJpIpPS89p68wWfg9H69N9PclWbbL2DEa4LCIZ4sE4OSJmuuV4CXUNZtQYKjT
grL+rdGg77y8pBDVSCO/Vzp7N/cU0g5HvWvdDabUkRH/4NevcDAM0R4PiB80IZ13
l2dK7/So3bGT/LmGz+I41L4MHmE4txaXhDRc9VKGrA2rBD8+8AYkPQfFJLY+n4nA
H10fOsKFBREqKcG7oRska/CdNicr3N5IH0vYBbi5qstQUq+5g2lCxvcDWLy3646/
qE/pGDN4bjEbJGQOhObhCp9b6VyaZPZsLQ+r3wiDvEAY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org