Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yZFZyI1Duu16XruJUaUBMCgkxP0.roa
File:                     yZFZyI1Duu16XruJUaUBMCgkxP0.roa (raw, json)
Hash identifier:          w87Q3Ig5sVFhe8w2sFVQlWX5+yp/mFijekPZ5dnQyEU=
Subject key identifier:   C9:91:59:C8:8D:43:BA:ED:7A:5E:BB:89:51:A5:01:30:28:24:C4:FD
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       018BF12F29AB17F2060E415B28EFC12ADB08
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yZFZyI1Duu16XruJUaUBMCgkxP0.roa
Signing time:             Tue 21 Nov 2023 09:21:21 +0000
ROA not before:           Tue 21 Nov 2023 09:21:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206150
IP address blocks:        45.130.140.0/24 maxlen: 24
                          2a0f:f43::/32 maxlen: 48
                          2a0f:f47::/32 maxlen: 48
                          2a0f:f45::/32 maxlen: 48
                          2a0f:f41::/32 maxlen: 32
                          2a0f:f44::/32 maxlen: 48
                          2a0f:f40::/32 maxlen: 32
                          2a0f:f46::/32 maxlen: 48
                          2a07:e342::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 23 Nov 2023 06:06:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f1:2f:29:ab:17:f2:06:0e:41:5b:28:ef:c1:2a:db:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Nov 21 09:21:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c99159c88d43baed7a5ebb8951a501302824c4fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:c6:fe:97:b2:c0:47:da:04:67:81:3b:85:00:
                    3e:1c:3b:33:4d:b5:4f:70:e9:25:59:34:3c:93:1d:
                    1e:c1:f0:a5:7c:d6:f0:84:a2:58:21:2e:0b:b1:02:
                    be:dd:19:c2:ea:e2:ff:03:b6:49:ef:25:e6:17:fe:
                    2d:e4:d8:96:96:63:ab:c1:f1:03:78:ef:a4:b1:82:
                    b5:71:28:01:5c:d2:2f:b2:dd:7f:28:a5:dc:e6:9d:
                    d3:5b:06:1f:bc:d5:52:6b:da:39:df:83:2b:c3:b1:
                    e0:98:33:50:6e:47:1b:65:b7:85:4c:54:72:b4:dc:
                    df:df:a5:2d:2b:9c:4b:ad:7a:b8:20:6c:31:87:82:
                    8d:33:d3:ca:ff:22:f8:a7:ce:f5:0d:0f:fc:f9:d3:
                    17:a4:7a:b9:bf:d5:78:68:b4:b1:b5:9f:01:2f:26:
                    19:a8:32:0b:74:b2:22:ed:5d:fa:d9:02:48:6a:24:
                    3e:be:db:08:b9:3a:62:aa:22:e7:92:4d:fb:f7:f3:
                    91:7d:8e:f1:9f:f1:5c:be:29:d4:1b:10:07:0f:1a:
                    5f:69:66:39:69:28:b2:97:48:2b:7a:08:e0:aa:71:
                    80:09:d7:16:e5:bf:2b:04:f2:16:da:a7:71:7c:6d:
                    09:34:19:4f:fc:b7:d2:02:17:c2:b7:34:05:17:ed:
                    88:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:91:59:C8:8D:43:BA:ED:7A:5E:BB:89:51:A5:01:30:28:24:C4:FD
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yZFZyI1Duu16XruJUaUBMCgkxP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.140.0/24
                IPv6:
                  2a07:e342::/32
                  2a0f:f40::/31
                  2a0f:f43::-2a0f:f47:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         c1:13:cc:13:c2:df:75:c4:1b:f0:52:e8:24:2d:fa:73:b9:ba:
         ef:02:84:6c:9a:83:a6:85:c8:7e:6c:82:8b:6c:d5:aa:69:88:
         50:11:f8:d5:d7:d1:11:80:69:e1:c4:66:ad:05:c1:f2:84:8d:
         e2:a7:9f:4d:5d:10:9f:4a:44:f7:a6:7e:e6:1a:a8:a2:2e:a5:
         a3:cf:c5:59:0a:e0:ab:45:9c:af:67:19:ba:2c:e4:40:84:38:
         9b:ab:58:7f:be:af:47:b7:8f:68:36:0f:a3:c5:b9:b7:8b:fd:
         03:45:ea:d2:d5:d1:c6:bd:6c:2a:61:95:ba:9c:92:b9:fc:ed:
         74:d6:68:0f:5b:c1:b0:d1:13:eb:24:69:77:62:89:29:be:74:
         f4:ea:38:87:d7:d5:1a:77:89:08:8c:80:67:ea:da:e9:2e:bc:
         2f:84:ce:1a:a2:2c:19:fe:aa:99:ab:c1:ff:92:58:e4:6e:54:
         5e:34:22:73:ee:47:0d:b8:96:7d:33:2b:dc:76:3c:c0:00:e9:
         f3:fa:51:66:0f:a2:8f:56:53:08:4e:6a:df:db:c7:93:4e:e5:
         e5:ce:8a:7b:00:35:cd:40:8d:d9:fe:65:ef:8f:87:0f:48:1a:
         13:0d:fb:a5:51:60:88:08:21:85:fd:fc:55:dc:3e:04:66:aa:
         80:ab:ae:3e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYvxLymrF/IGDkFbKO/BKtsIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTIxMDkyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkxNTljODhkNDNiYWVkN2E1ZWJiODk1MWE1MDEzMDI4MjRjNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cb+l7LAR9oEZ4E7hQA+HDszTbVP
cOklWTQ8kx0ewfClfNbwhKJYIS4LsQK+3RnC6uL/A7ZJ7yXmF/4t5NiWlmOrwfED
eO+ksYK1cSgBXNIvst1/KKXc5p3TWwYfvNVSa9o534Mrw7HgmDNQbkcbZbeFTFRy
tNzf36UtK5xLrXq4IGwxh4KNM9PK/yL4p871DQ/8+dMXpHq5v9V4aLSxtZ8BLyYZ
qDILdLIi7V362QJIaiQ+vtsIuTpiqiLnkk379/ORfY7xn/FcvinUGxAHDxpfaWY5
aSiyl0gregjgqnGACdcW5b8rBPIW2qdxfG0JNBlP/LfSAhfCtzQFF+2IXQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMmRWciNQ7rtel67iVGlATAoJMT9MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEveVpGWnlJMUR1dTE2WHJ1SlVhVUJNQ2dreFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAMBAIAATAGAwQALYKMMCQE
AgACMB4DBQAqB+NCAwUBKg8PQDAOAwUAKg8PQwMFAyoPD0AwDQYJKoZIhvcNAQEL
BQADggEBAMETzBPC33XEG/BS6CQt+nO5uu8ChGyag6aFyH5sgots1appiFAR+NXX
0RGAaeHEZq0FwfKEjeKnn01dEJ9KRPemfuYaqKIupaPPxVkK4KtFnK9nGbos5ECE
OJurWH++r0e3j2g2D6PFubeL/QNF6tLV0ca9bCphlbqckrn87XTWaA9bwbDRE+sk
aXdiiSm+dPTqOIfX1Rp3iQiMgGfq2ukuvC+EzhqiLBn+qpmrwf+SWORuVF40InPu
Rw24ln0zK9x2PMAA6fP6UWYPoo9WUwhOat/bx5NO5eXOinsANc1Ajdn+Ze+Phw9I
GhMN+6VRYIgIIYX9/FXcPgRmqoCrrj4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org