Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/_YvQR31F6QCJQJ0NBoUpFb_zD54.roa
File:                     _YvQR31F6QCJQJ0NBoUpFb_zD54.roa (raw, json)
Hash identifier:          hcifk9rpPsva0ogXzsB06On7JpABU4ZDXOR+IHcfJyc=
Subject key identifier:   FD:8B:D0:47:7D:45:E9:00:89:40:9D:0D:06:85:29:15:BF:F3:0F:9E
Certificate issuer:       /CN=54404da602dab0625be7223d09320b1cd7aafced
Certificate serial:       01856BCA3C7DF01E400181FD933292CCFACA
Authority key identifier: 54:40:4D:A6:02:DA:B0:62:5B:E7:22:3D:09:32:0B:1C:D7:AA:FC:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VEBNpgLasGJb5yI9CTILHNeq_O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/_YvQR31F6QCJQJ0NBoUpFb_zD54.roa
Signing time:             Sun 01 Jan 2023 05:24:53 +0000
ROA not before:           Sun 01 Jan 2023 05:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     45040
IP address blocks:        45.152.76.0/24 maxlen: 24
                          45.152.77.0/24 maxlen: 24
                          45.152.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ca:3c:7d:f0:1e:40:01:81:fd:93:32:92:cc:fa:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54404da602dab0625be7223d09320b1cd7aafced
        Validity
            Not Before: Jan  1 05:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd8bd0477d45e90089409d0d06852915bff30f9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:2a:fe:6b:86:0b:d9:4a:17:e2:95:e5:e3:a9:
                    01:d1:ba:e9:52:dd:11:8f:dd:fc:29:bc:29:bd:14:
                    5b:99:e6:07:69:fc:42:93:39:29:49:3b:9c:5a:2a:
                    39:fe:2e:3e:2c:c0:cb:f1:c5:14:ec:89:20:3d:a9:
                    7a:6d:18:83:7f:62:13:27:b6:3d:14:71:6a:44:2f:
                    1f:d2:67:90:cd:e4:d9:a6:3f:17:04:72:81:50:b7:
                    f5:70:7f:08:7e:a3:6b:fb:d2:04:96:ed:42:74:79:
                    15:04:b1:58:9f:4a:81:86:81:9c:89:ea:ff:2a:b9:
                    fb:f5:97:ed:cf:d4:b1:f6:19:30:da:04:ec:71:17:
                    39:a4:ce:11:c2:b8:65:98:36:f1:b9:75:4b:7e:2f:
                    94:6f:2a:38:21:83:f7:5c:38:57:6a:40:96:c9:aa:
                    5c:83:ad:48:7e:1e:7f:67:f7:58:2d:fe:7b:b2:92:
                    ce:10:e2:46:2c:63:7b:75:b4:b4:8b:4f:8a:b7:e1:
                    0e:67:eb:96:a8:01:25:a0:d6:52:30:e4:f7:38:c2:
                    10:fd:fa:a0:cf:35:a9:86:8d:b7:19:df:48:9b:2e:
                    4e:53:eb:bd:e1:32:c6:8d:12:d5:5d:06:4e:4b:5f:
                    17:ac:39:17:e0:d1:3f:9b:69:17:9d:c6:d4:53:99:
                    bb:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:8B:D0:47:7D:45:E9:00:89:40:9D:0D:06:85:29:15:BF:F3:0F:9E
            X509v3 Authority Key Identifier:
                keyid:54:40:4D:A6:02:DA:B0:62:5B:E7:22:3D:09:32:0B:1C:D7:AA:FC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEBNpgLasGJb5yI9CTILHNeq_O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/_YvQR31F6QCJQJ0NBoUpFb_zD54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/VEBNpgLasGJb5yI9CTILHNeq_O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.76.0/23
                  45.152.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:9c:6b:4a:91:21:0f:d5:b3:0b:49:21:fb:2a:46:03:22:52:
         68:86:21:f1:45:78:1d:ad:8b:2d:e4:90:73:91:14:63:98:f8:
         eb:eb:80:e8:44:93:5e:20:16:99:35:e0:5b:62:dc:0a:2d:4d:
         6c:14:52:13:c6:b1:72:2a:b1:0e:5e:3a:ae:87:4a:f4:af:c3:
         8d:60:5f:17:2b:96:0b:f0:b5:1c:11:de:fc:51:af:df:cf:5a:
         07:14:d9:28:d9:7e:bd:ff:df:da:fb:e8:0f:e0:b4:ec:0b:bb:
         d6:22:6a:a0:bb:34:f8:bf:ef:eb:9c:0e:d2:43:22:0c:34:2f:
         df:00:a4:62:84:10:17:61:62:40:b6:cc:c5:f1:65:c7:ca:24:
         6a:f2:35:9e:47:8b:ad:2b:cb:b9:5d:88:b8:ce:a8:59:1f:6b:
         7b:3a:b9:b1:4e:69:9f:4e:ed:b3:d5:c4:7a:22:3a:fc:05:a5:
         59:6d:ad:0f:b5:63:dd:8f:ad:85:fe:1f:54:dd:da:fe:75:6e:
         17:ac:a6:b4:50:04:9d:99:97:1c:c4:2b:d7:80:96:2e:ae:a2:
         65:a6:cb:c9:90:0f:1a:bb:c4:4f:44:ba:e4:cc:99:50:d2:ed:
         66:2a:bd:8d:59:28:cf:13:34:10:0c:6c:d1:1f:da:dc:4b:1e:
         2f:a9:bb:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVryjx98B5AAYH9kzKSzPrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NDA0ZGE2MDJkYWIwNjI1YmU3MjIzZDA5MzIwYjFjZDdh
YWZjZWQwHhcNMjMwMTAxMDUyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhiZDA0NzdkNDVlOTAwODk0MDlkMGQwNjg1MjkxNWJmZjMwZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSr+a4YL2UoX4pXl46kB0brpUt0R
j938KbwpvRRbmeYHafxCkzkpSTucWio5/i4+LMDL8cUU7IkgPal6bRiDf2ITJ7Y9
FHFqRC8f0meQzeTZpj8XBHKBULf1cH8IfqNr+9IElu1CdHkVBLFYn0qBhoGcier/
Krn79Zftz9Sx9hkw2gTscRc5pM4RwrhlmDbxuXVLfi+Ubyo4IYP3XDhXakCWyapc
g61Ifh5/Z/dYLf57spLOEOJGLGN7dbS0i0+Kt+EOZ+uWqAEloNZSMOT3OMIQ/fqg
zzWpho23Gd9Imy5OU+u94TLGjRLVXQZOS18XrDkX4NE/m2kXncbUU5m7EQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP2L0Ed9RekAiUCdDQaFKRW/8w+eMB8GA1UdIwQY
MBaAFFRATaYC2rBiW+ciPQkyCxzXqvztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVCTnBnTGFzR0piNXlJOUNUSUxITmVxX08wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83ZDJjYjUtYmRkZi00MjAxLWJhZjgt
MWIyNDQ4NGU1NWVjLzEvX1l2UVIzMUY2UUNKUUowTkJvVXBGYl96RDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83ZDJjYjUtYmRkZi00MjAxLWJhZjgtMWIyNDQ4NGU1NWVj
LzEvVkVCTnBnTGFzR0piNXlJOUNUSUxITmVxX08wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZhMAwQA
LZhPMA0GCSqGSIb3DQEBCwUAA4IBAQBLnGtKkSEP1bMLSSH7KkYDIlJohiHxRXgd
rYst5JBzkRRjmPjr64DoRJNeIBaZNeBbYtwKLU1sFFITxrFyKrEOXjquh0r0r8ON
YF8XK5YL8LUcEd78Ua/fz1oHFNko2X69/9/a++gP4LTsC7vWImqguzT4v+/rnA7S
QyIMNC/fAKRihBAXYWJAtszF8WXHyiRq8jWeR4utK8u5XYi4zqhZH2t7OrmxTmmf
Tu2z1cR6Ijr8BaVZba0PtWPdj62F/h9U3dr+dW4XrKa0UASdmZccxCvXgJYurqJl
psvJkA8au8RPRLrkzJlQ0u1mKr2NWSjPEzQQDGzRH9rcSx4vqbsO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org