Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/l61wIu8fgVGllRuRa4CFLLzsTyA.roa
File:                     l61wIu8fgVGllRuRa4CFLLzsTyA.roa (raw, json)
Hash identifier:          36n1aM5ynvauDLGhLeh+1N7HHB8eMlh9hqjkitQieJc=
Subject key identifier:   97:AD:70:22:EF:1F:81:51:A5:95:1B:91:6B:80:85:2C:BC:EC:4F:20
Certificate issuer:       /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial:       01856E5D44FF50E37B3EF2C5923AC20F9E17
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/l61wIu8fgVGllRuRa4CFLLzsTyA.roa
Signing time:             Sun 01 Jan 2023 17:24:44 +0000
ROA not before:           Sun 01 Jan 2023 17:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        45.158.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Feb 2023 20:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:5d:44:ff:50:e3:7b:3e:f2:c5:92:3a:c2:0f:9e:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
        Validity
            Not Before: Jan  1 17:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=97ad7022ef1f8151a5951b916b80852cbcec4f20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ab:7d:f8:5b:c0:87:9c:eb:d2:46:16:44:5f:
                    7d:09:cb:c5:7c:f3:b7:ef:28:3c:cb:e6:f2:63:aa:
                    bc:5e:a2:0d:41:66:b0:4f:27:74:bf:af:45:f7:23:
                    9b:17:8c:74:1e:c6:e2:22:0a:0b:4e:51:82:bd:6d:
                    03:ba:8f:22:30:cc:93:4f:5a:3f:b0:67:30:33:54:
                    5d:fa:20:62:98:53:be:ce:46:1f:38:6c:6c:65:30:
                    b9:58:68:69:af:f4:47:8f:a4:be:db:d4:ed:2c:d3:
                    c8:5d:51:cc:91:53:f5:53:7d:8c:49:55:0e:d1:4e:
                    be:5c:b6:37:0a:2a:b7:9a:b6:a7:7b:c0:33:6b:9e:
                    93:10:33:53:69:a3:bc:f2:f3:b6:8f:4b:c2:89:db:
                    ed:56:c2:a9:42:da:97:0c:6b:ea:ac:a9:18:81:7c:
                    99:bd:6f:d1:d4:cc:0b:73:06:46:00:1c:a7:ee:78:
                    5c:8d:19:65:29:90:d6:b4:f8:4a:a8:fb:24:b5:43:
                    9f:42:a9:e6:d7:e8:74:93:3d:7a:80:a8:46:53:65:
                    dc:8f:14:38:dc:74:2c:17:70:0d:71:f1:49:1d:a2:
                    b4:6f:99:6a:df:67:22:f3:f5:5b:e3:4c:94:63:df:
                    55:4a:c5:5e:98:4e:25:74:26:ab:7e:33:2e:9a:93:
                    1d:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:AD:70:22:EF:1F:81:51:A5:95:1B:91:6B:80:85:2C:BC:EC:4F:20
            X509v3 Authority Key Identifier:
                keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/l61wIu8fgVGllRuRa4CFLLzsTyA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:1d:da:0f:85:e7:2d:ab:0c:db:f3:bf:e6:4c:c0:fa:c7:d3:
         03:98:52:b8:56:30:a9:66:82:3a:d2:f4:69:91:01:1c:0a:48:
         18:29:bb:73:cc:3e:58:f7:16:c7:b1:5e:dd:34:76:59:cb:48:
         e7:3d:9a:7e:de:9c:4c:48:5f:cf:c5:2a:7d:2e:86:2f:52:53:
         56:ee:19:eb:51:28:01:06:11:04:42:42:3b:a3:c4:0e:74:69:
         1e:de:b2:28:23:f9:5c:11:de:0d:42:69:ab:7f:73:67:4a:ae:
         2d:25:f3:07:cb:8d:c7:cf:52:07:96:2d:73:9d:43:1f:91:eb:
         68:22:56:83:ab:01:b1:d6:1d:75:a1:96:3f:c2:c1:73:7a:5d:
         32:37:9b:ba:eb:96:2a:87:50:06:c3:de:fa:58:dc:ba:40:5b:
         3a:af:78:d7:ba:77:31:88:4a:bf:5f:91:03:51:f2:b0:2c:d0:
         f1:46:e7:bd:d4:67:bf:9b:c5:f5:ef:10:75:6f:5b:a6:45:4d:
         68:72:c3:e6:16:78:69:d8:f4:04:b9:0b:7a:c8:a5:2a:7f:df:
         6d:f5:e8:f9:9d:0c:ea:e9:99:35:67:fe:0e:81:6b:80:46:93:
         b2:78:87:c3:51:f4:bf:7b:bb:cc:85:be:c9:84:c7:c4:1a:35:
         a3:e8:c7:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXUT/UON7PvLFkjrCD54XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjMwMTAxMTcyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FkNzAyMmVmMWY4MTUxYTU5NTFiOTE2YjgwODUyY2JjZWM0ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16t9+FvAh5zr0kYWRF99CcvFfPO3
7yg8y+byY6q8XqINQWawTyd0v69F9yObF4x0HsbiIgoLTlGCvW0Duo8iMMyTT1o/
sGcwM1Rd+iBimFO+zkYfOGxsZTC5WGhpr/RHj6S+29TtLNPIXVHMkVP1U32MSVUO
0U6+XLY3Ciq3mrane8Aza56TEDNTaaO88vO2j0vCidvtVsKpQtqXDGvqrKkYgXyZ
vW/R1MwLcwZGAByn7nhcjRllKZDWtPhKqPsktUOfQqnm1+h0kz16gKhGU2XcjxQ4
3HQsF3ANcfFJHaK0b5lq32ci8/Vb40yUY99VSsVemE4ldCarfjMumpMdEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJetcCLvH4FRpZUbkWuAhSy87E8gMB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvbDYxd0l1OGZnVkdsbFJ1UmE0Q0ZMTHpzVHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ59MA0G
CSqGSIb3DQEBCwUAA4IBAQCVHdoPhectqwzb87/mTMD6x9MDmFK4VjCpZoI60vRp
kQEcCkgYKbtzzD5Y9xbHsV7dNHZZy0jnPZp+3pxMSF/PxSp9LoYvUlNW7hnrUSgB
BhEEQkI7o8QOdGke3rIoI/lcEd4NQmmrf3NnSq4tJfMHy43Hz1IHli1znUMfketo
IlaDqwGx1h11oZY/wsFzel0yN5u665Yqh1AGw976WNy6QFs6r3jXuncxiEq/X5ED
UfKwLNDxRue91Ge/m8X17xB1b1umRU1ocsPmFnhp2PQEuQt6yKUqf99t9ej5nQzq
6Zk1Z/4OgWuARpOyeIfDUfS/e7vMhb7JhMfEGjWj6McV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org