Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/y9zy24dVlMHnrYbD4lIiYn0gw4w.roa
File:                     y9zy24dVlMHnrYbD4lIiYn0gw4w.roa (raw, json)
Hash identifier:          z6ELml+mB4t3DAH0sCvclVi+A9q7NZXz5EjmF5TPXR0=
Subject key identifier:   CB:DC:F2:DB:87:55:94:C1:E7:AD:86:C3:E2:52:22:62:7D:20:C3:8C
Certificate issuer:       /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial:       0185B97804745E867ED3BE4A6B5BDF89DAA3
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/y9zy24dVlMHnrYbD4lIiYn0gw4w.roa
Signing time:             Mon 16 Jan 2023 07:25:28 +0000
ROA not before:           Mon 16 Jan 2023 07:25:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48716
IP address blocks:        45.8.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 18 Jan 2023 07:18:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:b9:78:04:74:5e:86:7e:d3:be:4a:6b:5b:df:89:da:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
        Validity
            Not Before: Jan 16 07:25:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cbdcf2db875594c1e7ad86c3e25222627d20c38c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:f9:9c:63:a8:ce:ea:69:76:db:d6:77:44:85:
                    19:a8:44:98:79:59:7d:f8:57:e5:5d:37:aa:1a:55:
                    4a:f8:39:12:3b:2f:38:0e:83:17:53:a1:a2:5c:5c:
                    a8:4d:ab:bf:55:76:da:27:dc:37:be:97:ad:53:93:
                    36:98:4a:88:91:8b:5f:b8:eb:00:d8:02:fa:a6:26:
                    68:3f:36:ba:e6:de:fa:f5:2b:2b:d7:03:02:f0:1e:
                    64:51:8c:a0:c4:3a:8a:f6:d5:2b:f9:0e:49:95:47:
                    81:0c:d8:8b:c3:e4:b2:84:87:45:e4:73:6f:e3:14:
                    c4:da:e3:86:6e:88:0f:a2:dd:ad:32:52:27:1c:53:
                    eb:87:fa:5a:87:36:63:6a:d9:b0:a9:ed:97:51:48:
                    5b:93:0a:85:7c:0d:de:50:cb:8d:6f:2d:d8:ea:66:
                    78:dd:93:53:0f:39:ff:bf:95:54:f1:91:1d:4a:69:
                    91:91:a5:95:9d:06:81:0b:17:2c:a5:09:9c:dd:69:
                    e7:8e:c3:c6:f6:69:b9:91:b5:6e:56:35:c8:b0:cb:
                    dc:de:c9:dd:a9:c0:7d:b2:e4:d1:05:ef:c9:2d:a9:
                    88:ff:ee:be:ee:fa:97:ca:81:21:72:4b:7d:85:33:
                    a9:aa:c8:f2:db:60:cc:96:51:3a:ba:3c:01:d6:3a:
                    51:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:DC:F2:DB:87:55:94:C1:E7:AD:86:C3:E2:52:22:62:7D:20:C3:8C
            X509v3 Authority Key Identifier:
                keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/y9zy24dVlMHnrYbD4lIiYn0gw4w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:19:38:d3:44:1d:ed:e4:f7:dc:03:bb:15:1b:21:c2:f3:5a:
         6a:31:f8:f0:a9:4c:05:f6:92:c9:90:82:82:ea:e7:fa:c6:fd:
         e0:8b:36:aa:d1:f3:41:20:9b:5b:37:fa:df:ee:db:cf:ae:b2:
         60:84:3b:26:b4:c1:f2:a4:d4:29:7d:67:b7:80:55:a2:68:9b:
         fc:5b:25:8c:f5:0e:38:42:7d:b8:18:3d:c3:35:94:5a:f7:33:
         a0:69:24:1d:34:3c:a7:ad:f1:60:3a:7b:83:40:ce:40:61:5a:
         06:25:a0:3f:61:03:52:71:94:38:c8:fb:56:da:1b:df:b9:11:
         88:1a:13:0c:a6:68:d9:94:58:23:ff:54:69:52:d5:5c:44:9c:
         6c:d9:c5:79:b8:fa:22:33:a8:9b:df:9b:1a:57:df:6e:89:28:
         c7:ad:c6:f0:63:d9:dd:9e:e1:cf:c9:93:66:30:73:27:11:ee:
         38:a1:fd:57:8f:20:4e:66:ae:7a:2f:65:48:ba:2f:a6:51:65:
         4c:fd:ba:04:8c:4a:23:15:57:34:c0:85:5a:ee:88:47:7a:79:
         d6:11:61:13:e3:26:62:da:43:ae:cd:9e:29:a4:22:e4:21:57:
         49:ee:68:60:3a:0c:b3:b8:fd:8c:22:10:fb:fb:47:30:ac:b3:
         47:e4:de:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW5eAR0XoZ+075Ka1vfidqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTE2MDcyNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRjZjJkYjg3NTU5NGMxZTdhZDg2YzNlMjUyMjI2MjdkMjBjMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPmcY6jO6ml229Z3RIUZqESYeVl9
+FflXTeqGlVK+DkSOy84DoMXU6GiXFyoTau/VXbaJ9w3vpetU5M2mEqIkYtfuOsA
2AL6piZoPza65t769Ssr1wMC8B5kUYygxDqK9tUr+Q5JlUeBDNiLw+SyhIdF5HNv
4xTE2uOGbogPot2tMlInHFPrh/pahzZjatmwqe2XUUhbkwqFfA3eUMuNby3Y6mZ4
3ZNTDzn/v5VU8ZEdSmmRkaWVnQaBCxcspQmc3WnnjsPG9mm5kbVuVjXIsMvc3snd
qcB9suTRBe/JLamI/+6+7vqXyoEhckt9hTOpqsjy22DMllE6ujwB1jpRGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvc8tuHVZTB562Gw+JSImJ9IMOMMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEveTl6eTI0ZFZsTUhuclliRDRsSWlZbjBndzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQhiMA0G
CSqGSIb3DQEBCwUAA4IBAQBzGTjTRB3t5PfcA7sVGyHC81pqMfjwqUwF9pLJkIKC
6uf6xv3gizaq0fNBIJtbN/rf7tvPrrJghDsmtMHypNQpfWe3gFWiaJv8WyWM9Q44
Qn24GD3DNZRa9zOgaSQdNDynrfFgOnuDQM5AYVoGJaA/YQNScZQ4yPtW2hvfuRGI
GhMMpmjZlFgj/1RpUtVcRJxs2cV5uPoiM6ib35saV99uiSjHrcbwY9ndnuHPyZNm
MHMnEe44of1XjyBOZq56L2VIui+mUWVM/boEjEojFVc0wIVa7ohHennWEWET4yZi
2kOuzZ4ppCLkIVdJ7mhgOgyzuP2MIhD7+0cwrLNH5N6g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org