Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/e1Lrv1BkzSEdE3zQ5yOkZaAivgI.roa
File:                     e1Lrv1BkzSEdE3zQ5yOkZaAivgI.roa (raw, json)
Hash identifier:          C+I7131nVNY+ezETwsAJ4wNCcJ4iehxf3bYjNwTKYS4=
Subject key identifier:   7B:52:EB:BF:50:64:CD:21:1D:13:7C:D0:E7:23:A4:65:A0:22:BE:02
Certificate issuer:       /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial:       018E90CCCF5BA94C5C10EFA70743EA62957E
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/e1Lrv1BkzSEdE3zQ5yOkZaAivgI.roa
Signing time:             Sat 30 Mar 2024 19:18:45 +0000
ROA not before:           Sat 30 Mar 2024 19:18:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60330
IP address blocks:        45.128.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Apr 2024 21:46:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:90:cc:cf:5b:a9:4c:5c:10:ef:a7:07:43:ea:62:95:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
        Validity
            Not Before: Mar 30 19:18:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7b52ebbf5064cd211d137cd0e723a465a022be02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:65:30:0e:68:02:5d:b9:1b:3d:98:93:4e:9d:
                    8f:45:5b:ae:9c:a9:ca:72:48:6f:52:90:ff:8d:7c:
                    92:a5:a3:c9:e7:54:86:15:4b:bf:79:82:55:d1:81:
                    0a:ad:fd:5b:e6:a0:10:c5:79:2e:c7:80:90:e1:82:
                    a6:a5:90:41:84:c6:6a:c2:38:7b:9f:35:2e:f4:be:
                    5a:88:27:0f:4c:4c:6c:e4:b0:37:16:a7:66:0e:48:
                    71:71:f6:7b:0e:64:9a:80:73:77:05:04:88:23:d1:
                    10:6f:2b:2c:a1:ed:5f:d2:17:d0:fe:28:86:66:f9:
                    f7:58:d8:02:fd:9c:41:9a:3a:d3:b8:bd:42:e7:ab:
                    c8:8b:6d:5d:42:12:26:f1:59:f8:1c:98:56:a8:b6:
                    93:19:4e:c1:62:1c:58:30:f5:5a:e5:5d:75:35:5a:
                    ae:1c:9f:59:4e:bb:9c:f3:06:9b:35:4d:7b:b7:1c:
                    c1:2f:ad:e5:8b:3d:1c:1f:d9:02:2b:ce:63:83:39:
                    3e:ae:39:e7:b9:6e:7b:4a:c5:f6:07:b8:ca:92:bd:
                    6b:16:91:c4:8a:4a:77:65:df:92:27:cf:01:5b:51:
                    78:97:f6:26:78:d4:56:06:8b:b0:f1:ed:0c:01:50:
                    9c:a6:99:94:d6:f7:8b:53:26:2a:db:5e:bb:4e:a4:
                    6d:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:52:EB:BF:50:64:CD:21:1D:13:7C:D0:E7:23:A4:65:A0:22:BE:02
            X509v3 Authority Key Identifier:
                keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/e1Lrv1BkzSEdE3zQ5yOkZaAivgI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:30:28:e8:83:88:4b:63:e0:34:4f:9a:9e:8a:25:8a:90:0a:
         86:3f:6c:39:5a:c7:6f:c2:3e:9e:36:33:ef:b0:13:ae:69:1b:
         76:4a:be:1b:30:75:48:00:9b:e0:aa:b3:0e:92:20:4b:8f:c9:
         80:62:4d:08:0f:77:d9:d1:18:08:cd:8a:d2:f9:3d:af:10:f6:
         e0:f3:4e:ab:16:08:35:b6:a7:57:eb:65:61:5d:3e:f0:6e:77:
         92:4e:8a:a7:06:aa:38:7e:01:cc:d9:3f:97:4d:ad:7c:a3:8e:
         fc:85:a9:9f:1c:44:3e:7f:71:e4:0b:f0:86:70:03:f0:ce:f0:
         e2:7b:e1:2b:9c:4e:45:55:80:b0:2e:c1:b5:c5:58:0d:1a:f8:
         03:90:6b:63:45:3b:e7:52:dc:aa:d8:bd:43:df:e5:7e:ec:1c:
         89:ab:52:57:3d:e3:c2:41:d6:18:25:b9:2c:56:f7:02:62:b4:
         05:cb:6d:71:43:6a:c0:1e:73:31:e7:2c:7e:50:73:3f:10:5c:
         33:88:98:d3:60:85:37:0f:37:a2:60:eb:0f:81:9b:61:8e:78:
         97:fb:fc:19:ce:2b:e5:f5:88:ef:c5:f3:69:87:5f:97:1d:01:
         60:1e:9e:ee:f3:ba:70:69:e9:ac:51:01:9a:9c:f8:98:f2:c3:
         5c:99:27:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6QzM9bqUxcEO+nB0PqYpV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwMzMwMTkxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjUyZWJiZjUwNjRjZDIxMWQxMzdjZDBlNzIzYTQ2NWEwMjJiZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGUwDmgCXbkbPZiTTp2PRVuunKnK
ckhvUpD/jXySpaPJ51SGFUu/eYJV0YEKrf1b5qAQxXkux4CQ4YKmpZBBhMZqwjh7
nzUu9L5aiCcPTExs5LA3FqdmDkhxcfZ7DmSagHN3BQSII9EQbyssoe1f0hfQ/iiG
Zvn3WNgC/ZxBmjrTuL1C56vIi21dQhIm8Vn4HJhWqLaTGU7BYhxYMPVa5V11NVqu
HJ9ZTruc8wabNU17txzBL63liz0cH9kCK85jgzk+rjnnuW57SsX2B7jKkr1rFpHE
ikp3Zd+SJ88BW1F4l/YmeNRWBouw8e0MAVCcppmU1veLUyYq2167TqRtnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHtS679QZM0hHRN80OcjpGWgIr4CMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvZTFMcnYxQmt6U0VkRTN6UTV5T2taYUFpdmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYDNMA0G
CSqGSIb3DQEBCwUAA4IBAQAnMCjog4hLY+A0T5qeiiWKkAqGP2w5Wsdvwj6eNjPv
sBOuaRt2Sr4bMHVIAJvgqrMOkiBLj8mAYk0ID3fZ0RgIzYrS+T2vEPbg806rFgg1
tqdX62VhXT7wbneSToqnBqo4fgHM2T+XTa18o478hamfHEQ+f3HkC/CGcAPwzvDi
e+ErnE5FVYCwLsG1xVgNGvgDkGtjRTvnUtyq2L1D3+V+7ByJq1JXPePCQdYYJbks
VvcCYrQFy21xQ2rAHnMx5yx+UHM/EFwziJjTYIU3DzeiYOsPgZthjniX+/wZzivl
9YjvxfNph1+XHQFgHp7u87pwaemsUQGanPiY8sNcmSdQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org