Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/K0vOO8Xiftw9nYzV2VK1rgpX6Wk.roa
File:                     K0vOO8Xiftw9nYzV2VK1rgpX6Wk.roa (raw, json)
Hash identifier:          Impd3+OFbFnCv+yIEdhIKCJDBVUbF5W1PAfse+tjIOU=
Subject key identifier:   2B:4B:CE:3B:C5:E2:7E:DC:3D:9D:8C:D5:D9:52:B5:AE:0A:57:E9:69
Certificate issuer:       /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial:       018851C41385173F1AEBA76D5FCB774F9E81
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/K0vOO8Xiftw9nYzV2VK1rgpX6Wk.roa
Signing time:             Thu 25 May 2023 07:16:24 +0000
ROA not before:           Thu 25 May 2023 07:16:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57033
IP address blocks:        45.158.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:51:c4:13:85:17:3f:1a:eb:a7:6d:5f:cb:77:4f:9e:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
        Validity
            Not Before: May 25 07:16:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b4bce3bc5e27edc3d9d8cd5d952b5ae0a57e969
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f8:aa:86:e8:57:f8:d4:41:42:fd:66:e2:a0:
                    12:ed:7c:f2:cb:f1:aa:7b:c3:c5:88:5e:17:f1:a1:
                    dc:a6:cb:66:95:31:cd:3c:43:49:f6:a6:31:2d:21:
                    9c:b3:15:ac:82:2c:a2:98:c4:24:a6:bb:31:4e:16:
                    a6:1e:55:b3:8b:a5:d1:e4:c9:df:04:8b:53:9b:e6:
                    10:b1:83:83:6c:aa:3e:64:06:d7:8c:2a:51:9d:db:
                    8d:f9:ad:11:0c:66:91:4c:70:da:90:87:97:04:f0:
                    ad:89:01:f3:95:e6:47:59:f5:9a:1b:67:14:6f:9f:
                    b6:d4:a8:de:8f:df:2f:f9:28:3b:df:59:0b:d0:af:
                    27:3c:3f:91:3b:40:48:27:c5:1d:ec:e3:71:e4:16:
                    80:a6:07:28:c1:62:f3:89:17:1d:38:91:53:b6:f6:
                    89:28:bb:07:a9:6d:83:57:49:d0:88:2e:be:b2:07:
                    de:cd:3f:83:20:8d:e7:6c:a1:f5:88:9e:ab:a8:69:
                    90:2c:b9:27:ef:9c:91:21:de:3d:7c:24:05:40:06:
                    c5:25:e3:3b:3c:75:31:bf:0d:22:cb:c3:58:48:8d:
                    00:58:3d:fd:93:9b:66:48:83:36:7e:7c:7e:a5:1c:
                    c0:01:7f:33:03:aa:ee:9f:54:15:b9:cc:bf:1d:7d:
                    67:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:4B:CE:3B:C5:E2:7E:DC:3D:9D:8C:D5:D9:52:B5:AE:0A:57:E9:69
            X509v3 Authority Key Identifier:
                keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/K0vOO8Xiftw9nYzV2VK1rgpX6Wk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:ca:59:3e:0a:a3:18:3c:21:07:ff:49:49:cb:6d:1d:bb:55:
         28:fe:99:cf:63:7c:4d:04:24:b1:71:02:91:f6:de:cf:57:6c:
         c3:8f:c7:3a:0d:96:27:0b:e9:64:3c:85:b0:18:60:db:4c:b9:
         04:23:3e:9d:24:f3:ea:be:82:e7:90:08:ff:77:91:2c:9f:6a:
         dc:4e:4e:2c:fd:91:5f:bf:ff:8c:84:e9:7b:e6:46:98:25:b2:
         33:dd:ad:ff:61:3a:2b:0f:66:84:b6:c7:b8:1b:21:fb:a2:b8:
         24:df:b3:54:42:28:bb:ef:e1:42:1e:d1:31:1c:82:5d:98:3e:
         e0:0b:9d:3a:12:10:c3:e9:37:3f:26:a5:59:f7:41:94:48:9c:
         d5:fc:d1:18:7e:6d:fa:f0:3f:a3:59:88:a4:81:15:e4:50:f5:
         a0:5c:8d:b4:23:58:72:ea:ac:ac:a2:e1:43:6b:5a:be:fd:3c:
         e4:1d:ff:1e:f2:22:f1:ca:db:f3:66:73:0c:db:11:a5:1d:9a:
         cb:56:a0:15:95:d8:a0:1d:64:72:b6:43:94:a6:9d:d8:76:34:
         29:d1:db:8e:c1:17:96:ae:f1:03:d2:23:f3:9f:c8:19:67:41:
         01:b1:f3:5c:2d:78:2d:d6:52:1b:42:86:1a:93:94:cd:05:ea:
         20:b1:27:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhRxBOFFz8a66dtX8t3T56BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjMwNTI1MDcxNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRiY2UzYmM1ZTI3ZWRjM2Q5ZDhjZDVkOTUyYjVhZTBhNTdlOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/iqhuhX+NRBQv1m4qAS7Xzyy/Gq
e8PFiF4X8aHcpstmlTHNPENJ9qYxLSGcsxWsgiyimMQkprsxThamHlWzi6XR5Mnf
BItTm+YQsYODbKo+ZAbXjCpRnduN+a0RDGaRTHDakIeXBPCtiQHzleZHWfWaG2cU
b5+21Kjej98v+Sg731kL0K8nPD+RO0BIJ8Ud7ONx5BaApgcowWLziRcdOJFTtvaJ
KLsHqW2DV0nQiC6+sgfezT+DII3nbKH1iJ6rqGmQLLkn75yRId49fCQFQAbFJeM7
PHUxvw0iy8NYSI0AWD39k5tmSIM2fnx+pRzAAX8zA6run1QVucy/HX1nVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtLzjvF4n7cPZ2M1dlSta4KV+lpMB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvSzB2T084WGlmdHc5bll6VjJWSzFyZ3BYNldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ59MA0G
CSqGSIb3DQEBCwUAA4IBAQCMylk+CqMYPCEH/0lJy20du1Uo/pnPY3xNBCSxcQKR
9t7PV2zDj8c6DZYnC+lkPIWwGGDbTLkEIz6dJPPqvoLnkAj/d5Esn2rcTk4s/ZFf
v/+MhOl75kaYJbIz3a3/YTorD2aEtse4GyH7orgk37NUQii77+FCHtExHIJdmD7g
C506EhDD6Tc/JqVZ90GUSJzV/NEYfm368D+jWYikgRXkUPWgXI20I1hy6qysouFD
a1q+/TzkHf8e8iLxytvzZnMM2xGlHZrLVqAVldigHWRytkOUpp3YdjQp0duOwReW
rvED0iPzn8gZZ0EBsfNcLXgt1lIbQoYak5TNBeogsSfZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:00 2024 by rpki-client on console-ams.rpki-client.org