Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/ZqEXYiODV9eaSbZvpwo0YfQyZ6E.roa
File:                     ZqEXYiODV9eaSbZvpwo0YfQyZ6E.roa (raw, json)
Hash identifier:          2aTYYmFr8naYSdi8kVySUwKAO8sdMc9d2T2QxYaQP5k=
Subject key identifier:   66:A1:17:62:23:83:57:D7:9A:49:B6:6F:A7:0A:34:61:F4:32:67:A1
Certificate issuer:       /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial:       018B2A83646AD7C90BA11D52E4E4CB5605D6
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/ZqEXYiODV9eaSbZvpwo0YfQyZ6E.roa
Signing time:             Fri 13 Oct 2023 19:28:55 +0000
ROA not before:           Fri 13 Oct 2023 19:28:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202945
IP address blocks:        45.154.60.0/24 maxlen: 24
                          2a0f:b100:2::/48 maxlen: 48
                          2a0f:b100::/44 maxlen: 44

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:2a:83:64:6a:d7:c9:0b:a1:1d:52:e4:e4:cb:56:05:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
        Validity
            Not Before: Oct 13 19:28:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=66a11762238357d79a49b66fa70a3461f43267a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7b:aa:bf:77:b9:84:30:fa:59:cb:19:72:6d:
                    99:56:67:8e:f7:6f:54:de:80:31:cd:2b:2c:b1:f5:
                    d9:92:e1:2e:e9:0d:2f:5f:ee:a3:88:00:a5:c1:c6:
                    2b:e8:05:e4:03:81:54:ce:a2:c0:1a:d8:f2:ae:a4:
                    9b:09:e6:14:0d:b5:89:b3:92:9d:e9:29:5b:1b:47:
                    56:c3:29:37:1d:6b:4d:04:9f:84:91:32:d8:dd:23:
                    d2:65:c8:b0:02:bb:2d:c0:9c:05:1e:66:49:b2:7a:
                    43:8a:09:1a:32:51:07:2b:37:62:b3:e6:85:63:31:
                    54:64:1e:2d:74:5a:67:2b:ca:1c:e8:cd:4d:b1:ed:
                    7f:97:d8:03:89:3e:59:5a:25:e5:85:2b:a2:28:ac:
                    5d:c0:e6:a8:3d:31:23:d7:03:f7:ac:cf:30:98:b6:
                    9b:4c:e8:b3:26:a5:e4:d2:2a:d7:fb:62:78:1d:63:
                    94:30:8d:09:1f:13:ed:c5:81:61:3e:52:df:18:a9:
                    c9:b5:ba:21:39:b9:c3:b8:4a:a2:25:88:56:91:7b:
                    e6:9b:66:48:7f:75:4e:f0:76:ed:d0:cb:4a:99:9f:
                    9a:2b:2b:4b:82:b3:92:3c:44:63:7c:62:c6:f3:5f:
                    10:fa:46:26:a0:4c:c0:12:c4:ea:88:ac:a1:c4:84:
                    7a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:A1:17:62:23:83:57:D7:9A:49:B6:6F:A7:0A:34:61:F4:32:67:A1
            X509v3 Authority Key Identifier:
                keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/ZqEXYiODV9eaSbZvpwo0YfQyZ6E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.60.0/24
                IPv6:
                  2a0f:b100::/44

    Signature Algorithm: sha256WithRSAEncryption
         4c:d3:0f:0e:68:83:b3:cb:d2:f9:61:18:b7:af:70:51:1b:25:
         07:13:cd:32:74:96:51:5b:1c:9c:a8:72:f8:c7:f2:bc:90:30:
         50:a6:48:7b:4f:35:7e:2b:aa:8f:95:bb:df:ca:75:ea:12:a4:
         0c:d7:a4:ec:b1:df:6b:ab:5e:1c:3d:62:09:dd:37:92:35:ee:
         b9:e4:95:bc:3a:ce:05:1e:60:0c:b4:61:60:a3:fe:23:72:69:
         72:41:58:7b:e0:13:92:2f:dd:14:b4:bc:6d:6d:4c:c7:c6:5c:
         a6:65:12:01:88:71:c8:61:92:b9:41:7f:37:0d:ad:38:9d:28:
         ae:86:45:27:f2:89:9f:68:ed:0b:d3:94:ae:42:9f:b0:9c:15:
         df:fd:21:41:f4:83:89:3e:38:ec:fa:b4:a8:fe:2a:47:46:2a:
         d8:43:50:2e:7c:6f:fe:42:1f:ba:20:9f:1e:b7:84:d8:9e:a6:
         02:e6:6a:21:e6:2f:3c:01:2f:7b:ab:eb:67:d6:c8:7f:e7:8f:
         1f:60:fe:c9:20:1c:33:c4:0f:69:31:82:5f:39:a1:ac:6a:07:
         39:89:9b:8d:8f:85:a4:87:42:ad:c4:d3:53:f3:eb:85:0d:18:
         31:48:d3:ad:bf:98:36:59:4c:e0:aa:a5:0d:6c:30:f6:60:b1:
         db:46:61:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsqg2Rq18kLoR1S5OTLVgXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjMxMDEzMTkyODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmExMTc2MjIzODM1N2Q3OWE0OWI2NmZhNzBhMzQ2MWY0MzI2N2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnuqv3e5hDD6WcsZcm2ZVmeO929U
3oAxzSsssfXZkuEu6Q0vX+6jiAClwcYr6AXkA4FUzqLAGtjyrqSbCeYUDbWJs5Kd
6SlbG0dWwyk3HWtNBJ+EkTLY3SPSZciwArstwJwFHmZJsnpDigkaMlEHKzdis+aF
YzFUZB4tdFpnK8oc6M1Nse1/l9gDiT5ZWiXlhSuiKKxdwOaoPTEj1wP3rM8wmLab
TOizJqXk0irX+2J4HWOUMI0JHxPtxYFhPlLfGKnJtbohObnDuEqiJYhWkXvmm2ZI
f3VO8Hbt0MtKmZ+aKytLgrOSPERjfGLG818Q+kYmoEzAEsTqiKyhxIR6UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGahF2Ijg1fXmkm2b6cKNGH0MmehMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvWnFFWFlpT0RWOWVhU2JadnB3bzBZZlF5WjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBAEzTDw5og7PL0vlhGLev
cFEbJQcTzTJ0llFbHJyocvjH8ryQMFCmSHtPNX4rqo+Vu9/KdeoSpAzXpOyx32ur
Xhw9YgndN5I17rnklbw6zgUeYAy0YWCj/iNyaXJBWHvgE5Iv3RS0vG1tTMfGXKZl
EgGIcchhkrlBfzcNrTidKK6GRSfyiZ9o7QvTlK5Cn7CcFd/9IUH0g4k+OOz6tKj+
KkdGKthDUC58b/5CH7ognx63hNiepgLmaiHmLzwBL3ur62fWyH/njx9g/skgHDPE
D2kxgl85oaxqBzmJm42PhaSHQq3E01Pz64UNGDFI062/mDZZTOCqpQ1sMPZgsdtG
YbI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org