Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/xdzrWLDnZVk-QxBrfgN53i7HHJM.roa
File:                     xdzrWLDnZVk-QxBrfgN53i7HHJM.roa (raw, json)
Hash identifier:          RS0C1Bz7T1zCNS/E1GcSoNDfkLVQJmuA2p4h/JfNZ6Y=
Subject key identifier:   C5:DC:EB:58:B0:E7:65:59:3E:43:10:6B:7E:03:79:DE:2E:C7:1C:93
Certificate issuer:       /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial:       0189440BCE0F8C5E33C6700340822DF6DF37
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/xdzrWLDnZVk-QxBrfgN53i7HHJM.roa
Signing time:             Tue 11 Jul 2023 08:22:51 +0000
ROA not before:           Tue 11 Jul 2023 08:22:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202945
IP address blocks:        45.154.60.0/24 maxlen: 24
                          2a0f:b100:2::/48 maxlen: 48
                          2a0f:b100:5::/48 maxlen: 64
                          2a0f:b100::/44 maxlen: 44
                          2a0f:b100:4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 13 Oct 2023 17:15:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:44:0b:ce:0f:8c:5e:33:c6:70:03:40:82:2d:f6:df:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
        Validity
            Not Before: Jul 11 08:22:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c5dceb58b0e765593e43106b7e0379de2ec71c93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:2e:cb:4f:55:67:98:d6:6c:3f:22:59:90:d8:
                    8e:27:ba:0b:54:f0:48:03:d0:e2:dd:f5:d5:5c:48:
                    1a:a2:c8:4f:e5:8c:fa:c4:e5:5b:43:0d:18:d0:cf:
                    93:5b:f4:08:05:f0:1a:4c:20:d2:da:94:e2:37:66:
                    4a:5d:61:8d:05:32:84:ee:5f:7c:a9:69:cd:66:a3:
                    fb:ac:d9:05:b4:b6:7d:bc:bb:8c:95:22:26:16:ab:
                    28:e0:56:a8:98:0a:b0:76:12:25:77:a1:c5:ba:37:
                    55:1a:0f:c2:d8:6d:a0:c6:6c:fc:5d:88:c7:5c:5d:
                    8a:16:6a:02:50:7c:10:07:75:3d:dd:5a:9c:76:d0:
                    76:7e:f1:26:02:f3:ed:06:2e:51:65:97:f9:95:43:
                    78:6b:28:e5:be:ff:90:1b:68:51:96:c0:76:e3:d7:
                    c0:87:ab:be:bb:f5:0a:6e:90:c1:8f:35:a9:02:8f:
                    57:32:e3:16:1e:5f:6e:6e:54:6f:62:fb:65:05:46:
                    c1:e5:5a:44:19:42:d5:5a:7f:f3:57:42:cf:52:23:
                    c4:0b:0e:42:7c:4c:92:7f:34:43:21:05:e3:66:7d:
                    02:ff:c7:c5:6d:f0:a4:07:34:62:56:f7:33:af:ea:
                    a9:98:27:3c:46:12:9b:ef:37:ae:ba:5a:60:e1:71:
                    4c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:DC:EB:58:B0:E7:65:59:3E:43:10:6B:7E:03:79:DE:2E:C7:1C:93
            X509v3 Authority Key Identifier:
                keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/xdzrWLDnZVk-QxBrfgN53i7HHJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.60.0/24
                IPv6:
                  2a0f:b100::/44

    Signature Algorithm: sha256WithRSAEncryption
         23:5e:55:f7:1c:e4:86:4a:aa:fe:5c:54:f8:cb:75:e8:53:a7:
         b1:d1:eb:39:e6:bb:f7:bf:44:b5:d3:b2:6b:35:39:0f:5c:c8:
         58:d7:02:f3:7f:84:c7:60:f5:3f:06:45:68:31:f0:96:74:e7:
         57:b4:96:fb:b7:db:f4:3b:07:6a:90:55:56:db:99:02:14:af:
         4c:48:3c:7a:54:1c:a7:0e:0b:d1:09:de:9f:ed:f3:7a:e8:41:
         76:9b:49:2a:58:cc:e3:5d:10:04:03:bb:c0:07:93:59:1f:cb:
         a9:ba:ae:3f:e2:aa:af:94:6c:46:49:f4:70:81:7f:61:93:b1:
         0c:fe:27:0c:cd:f0:7f:07:ab:21:4a:34:4e:45:f3:18:6e:15:
         c8:2a:68:4f:58:1e:a4:18:f2:4b:1e:b6:3d:9d:54:e7:a1:09:
         51:9d:cf:9e:fa:90:cc:79:46:08:7d:2c:de:37:5e:c5:2f:fd:
         34:81:f7:1c:2f:e0:46:a3:b1:9c:ea:04:02:0d:f2:65:e8:ba:
         4a:7e:66:f8:97:fe:f9:f6:c7:94:d9:64:70:f7:e6:98:a5:b3:
         cd:f9:f4:da:cf:15:82:f6:0a:36:12:49:94:97:44:ef:22:9c:
         0e:c8:aa:ef:c1:24:23:58:33:5d:28:7e:aa:82:86:f0:fb:29:
         19:8b:b6:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlEC84PjF4zxnADQIIt9t83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjMwNzExMDgyMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRjZWI1OGIwZTc2NTU5M2U0MzEwNmI3ZTAzNzlkZTJlYzcxYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui7LT1VnmNZsPyJZkNiOJ7oLVPBI
A9Di3fXVXEgaoshP5Yz6xOVbQw0Y0M+TW/QIBfAaTCDS2pTiN2ZKXWGNBTKE7l98
qWnNZqP7rNkFtLZ9vLuMlSImFqso4FaomAqwdhIld6HFujdVGg/C2G2gxmz8XYjH
XF2KFmoCUHwQB3U93VqcdtB2fvEmAvPtBi5RZZf5lUN4ayjlvv+QG2hRlsB249fA
h6u+u/UKbpDBjzWpAo9XMuMWHl9ublRvYvtlBUbB5VpEGULVWn/zV0LPUiPECw5C
fEySfzRDIQXjZn0C/8fFbfCkBzRiVvczr+qpmCc8RhKb7zeuulpg4XFMhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMXc61iw52VZPkMQa34Ded4uxxyTMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEveGR6cldMRG5aVmstUXhCcmZnTjUzaTdISEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBACNeVfcc5IZKqv5cVPjL
dehTp7HR6znmu/e/RLXTsms1OQ9cyFjXAvN/hMdg9T8GRWgx8JZ051e0lvu32/Q7
B2qQVVbbmQIUr0xIPHpUHKcOC9EJ3p/t83roQXabSSpYzONdEAQDu8AHk1kfy6m6
rj/iqq+UbEZJ9HCBf2GTsQz+JwzN8H8HqyFKNE5F8xhuFcgqaE9YHqQY8ksetj2d
VOehCVGdz576kMx5Rgh9LN43XsUv/TSB9xwv4EajsZzqBAIN8mXoukp+ZviX/vn2
x5TZZHD35pils8359NrPFYL2CjYSSZSXRO8inA7Iqu/BJCNYM10ofqqChvD7KRmL
tqs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org