Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KM27beqUUesg96CpI9QAmJTqiO0.roa
File:                     KM27beqUUesg96CpI9QAmJTqiO0.roa (raw, json)
Hash identifier:          5iLsBxNSIj4HTHBUt73hezlSiIOOkAGO/1lcAeN2+pA=
Subject key identifier:   28:CD:BB:6D:EA:94:51:EB:20:F7:A0:A9:23:D4:00:98:94:EA:88:ED
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       018E392451F7A8DCA0D735AAC55110D1D4EA
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KM27beqUUesg96CpI9QAmJTqiO0.roa
Signing time:             Wed 13 Mar 2024 18:47:45 +0000
ROA not before:           Wed 13 Mar 2024 18:47:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        45.145.248.0/24 maxlen: 24
                          2a07:e345:100::/40 maxlen: 48

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 09:18:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:39:24:51:f7:a8:dc:a0:d7:35:aa:c5:51:10:d1:d4:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Mar 13 18:47:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=28cdbb6dea9451eb20f7a0a923d4009894ea88ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:72:47:38:61:45:97:25:ec:c6:cc:f2:33:31:
                    e5:07:df:4f:9c:c2:00:78:a6:75:14:a1:29:9f:51:
                    d6:65:06:4b:75:6e:93:25:14:a8:d2:69:3c:ed:b5:
                    f8:71:8b:1f:a6:0c:5a:1c:41:af:2f:5b:03:aa:ff:
                    76:94:b4:b5:2e:2e:0b:a7:77:38:f6:86:f4:f9:9f:
                    e1:31:7c:39:0d:24:e9:f0:f8:cd:21:fa:f6:68:8c:
                    a7:ec:87:4d:75:cb:83:9c:00:20:74:27:5a:22:78:
                    83:cb:bd:78:7c:7e:40:98:89:29:97:db:6f:a1:81:
                    25:c2:96:9c:8e:e7:80:c4:2d:89:05:67:28:91:f6:
                    e8:90:9a:4e:b4:92:8e:e1:59:8f:5b:21:0d:72:bd:
                    81:e9:4b:1a:45:43:18:38:49:6b:2b:6e:d2:af:d4:
                    31:a0:04:db:70:4f:55:bb:bc:ec:05:b2:59:c1:3b:
                    cd:f0:be:eb:c7:c9:a4:28:58:2e:ed:bb:94:21:ff:
                    6b:b0:70:b1:62:8c:56:40:b4:f3:fa:f7:5d:78:46:
                    13:80:83:14:00:7c:c2:4c:a6:7a:b7:26:c9:eb:4e:
                    45:fb:e4:93:f5:39:bf:35:9a:c8:30:5d:24:60:21:
                    81:8c:d7:df:97:ce:07:39:0a:b7:ab:da:f7:64:c4:
                    b7:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:CD:BB:6D:EA:94:51:EB:20:F7:A0:A9:23:D4:00:98:94:EA:88:ED
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KM27beqUUesg96CpI9QAmJTqiO0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.248.0/24
                IPv6:
                  2a07:e345:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         bb:6a:d0:88:b6:b3:5f:37:04:9c:fc:51:25:b2:15:69:20:8a:
         81:c9:29:5f:e5:14:9b:7b:82:0f:9c:d0:eb:42:d0:1d:b9:0e:
         dc:69:97:63:cb:33:fa:a9:b6:94:9b:37:3a:bf:98:e9:80:14:
         fa:8c:68:3c:1f:51:f5:e1:92:a4:47:ec:46:81:4b:a4:c9:69:
         19:64:2d:cf:53:99:48:cb:6a:da:61:62:49:a2:5f:76:15:99:
         b1:b7:b1:29:90:1f:f7:f7:14:46:a9:1d:60:02:80:f7:d8:a1:
         a9:d0:32:41:0c:05:9c:4c:fb:89:d3:7f:bf:6a:b4:30:f0:a4:
         5b:8d:cf:cc:c4:03:a1:d9:de:79:bc:01:af:10:2f:dc:3b:46:
         40:2c:31:55:13:d6:12:d0:ee:a3:c7:63:3a:a7:ad:6f:5f:4e:
         27:96:a1:b8:6d:18:72:2d:d7:0c:6c:38:2f:77:b1:13:4d:fc:
         bd:be:b0:ef:ea:c9:f6:49:61:a0:fa:51:67:55:0e:74:e6:49:
         95:d4:da:57:2e:9e:68:e1:84:bd:4f:3d:df:7f:4b:b2:17:4a:
         9f:81:6d:72:7f:be:b8:21:d4:c3:3e:b5:2c:6a:af:cb:db:2e:
         01:a2:da:55:4f:6a:fb:85:0e:01:44:7d:4e:ee:0f:17:10:16:
         3d:4c:af:2b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY45JFH3qNyg1zWqxVEQ0dTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMzEzMTg0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNkYmI2ZGVhOTQ1MWViMjBmN2EwYTkyM2Q0MDA5ODk0ZWE4OGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXJHOGFFlyXsxszyMzHlB99PnMIA
eKZ1FKEpn1HWZQZLdW6TJRSo0mk87bX4cYsfpgxaHEGvL1sDqv92lLS1Li4Lp3c4
9ob0+Z/hMXw5DSTp8PjNIfr2aIyn7IdNdcuDnAAgdCdaIniDy714fH5AmIkpl9tv
oYElwpacjueAxC2JBWcokfbokJpOtJKO4VmPWyENcr2B6UsaRUMYOElrK27Sr9Qx
oATbcE9Vu7zsBbJZwTvN8L7rx8mkKFgu7buUIf9rsHCxYoxWQLTz+vddeEYTgIMU
AHzCTKZ6tybJ605F++ST9Tm/NZrIMF0kYCGBjNffl84HOQq3q9r3ZMS3SQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCjNu23qlFHrIPegqSPUAJiU6ojtMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvS00yN2JlcVVVZXNnOTZDcEk5UUFtSlRxaU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALZH4MA4E
AgACMAgDBgAqB+NFATANBgkqhkiG9w0BAQsFAAOCAQEAu2rQiLazXzcEnPxRJbIV
aSCKgckpX+UUm3uCD5zQ60LQHbkO3GmXY8sz+qm2lJs3Or+Y6YAU+oxoPB9R9eGS
pEfsRoFLpMlpGWQtz1OZSMtq2mFiSaJfdhWZsbexKZAf9/cURqkdYAKA99ihqdAy
QQwFnEz7idN/v2q0MPCkW43PzMQDodneebwBrxAv3DtGQCwxVRPWEtDuo8djOqet
b19OJ5ahuG0Yci3XDGw4L3exE038vb6w7+rJ9klhoPpRZ1UOdOZJldTaVy6eaOGE
vU89339LshdKn4Ftcn++uCHUwz61LGqvy9suAaLaVU9q+4UOAUR9Tu4PFxAWPUyv
Kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org