Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/pJEhVgTg6bhV0IooDd9BID_XnQo.roa
File:                     pJEhVgTg6bhV0IooDd9BID_XnQo.roa (raw, json)
Hash identifier:          X17zzLcxexv4yf0sPBPV4b315y8BATK/hpXk62pKwiQ=
Subject key identifier:   A4:91:21:56:04:E0:E9:B8:55:D0:8A:28:0D:DF:41:20:3F:D7:9D:0A
Certificate issuer:       /CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Certificate serial:       018E60E810E53B94D4B3E980564D8865A5D8
Authority key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/pJEhVgTg6bhV0IooDd9BID_XnQo.roa
Signing time:             Thu 21 Mar 2024 12:06:45 +0000
ROA not before:           Thu 21 Mar 2024 12:06:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     28753
IP address blocks:        45.83.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Mar 2024 11:50:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:60:e8:10:e5:3b:94:d4:b3:e9:80:56:4d:88:65:a5:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
        Validity
            Not Before: Mar 21 12:06:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a491215604e0e9b855d08a280ddf41203fd79d0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f8:1b:4b:3a:39:85:60:45:1d:e3:97:a4:41:
                    44:4b:bd:cf:bf:64:ee:09:ee:0e:f7:0f:fd:06:eb:
                    7b:d5:2f:98:e2:15:b6:8a:79:60:ed:e6:ae:fc:83:
                    e0:8f:c3:5b:3b:c0:a3:33:6b:53:ad:c5:20:cb:7f:
                    a3:2a:16:46:22:f3:5c:0c:f3:37:43:32:fc:f3:69:
                    c2:68:59:7b:b5:99:46:82:3a:e9:49:28:a0:c9:c1:
                    d2:a2:ae:7c:dc:59:e9:0b:cd:8c:5c:75:40:31:45:
                    33:98:a2:33:62:26:22:c8:3a:cf:e4:4c:5e:b8:26:
                    d3:52:15:85:92:2a:03:a2:88:3c:85:1f:32:c3:dc:
                    c5:e7:e0:fb:cf:54:79:2c:27:79:cc:c9:68:cb:1c:
                    25:ca:37:b2:5c:a6:55:f1:d1:2b:37:5a:c9:b8:a2:
                    f0:cc:0b:8c:3f:2b:9d:58:9f:5d:fe:19:0f:44:e3:
                    f4:cb:8f:5d:60:f2:e8:a0:6c:c5:d6:5f:b6:0a:89:
                    79:ff:34:f3:51:30:2b:d7:6c:e7:ed:a2:c3:7d:e4:
                    ae:26:ac:93:11:67:d3:7a:a9:25:f8:8a:fc:d5:ec:
                    33:2a:01:ff:33:30:4d:1f:a0:1b:2b:fd:24:2a:c2:
                    6b:51:7a:ee:44:aa:26:f0:18:13:35:6f:05:a6:51:
                    de:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:91:21:56:04:E0:E9:B8:55:D0:8A:28:0D:DF:41:20:3F:D7:9D:0A
            X509v3 Authority Key Identifier:
                keyid:AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/pJEhVgTg6bhV0IooDd9BID_XnQo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:53:04:39:d0:b7:59:71:c6:92:4f:83:7f:9a:17:06:09:78:
         9e:33:b9:cd:7d:05:b6:f5:4e:da:c7:ad:7a:29:a3:f6:f1:ef:
         27:91:f6:a5:d0:d1:e1:53:e2:cb:14:ab:db:2a:cd:f0:5a:3a:
         d7:68:24:b4:9b:a6:dd:3b:a8:d7:d8:e5:f1:e9:96:81:06:b8:
         f2:7d:74:88:65:6f:89:c4:b1:c2:ee:65:9f:a4:3f:4c:c1:07:
         c2:96:ea:e4:b8:81:ab:ee:96:5f:20:e3:d8:75:77:6d:b2:68:
         f3:d0:a5:5a:bd:e4:1c:01:c0:ce:c5:c4:b1:bf:ff:59:1d:c8:
         cf:83:c2:f3:a9:c4:55:b4:ba:2e:2d:96:ac:4d:e9:11:2d:3a:
         d5:8c:27:31:b7:1b:95:b2:fa:a9:d8:b9:d3:81:d8:2e:aa:92:
         93:fd:97:90:e7:85:a7:45:9f:36:8b:6e:91:4a:e2:17:a4:a0:
         45:0a:a8:88:46:7c:b6:86:55:eb:bd:41:ac:0c:44:e7:f7:01:
         63:e0:8a:5a:ff:98:a3:5a:de:be:b3:b8:5a:a0:fe:87:0a:ff:
         43:aa:0f:6a:a7:39:b8:37:52:ff:79:da:e4:67:78:39:b0:d2:
         95:40:a8:85:48:10:a1:39:4c:d8:0c:86:6e:46:a5:f5:d6:39:
         74:8b:92:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5g6BDlO5TUs+mAVk2IZaXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjZmODVhYWQxMDFjNDU2YzFhYzlhMDFhNzE5MmZjNTc4
OGU5MmMwHhcNMjQwMzIxMTIwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDkxMjE1NjA0ZTBlOWI4NTVkMDhhMjgwZGRmNDEyMDNmZDc5ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfgbSzo5hWBFHeOXpEFES73Pv2Tu
Ce4O9w/9But71S+Y4hW2inlg7eau/IPgj8NbO8CjM2tTrcUgy3+jKhZGIvNcDPM3
QzL882nCaFl7tZlGgjrpSSigycHSoq583FnpC82MXHVAMUUzmKIzYiYiyDrP5Exe
uCbTUhWFkioDoog8hR8yw9zF5+D7z1R5LCd5zMloyxwlyjeyXKZV8dErN1rJuKLw
zAuMPyudWJ9d/hkPROP0y49dYPLooGzF1l+2Col5/zTzUTAr12zn7aLDfeSuJqyT
EWfTeqkl+Ir81ewzKgH/MzBNH6AbK/0kKsJrUXruRKom8BgTNW8FplHe3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSRIVYE4Om4VdCKKA3fQSA/150KMB8GA1UdIwQY
MBaAFK/2+FqtEBxFbBrJoBpxkvxXiOksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTIt
NjQ0YmQwZmM3ZjgwLzEvcEpFaFZnVGc2YmhWMElvb0RkOUJJRF9YblFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTItNjQ0YmQwZmM3Zjgw
LzEvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVO5MA0G
CSqGSIb3DQEBCwUAA4IBAQCyUwQ50LdZccaST4N/mhcGCXieM7nNfQW29U7ax616
KaP28e8nkfal0NHhU+LLFKvbKs3wWjrXaCS0m6bdO6jX2OXx6ZaBBrjyfXSIZW+J
xLHC7mWfpD9MwQfClurkuIGr7pZfIOPYdXdtsmjz0KVaveQcAcDOxcSxv/9ZHcjP
g8LzqcRVtLouLZasTekRLTrVjCcxtxuVsvqp2LnTgdguqpKT/ZeQ54WnRZ82i26R
SuIXpKBFCqiIRny2hlXrvUGsDETn9wFj4Ipa/5ijWt6+s7haoP6HCv9Dqg9qpzm4
N1L/edrkZ3g5sNKVQKiFSBChOUzYDIZuRqX11jl0i5Ka
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:14 2024 by rpki-client on console-fra.rpki-client.org