Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/RLVLKanZDtiDPhf5k42ZdATmH5w.roa
File:                     RLVLKanZDtiDPhf5k42ZdATmH5w.roa (raw, json)
Hash identifier:          T1sQ2ueBkT9XEAaaU9W/ynoe9JhT+CukbJUutRsyNYI=
Subject key identifier:   44:B5:4B:29:A9:D9:0E:D8:83:3E:17:F9:93:8D:99:74:04:E6:1F:9C
Certificate issuer:       /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial:       01866FC1321D3D8A9D838F0CBF77A25CD42A
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/RLVLKanZDtiDPhf5k42ZdATmH5w.roa
Signing time:             Mon 20 Feb 2023 16:56:17 +0000
ROA not before:           Mon 20 Feb 2023 16:56:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202945
IP address blocks:        45.154.60.0/24 maxlen: 24
                          2a0f:b100:2::/48 maxlen: 48
                          2a0f:b100:5::/48 maxlen: 48
                          2a0f:b100::/44 maxlen: 44
                          2a0f:b100:6::/48 maxlen: 48
                          2a0f:b100:4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 26 Mar 2023 18:16:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:6f:c1:32:1d:3d:8a:9d:83:8f:0c:bf:77:a2:5c:d4:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
        Validity
            Not Before: Feb 20 16:56:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=44b54b29a9d90ed8833e17f9938d997404e61f9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:70:38:c1:16:ea:02:82:2f:eb:6d:4e:c4:0a:
                    7b:d8:82:d3:84:01:60:9c:2f:c1:70:01:b3:20:38:
                    83:26:7e:43:c5:16:e1:15:a5:a3:97:42:2c:b9:5c:
                    47:f3:d3:20:d2:fb:13:b8:9e:ae:62:ec:a0:cc:62:
                    1c:87:80:e2:6a:71:8e:cc:60:50:b3:61:95:0e:69:
                    e5:bb:fe:12:73:3d:eb:28:63:89:59:6b:17:74:fd:
                    c2:b4:50:5f:41:3d:04:74:1e:6d:d8:f2:28:7e:4e:
                    5a:52:71:bd:c0:1f:09:ba:4d:dd:e1:c9:d9:e7:4c:
                    5c:ae:c5:1c:8e:c4:c8:7a:1d:57:d2:67:1d:48:af:
                    0b:69:32:de:6c:d1:63:a4:6c:b6:4c:7f:a7:82:50:
                    3d:54:21:00:64:10:22:82:34:78:2d:f7:30:a8:0c:
                    c6:da:c6:9e:4f:05:3d:b3:b3:06:79:83:98:ba:83:
                    b4:64:b7:70:d4:77:da:db:f1:7d:0b:39:7b:09:06:
                    ac:10:98:6a:7c:96:0a:0f:79:50:b8:08:9f:7d:6d:
                    93:1f:fa:3b:01:94:29:2a:60:d9:6e:66:d4:88:79:
                    e4:93:64:5f:8e:87:00:a5:3f:bc:8c:8d:5e:22:21:
                    24:eb:fe:82:42:f9:8a:a9:62:e8:05:04:35:00:4a:
                    bc:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:B5:4B:29:A9:D9:0E:D8:83:3E:17:F9:93:8D:99:74:04:E6:1F:9C
            X509v3 Authority Key Identifier:
                keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/RLVLKanZDtiDPhf5k42ZdATmH5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.60.0/24
                IPv6:
                  2a0f:b100::/44

    Signature Algorithm: sha256WithRSAEncryption
         65:f5:ca:06:54:51:41:b7:66:7f:44:f5:fc:bb:13:25:bb:76:
         65:f2:be:76:69:c8:af:9f:98:e0:5c:73:93:fd:68:95:c9:ae:
         eb:2b:2c:07:48:06:cc:45:41:1a:40:36:d2:6e:03:76:7e:13:
         ac:ec:a7:2f:0f:83:ec:4b:26:00:fb:53:4f:09:53:46:82:b8:
         e9:80:f4:ba:36:5a:ff:ef:ce:93:ce:d9:9f:92:fd:a2:d2:1b:
         1b:9d:44:4d:7c:2e:bc:de:6a:15:cf:eb:0c:c4:f9:5e:19:90:
         56:eb:64:4e:47:0a:00:e5:33:72:ce:ca:93:e7:bf:e5:8f:f1:
         3d:39:35:5b:e9:95:7f:c1:68:60:7e:8e:aa:e9:f4:52:2d:37:
         35:ef:82:e9:c2:84:e6:1d:6c:61:c6:70:d8:11:68:9c:c7:ef:
         e4:29:6a:7b:32:7d:1b:f3:93:ee:31:25:7e:f2:d9:17:09:68:
         0e:84:32:a8:80:91:00:34:2b:df:bc:49:51:d7:c5:90:09:87:
         d8:cb:39:3d:ba:33:d3:40:cb:f2:a5:4b:96:7d:f1:6a:28:c1:
         17:f7:77:9b:66:55:e2:74:8b:8b:2c:66:35:51:e5:c6:d4:45:
         64:94:17:98:53:15:89:43:95:d4:68:62:74:e4:8b:46:8c:40:
         b9:53:f5:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZvwTIdPYqdg48Mv3eiXNQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjMwMjIwMTY1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGI1NGIyOWE5ZDkwZWQ4ODMzZTE3Zjk5MzhkOTk3NDA0ZTYxZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXA4wRbqAoIv621OxAp72ILThAFg
nC/BcAGzIDiDJn5DxRbhFaWjl0IsuVxH89Mg0vsTuJ6uYuygzGIch4DianGOzGBQ
s2GVDmnlu/4Scz3rKGOJWWsXdP3CtFBfQT0EdB5t2PIofk5aUnG9wB8Juk3d4cnZ
50xcrsUcjsTIeh1X0mcdSK8LaTLebNFjpGy2TH+nglA9VCEAZBAigjR4LfcwqAzG
2saeTwU9s7MGeYOYuoO0ZLdw1Hfa2/F9Czl7CQasEJhqfJYKD3lQuAiffW2TH/o7
AZQpKmDZbmbUiHnkk2RfjocApT+8jI1eIiEk6/6CQvmKqWLoBQQ1AEq8jwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFES1Symp2Q7Ygz4X+ZONmXQE5h+cMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvUkxWTEthblpEdGlEUGhmNWs0MlpkQVRtSDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBAGX1ygZUUUG3Zn9E9fy7
EyW7dmXyvnZpyK+fmOBcc5P9aJXJrusrLAdIBsxFQRpANtJuA3Z+E6zspy8Pg+xL
JgD7U08JU0aCuOmA9Lo2Wv/vzpPO2Z+S/aLSGxudRE18LrzeahXP6wzE+V4ZkFbr
ZE5HCgDlM3LOypPnv+WP8T05NVvplX/BaGB+jqrp9FItNzXvgunChOYdbGHGcNgR
aJzH7+QpansyfRvzk+4xJX7y2RcJaA6EMqiAkQA0K9+8SVHXxZAJh9jLOT26M9NA
y/KlS5Z98WoowRf3d5tmVeJ0i4ssZjVR5cbURWSUF5hTFYlDldRoYnTki0aMQLlT
9bc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org