Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/S5vZDnaoLtOoZmXjw6yMWcyhOvI.roa
File:                     S5vZDnaoLtOoZmXjw6yMWcyhOvI.roa (raw, json)
Hash identifier:          4qN2Obw8o5YPGHBtBZDI68kg7QuFvrEkHWP06uKTo3c=
Subject key identifier:   4B:9B:D9:0E:76:A8:2E:D3:A8:66:65:E3:C3:AC:8C:59:CC:A1:3A:F2
Certificate issuer:       /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial:       01859D863F27C476403B394A9BE471C03C57
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/S5vZDnaoLtOoZmXjw6yMWcyhOvI.roa
Signing time:             Tue 10 Jan 2023 21:11:38 +0000
ROA not before:           Tue 10 Jan 2023 21:11:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        45.158.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Feb 2023 21:05:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9d:86:3f:27:c4:76:40:3b:39:4a:9b:e4:71:c0:3c:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
        Validity
            Not Before: Jan 10 21:11:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b9bd90e76a82ed3a86665e3c3ac8c59cca13af2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c1:50:8a:00:da:0c:a4:05:96:bb:57:9a:11:
                    ff:49:94:3a:e4:c6:74:11:ba:0a:c7:ea:90:ef:dc:
                    d9:1a:b0:b3:34:1e:49:3c:7a:ab:f9:5e:ff:39:4f:
                    b6:d9:b0:8d:17:37:55:c1:10:2d:c5:5b:27:ed:fd:
                    b2:d7:e9:69:9e:a9:55:4b:70:bc:65:e2:64:09:19:
                    73:ad:a6:cd:37:ca:3f:0a:f8:8e:e2:f0:d3:95:5f:
                    73:62:d3:e0:67:6b:c2:eb:87:47:88:1b:fc:16:74:
                    09:10:43:7f:ac:eb:49:23:34:a3:4e:31:a3:d8:35:
                    a5:c2:06:ae:c6:d3:dd:ad:13:36:b5:19:35:4d:dc:
                    a1:ee:df:3f:de:98:04:67:00:69:6e:9d:64:8e:43:
                    eb:93:a1:d8:ed:ca:ae:da:2a:20:0f:9b:13:56:a3:
                    55:bd:1c:d7:e0:b7:e4:35:5f:a8:97:33:03:69:b5:
                    98:8f:fe:32:3f:ae:52:06:ff:df:49:a9:5a:a4:70:
                    58:3f:32:b3:06:57:1b:dc:9e:1e:01:0f:f6:3a:8b:
                    89:b8:87:38:f6:48:f4:6d:16:8b:da:81:ee:94:b4:
                    f6:31:19:5b:2a:38:4c:59:e9:d6:c0:0c:02:3d:01:
                    34:a9:81:b3:bb:77:71:4f:7a:cf:05:65:42:29:ae:
                    89:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:9B:D9:0E:76:A8:2E:D3:A8:66:65:E3:C3:AC:8C:59:CC:A1:3A:F2
            X509v3 Authority Key Identifier:
                keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/S5vZDnaoLtOoZmXjw6yMWcyhOvI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:7f:b2:0b:f5:a2:9c:5e:c7:90:b6:c6:f5:c9:cd:a9:02:96:
         06:62:af:5e:11:75:91:d0:cf:dd:9b:19:ac:57:d6:33:23:2e:
         dc:9a:1a:e6:1c:53:94:8f:60:44:38:13:5a:92:06:2a:d3:02:
         f7:74:fe:0f:97:f9:bd:8d:98:b5:38:94:9a:b8:e5:c0:84:4e:
         85:70:12:84:eb:cd:82:e6:3a:db:ef:d6:ba:83:93:42:73:09:
         f8:81:25:8b:df:c4:18:94:74:08:12:58:3a:7e:66:06:0c:66:
         d0:f2:98:f1:1b:b1:7c:e8:71:fa:f2:07:08:98:32:8b:4f:92:
         41:86:8e:69:f0:11:c8:ac:73:b1:2a:2c:03:25:e9:64:c5:f4:
         ef:3f:c9:f9:74:5e:7d:de:83:bf:23:f0:17:f6:0e:7f:54:eb:
         f4:0f:c6:1e:40:55:28:44:e5:f7:b0:1c:ab:54:18:23:79:25:
         32:92:0c:d2:d3:08:52:99:3d:e1:00:83:8e:c6:0d:84:c1:90:
         db:99:7c:15:68:62:e9:38:2a:8c:80:f2:1f:df:22:9c:40:97:
         c4:5f:f5:2b:99:36:c7:b1:96:83:ea:52:fe:32:a4:fc:b0:64:
         ac:70:23:2a:54:c9:0e:19:76:aa:5e:68:64:5a:e6:2c:e7:7d:
         4a:84:a8:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWdhj8nxHZAOzlKm+RxwDxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjMwMTEwMjExMTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjliZDkwZTc2YTgyZWQzYTg2NjY1ZTNjM2FjOGM1OWNjYTEzYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8FQigDaDKQFlrtXmhH/SZQ65MZ0
EboKx+qQ79zZGrCzNB5JPHqr+V7/OU+22bCNFzdVwRAtxVsn7f2y1+lpnqlVS3C8
ZeJkCRlzrabNN8o/CviO4vDTlV9zYtPgZ2vC64dHiBv8FnQJEEN/rOtJIzSjTjGj
2DWlwgauxtPdrRM2tRk1Tdyh7t8/3pgEZwBpbp1kjkPrk6HY7cqu2iogD5sTVqNV
vRzX4LfkNV+olzMDabWYj/4yP65SBv/fSalapHBYPzKzBlcb3J4eAQ/2OouJuIc4
9kj0bRaL2oHulLT2MRlbKjhMWenWwAwCPQE0qYGzu3dxT3rPBWVCKa6JOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEub2Q52qC7TqGZl48OsjFnMoTryMB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvUzV2WkRuYW9MdE9vWm1Yanc2eU1XY3loT3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ5/MA0G
CSqGSIb3DQEBCwUAA4IBAQAef7IL9aKcXseQtsb1yc2pApYGYq9eEXWR0M/dmxms
V9YzIy7cmhrmHFOUj2BEOBNakgYq0wL3dP4Pl/m9jZi1OJSauOXAhE6FcBKE682C
5jrb79a6g5NCcwn4gSWL38QYlHQIElg6fmYGDGbQ8pjxG7F86HH68gcImDKLT5JB
ho5p8BHIrHOxKiwDJelkxfTvP8n5dF593oO/I/AX9g5/VOv0D8YeQFUoROX3sByr
VBgjeSUykgzS0whSmT3hAIOOxg2EwZDbmXwVaGLpOCqMgPIf3yKcQJfEX/UrmTbH
sZaD6lL+MqT8sGSscCMqVMkOGXaqXmhkWuYs531KhKjh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org