Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/2GL0Nn9mbEzyISMCJcCBvBGnDJo.roa
File:                     2GL0Nn9mbEzyISMCJcCBvBGnDJo.roa (raw, json)
Hash identifier:          O8ItlJAS56YtzudIvRtt0w3QS4Oox6LEksAQ+FafBSQ=
Subject key identifier:   D8:62:F4:36:7F:66:6C:4C:F2:21:23:02:25:C0:81:BC:11:A7:0C:9A
Certificate issuer:       /CN=4568d0a7204560b6356d837bbf1510d9636df63a
Certificate serial:       018FE33E62E8FF1ABAE3A2A893112335D74B
Authority key identifier: 45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/2GL0Nn9mbEzyISMCJcCBvBGnDJo.roa
Signing time:             Tue 04 Jun 2024 12:34:27 +0000
ROA not before:           Tue 04 Jun 2024 12:34:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20521
IP address blocks:        80.245.208.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 14:14:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:e3:3e:62:e8:ff:1a:ba:e3:a2:a8:93:11:23:35:d7:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4568d0a7204560b6356d837bbf1510d9636df63a
        Validity
            Not Before: Jun  4 12:34:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d862f4367f666c4cf221230225c081bc11a70c9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:99:c2:94:d9:22:27:2b:5e:5e:da:9d:ff:ab:
                    a2:44:a9:d8:9c:ab:5c:d2:63:24:0c:d0:0a:05:28:
                    de:5f:62:64:c1:26:dc:ad:8e:3e:b3:bb:aa:40:ee:
                    95:17:78:b2:06:e0:8b:7b:f5:64:c8:6d:54:ca:04:
                    df:99:1e:3f:48:a9:fe:8f:5b:e4:55:22:ea:c9:4c:
                    93:f5:0a:cd:8f:94:77:3f:3b:8c:d6:71:f4:e2:3b:
                    ee:e1:af:55:d8:c9:6e:93:fd:fc:9d:3e:f1:f5:a5:
                    d9:d6:69:ef:b0:3b:cd:bb:7f:e3:c6:f9:78:fc:60:
                    d3:3a:e3:c9:40:4b:03:a5:0e:c9:cf:3a:7d:88:4b:
                    2d:10:e1:7a:0a:af:2a:2a:24:8e:46:c2:4c:37:64:
                    cc:04:7d:d0:cb:6b:d6:14:b5:1f:34:c0:37:f5:4e:
                    2d:3c:c8:64:c8:c3:a3:b3:96:ca:35:11:e6:c4:b7:
                    2f:6a:55:a2:18:fe:91:26:72:f8:a4:fb:6e:67:4c:
                    5f:34:dd:56:4a:4c:5f:10:9d:1a:75:bd:1f:5a:2d:
                    6a:a2:06:9e:4a:ab:38:88:f5:4e:3e:8f:8e:cf:b2:
                    f9:3b:0d:cd:e6:ad:ae:ed:59:c0:95:64:de:df:5f:
                    83:cf:09:54:bc:1f:f7:9d:01:d2:3e:17:57:9f:2f:
                    1c:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:62:F4:36:7F:66:6C:4C:F2:21:23:02:25:C0:81:BC:11:A7:0C:9A
            X509v3 Authority Key Identifier:
                keyid:45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/2GL0Nn9mbEzyISMCJcCBvBGnDJo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.245.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ad:a7:c3:c2:e2:9b:16:1a:54:ed:52:8e:8d:4c:57:4a:fe:f9:
         3a:d3:fd:34:e2:ec:13:8d:31:b9:a3:cc:2a:42:ed:ab:ed:b6:
         ef:20:85:3b:78:95:b8:ba:a9:6a:c1:8f:4b:f8:41:37:99:38:
         fb:ea:e7:82:ea:ce:52:39:bc:f5:8e:2d:3b:6c:8a:68:14:64:
         62:60:4b:02:da:02:9d:10:bd:30:40:96:13:bc:4c:d9:86:34:
         76:77:e8:b1:07:96:b6:29:d8:97:73:3e:bc:ae:2c:95:f8:01:
         4f:c3:f6:77:c1:28:c3:3b:0d:f4:54:df:ca:23:eb:10:3b:d8:
         34:1a:ec:2d:34:8b:8e:6f:15:b2:79:b2:be:93:28:54:23:2b:
         cf:75:72:97:8b:07:99:78:a8:b3:88:5a:79:ee:06:3f:b3:cf:
         a9:9f:55:20:6d:35:ff:94:41:6f:24:69:99:53:d2:04:40:be:
         f8:08:59:58:8c:9d:1b:7d:2e:73:7e:59:19:04:a2:81:7f:fa:
         34:76:72:a5:e7:52:fb:fb:ac:e3:ae:b5:94:62:b1:9d:71:5a:
         74:ee:11:4b:1c:0d:a7:18:1e:dc:8b:c3:2c:fe:d6:0b:4a:d1:
         e8:e7:78:b4:ba:5f:c2:93:1c:a8:2d:74:3b:53:db:99:18:63:
         be:6e:09:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/jPmLo/xq646KokxEjNddLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NjhkMGE3MjA0NTYwYjYzNTZkODM3YmJmMTUxMGQ5NjM2
ZGY2M2EwHhcNMjQwNjA0MTIzNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYyZjQzNjdmNjY2YzRjZjIyMTIzMDIyNWMwODFiYzExYTcwYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5nClNkiJyteXtqd/6uiRKnYnKtc
0mMkDNAKBSjeX2JkwSbcrY4+s7uqQO6VF3iyBuCLe/VkyG1UygTfmR4/SKn+j1vk
VSLqyUyT9QrNj5R3PzuM1nH04jvu4a9V2Mluk/38nT7x9aXZ1mnvsDvNu3/jxvl4
/GDTOuPJQEsDpQ7Jzzp9iEstEOF6Cq8qKiSORsJMN2TMBH3Qy2vWFLUfNMA39U4t
PMhkyMOjs5bKNRHmxLcvalWiGP6RJnL4pPtuZ0xfNN1WSkxfEJ0adb0fWi1qogae
Sqs4iPVOPo+Oz7L5Ow3N5q2u7VnAlWTe31+DzwlUvB/3nQHSPhdXny8c5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhi9DZ/ZmxM8iEjAiXAgbwRpwyaMB8GA1UdIwQY
MBaAFEVo0KcgRWC2NW2De78VENljbfY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgt
NmZlMzVhZTU0YTViLzEvMkdMME5uOW1iRXp5SVNNQ0pjQ0J2QkduREpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgtNmZlMzVhZTU0YTVi
LzEvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUPXQMA0G
CSqGSIb3DQEBCwUAA4IBAQCtp8PC4psWGlTtUo6NTFdK/vk60/004uwTjTG5o8wq
Qu2r7bbvIIU7eJW4uqlqwY9L+EE3mTj76ueC6s5SObz1ji07bIpoFGRiYEsC2gKd
EL0wQJYTvEzZhjR2d+ixB5a2KdiXcz68riyV+AFPw/Z3wSjDOw30VN/KI+sQO9g0
GuwtNIuObxWyebK+kyhUIyvPdXKXiweZeKiziFp57gY/s8+pn1UgbTX/lEFvJGmZ
U9IEQL74CFlYjJ0bfS5zflkZBKKBf/o0dnKl51L7+6zjrrWUYrGdcVp07hFLHA2n
GB7ci8Ms/tYLStHo53i0ul/CkxyoLXQ7U9uZGGO+bgkS
-----END CERTIFICATE-----
Generated at Tue Jun 11 20:23:07 2024 by rpki-client on console-ams.rpki-client.org