Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/PZlS0AkbXAgpzAAzFUhdZw0_b9o.roa
File:                     PZlS0AkbXAgpzAAzFUhdZw0_b9o.roa (raw, json)
Hash identifier:          6lQcMaO1+Ib6+2AcoMIOrbl1DRJ3/NV9ini4YP8y9Ts=
Subject key identifier:   3D:99:52:D0:09:1B:5C:08:29:CC:00:33:15:48:5D:67:0D:3F:6F:DA
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018A9561D01FDC901621FE6CBFBA8C9F540E
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/PZlS0AkbXAgpzAAzFUhdZw0_b9o.roa
Signing time:             Thu 14 Sep 2023 20:28:50 +0000
ROA not before:           Thu 14 Sep 2023 20:28:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200590
IP address blocks:        45.151.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:95:61:d0:1f:dc:90:16:21:fe:6c:bf:ba:8c:9f:54:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Sep 14 20:28:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d9952d0091b5c0829cc003315485d670d3f6fda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:cd:43:e9:09:0f:6c:25:cb:ad:80:9a:7a:bf:
                    d6:0f:79:32:c8:b0:df:9b:de:2e:79:34:17:f4:08:
                    b4:71:c7:14:c4:4e:b3:ce:7a:77:32:6f:69:7b:81:
                    20:3e:7a:91:99:b3:bc:d4:f4:7f:db:e8:64:b7:c7:
                    f8:23:fe:a0:8f:e1:ce:79:f4:25:5c:b3:46:d4:9d:
                    4f:10:cd:40:d3:ed:e6:2b:35:22:0d:73:76:0e:59:
                    4e:21:85:ec:25:ba:8d:1b:1d:d0:4b:7c:bb:8a:00:
                    16:39:6e:be:fb:39:d7:c9:3e:05:20:4f:1c:8f:25:
                    1b:d8:3a:91:e6:8f:a7:23:b8:44:dd:4e:21:0e:9a:
                    1e:d4:a8:48:28:f8:da:22:f8:87:68:22:6b:2e:d5:
                    06:e5:c7:a3:f0:d0:1f:e1:bb:0b:39:9b:fa:a7:f7:
                    21:c0:e7:e8:f6:57:43:26:cf:06:f5:6e:3c:97:37:
                    75:c6:35:bd:4c:76:d5:1f:8d:1e:4f:62:63:57:a0:
                    15:ef:8b:46:69:1e:08:2a:72:cc:63:df:d9:32:e0:
                    91:c3:be:ce:5d:83:8d:d3:f8:7a:7e:2a:6b:75:5e:
                    fb:3f:4c:ee:74:34:92:58:00:0e:e6:95:6e:95:db:
                    df:1a:87:3c:e0:aa:95:a3:58:9a:92:1d:8c:b0:36:
                    48:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:99:52:D0:09:1B:5C:08:29:CC:00:33:15:48:5D:67:0D:3F:6F:DA
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/PZlS0AkbXAgpzAAzFUhdZw0_b9o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:e6:cf:94:8c:c6:5d:c2:5a:ca:22:83:11:e5:4b:69:ca:1c:
         98:e5:81:ef:47:ce:70:10:ca:33:9b:55:d9:4c:9d:dc:59:95:
         33:48:35:89:88:42:ba:4a:a6:6e:dd:e2:79:11:22:c1:55:c8:
         fe:5c:96:10:69:cc:3a:ac:8c:16:a8:e7:14:ea:f6:21:de:b5:
         ac:8a:d6:46:77:2d:51:28:44:9f:13:72:40:41:4e:19:b5:9c:
         44:8d:1d:65:ca:72:8d:ca:5d:f3:aa:cd:66:8f:5b:e2:2d:d3:
         1c:0e:f4:9d:c3:f1:ae:21:71:10:b7:16:fd:1d:80:65:a2:83:
         bd:e7:e9:15:2a:81:a2:7b:f8:f2:db:76:0e:b0:e8:fa:4c:61:
         d3:be:ec:24:e7:ff:18:59:2c:dd:2e:a7:7c:f7:b1:79:cf:d4:
         28:c6:7e:c4:c0:b9:5f:dd:fe:e0:5e:31:7d:df:8b:27:de:90:
         41:6d:69:a4:83:1e:fd:8c:cf:ea:38:23:54:c5:f6:de:71:d3:
         f1:4e:86:13:08:8c:f6:7b:9c:79:ae:e0:45:cb:a4:49:9d:20:
         01:88:d8:05:29:00:fe:78:26:cb:5c:c2:15:cc:58:c4:30:cb:
         9c:e4:81:f0:bf:04:34:77:99:f3:71:90:c7:42:d4:58:c2:6f:
         45:e7:db:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqVYdAf3JAWIf5sv7qMn1QOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwOTE0MjAyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDk5NTJkMDA5MWI1YzA4MjljYzAwMzMxNTQ4NWQ2NzBkM2Y2ZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0M1D6QkPbCXLrYCaer/WD3kyyLDf
m94ueTQX9Ai0cccUxE6zznp3Mm9pe4EgPnqRmbO81PR/2+hkt8f4I/6gj+HOefQl
XLNG1J1PEM1A0+3mKzUiDXN2DllOIYXsJbqNGx3QS3y7igAWOW6++znXyT4FIE8c
jyUb2DqR5o+nI7hE3U4hDpoe1KhIKPjaIviHaCJrLtUG5cej8NAf4bsLOZv6p/ch
wOfo9ldDJs8G9W48lzd1xjW9THbVH40eT2JjV6AV74tGaR4IKnLMY9/ZMuCRw77O
XYON0/h6fiprdV77P0zudDSSWAAO5pVuldvfGoc84KqVo1iakh2MsDZIgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2ZUtAJG1wIKcwAMxVIXWcNP2/aMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvUFpsUzBBa2JYQWdwekFBekZVaGRadzBfYjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZeLMA0G
CSqGSIb3DQEBCwUAA4IBAQBn5s+UjMZdwlrKIoMR5UtpyhyY5YHvR85wEMozm1XZ
TJ3cWZUzSDWJiEK6SqZu3eJ5ESLBVcj+XJYQacw6rIwWqOcU6vYh3rWsitZGdy1R
KESfE3JAQU4ZtZxEjR1lynKNyl3zqs1mj1viLdMcDvSdw/GuIXEQtxb9HYBlooO9
5+kVKoGie/jy23YOsOj6TGHTvuwk5/8YWSzdLqd897F5z9Qoxn7EwLlf3f7gXjF9
34sn3pBBbWmkgx79jM/qOCNUxfbecdPxToYTCIz2e5x5ruBFy6RJnSABiNgFKQD+
eCbLXMIVzFjEMMuc5IHwvwQ0d5nzcZDHQtRYwm9F59vk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org