Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/z8zaGSM1mdDVc90Byxy0KNl3lnw.roa
File:                     z8zaGSM1mdDVc90Byxy0KNl3lnw.roa (raw, json)
Hash identifier:          rr46gSKwsmzm1+Iqtrld2e4B+I8AIczK/MrwEjrK7PY=
Subject key identifier:   CF:CC:DA:19:23:35:99:D0:D5:73:DD:01:CB:1C:B4:28:D9:77:96:7C
Certificate issuer:       /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial:       018B8C86A44D16F9E02D72E9FED93D9AEE13
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/z8zaGSM1mdDVc90Byxy0KNl3lnw.roa
Signing time:             Wed 01 Nov 2023 20:15:16 +0000
ROA not before:           Wed 01 Nov 2023 20:15:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        45.158.127.0/24 maxlen: 24
                          45.158.126.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8c:86:a4:4d:16:f9:e0:2d:72:e9:fe:d9:3d:9a:ee:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
        Validity
            Not Before: Nov  1 20:15:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cfccda19233599d0d573dd01cb1cb428d977967c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:74:38:31:8e:34:60:90:91:dd:48:1c:36:a6:
                    40:4f:4f:a7:70:22:f1:f5:44:d0:54:65:ee:41:5c:
                    ba:7d:56:ed:7b:90:72:4d:0b:fc:c4:a4:6b:34:98:
                    32:2d:0a:ba:b7:0b:a8:77:78:03:aa:14:55:20:5e:
                    68:1e:6a:a8:6d:a9:23:e7:ce:38:ad:8b:dc:71:87:
                    91:58:54:c6:67:6f:ae:e6:c9:35:2e:c8:e2:4a:b5:
                    8e:45:0c:ae:82:d6:d0:c7:09:4b:c1:55:74:47:32:
                    0a:16:09:81:61:bb:d0:e9:f9:d4:a4:9b:83:78:69:
                    a3:88:ac:57:90:54:8c:ef:ab:89:b1:64:42:08:ba:
                    26:cc:45:a1:f0:97:48:c8:61:e4:2e:40:69:13:b3:
                    81:ba:fe:26:7d:b6:9f:29:38:fb:24:54:3f:00:ec:
                    87:ef:cb:9d:9a:aa:98:29:f9:d6:19:6d:ca:84:cf:
                    48:a7:74:fc:39:e3:fb:56:0f:72:ed:16:cd:02:4d:
                    83:23:5e:e6:4c:85:22:99:0b:be:6e:65:42:8d:07:
                    d9:8a:7d:da:6b:f5:20:88:cb:70:9b:19:f0:11:33:
                    5b:92:0a:39:12:68:20:71:28:2a:1b:22:79:bb:86:
                    ce:69:96:66:05:a1:e4:77:f3:f5:d3:b5:d7:b0:79:
                    ee:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:CC:DA:19:23:35:99:D0:D5:73:DD:01:CB:1C:B4:28:D9:77:96:7C
            X509v3 Authority Key Identifier:
                keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/z8zaGSM1mdDVc90Byxy0KNl3lnw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         27:a8:b1:8f:f3:b6:86:7f:ce:fe:2a:b9:8b:44:fe:3d:38:c8:
         4a:59:4c:9f:60:19:c0:ff:eb:e9:f6:48:2e:3d:52:fc:af:f0:
         0d:d5:c7:69:ba:07:d2:b1:50:52:eb:db:b1:55:71:a4:d6:59:
         52:d8:60:42:01:88:7c:b6:a4:07:9d:30:a1:2e:ca:51:37:87:
         20:8f:7a:d4:0f:3c:9e:90:e3:bd:2d:9c:f9:cc:5c:8e:2e:cb:
         30:c2:db:97:38:3c:99:37:00:28:a2:2b:56:d4:e8:5a:2f:81:
         08:8f:ec:45:ea:2f:ed:ea:bc:c4:02:3d:f0:70:f1:b4:47:df:
         69:3d:64:6a:e1:48:22:5c:70:97:a6:b0:c3:01:42:17:af:5c:
         3e:18:ac:00:fd:6f:a6:ea:9b:75:0d:f1:f6:96:f0:19:37:29:
         51:c1:ec:45:dc:1a:ea:43:d9:00:8f:f8:fb:08:4e:81:e9:5f:
         5b:62:40:ad:61:1b:3e:a3:b1:c3:1b:ed:49:fa:b6:4c:c4:f9:
         b6:36:55:a8:c0:cf:74:2a:c8:85:6b:43:1d:f3:28:df:14:a5:
         88:53:1d:91:56:0b:24:b9:5e:bf:52:49:e1:b0:d7:11:7a:f7:
         44:b7:32:16:59:b5:68:47:80:9a:84:cf:f2:82:5d:91:55:d2:
         61:4f:fe:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuMhqRNFvngLXLp/tk9mu4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjMxMTAxMjAxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmNjZGExOTIzMzU5OWQwZDU3M2RkMDFjYjFjYjQyOGQ5Nzc5NjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnQ4MY40YJCR3UgcNqZAT0+ncCLx
9UTQVGXuQVy6fVbte5ByTQv8xKRrNJgyLQq6twuod3gDqhRVIF5oHmqobakj5844
rYvccYeRWFTGZ2+u5sk1LsjiSrWORQyugtbQxwlLwVV0RzIKFgmBYbvQ6fnUpJuD
eGmjiKxXkFSM76uJsWRCCLomzEWh8JdIyGHkLkBpE7OBuv4mfbafKTj7JFQ/AOyH
78udmqqYKfnWGW3KhM9Ip3T8OeP7Vg9y7RbNAk2DI17mTIUimQu+bmVCjQfZin3a
a/UgiMtwmxnwETNbkgo5EmggcSgqGyJ5u4bOaZZmBaHkd/P107XXsHnuRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/M2hkjNZnQ1XPdAcsctCjZd5Z8MB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvejh6YUdTTTFtZERWYzkwQnl4eTBLTmwzbG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ5+MA0G
CSqGSIb3DQEBCwUAA4IBAQAnqLGP87aGf87+KrmLRP49OMhKWUyfYBnA/+vp9kgu
PVL8r/AN1cdpugfSsVBS69uxVXGk1llS2GBCAYh8tqQHnTChLspRN4cgj3rUDzye
kOO9LZz5zFyOLsswwtuXODyZNwAooitW1OhaL4EIj+xF6i/t6rzEAj3wcPG0R99p
PWRq4UgiXHCXprDDAUIXr1w+GKwA/W+m6pt1DfH2lvAZNylRwexF3BrqQ9kAj/j7
CE6B6V9bYkCtYRs+o7HDG+1J+rZMxPm2NlWowM90KsiFa0Md8yjfFKWIUx2RVgsk
uV6/UknhsNcRevdEtzIWWbVoR4CahM/ygl2RVdJhT/5E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:00 2024 by rpki-client on console-ams.rpki-client.org