Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/avByOHSg1eFs50MgzB5_zjvOII8.roa
File:                     avByOHSg1eFs50MgzB5_zjvOII8.roa (raw, json)
Hash identifier:          S+4DH/qG31QQYzUVo5RAJpA7hi5hu7zss5dmKR3BPCo=
Subject key identifier:   6A:F0:72:38:74:A0:D5:E1:6C:E7:43:20:CC:1E:7F:CE:3B:CE:20:8F
Certificate issuer:       /CN=cac9804e227eaac9ac09b0821fc07ee2817777b5
Certificate serial:       01857102DE71540CCB60A81E63B096D03204
Authority key identifier: CA:C9:80:4E:22:7E:AA:C9:AC:09:B0:82:1F:C0:7E:E2:81:77:77:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/avByOHSg1eFs50MgzB5_zjvOII8.roa
Signing time:             Mon 02 Jan 2023 05:44:51 +0000
ROA not before:           Mon 02 Jan 2023 05:44:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        45.91.255.0/24 maxlen: 24
                          193.57.172.0/24 maxlen: 24
                          2a11:5ec0::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:02:de:71:54:0c:cb:60:a8:1e:63:b0:96:d0:32:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cac9804e227eaac9ac09b0821fc07ee2817777b5
        Validity
            Not Before: Jan  2 05:44:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6af0723874a0d5e16ce74320cc1e7fce3bce208f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f7:68:2e:f3:a8:9e:a0:b6:fa:7f:4f:2d:d5:
                    ee:6c:44:ee:f9:50:eb:36:0b:56:9e:cd:2d:52:ba:
                    5d:21:b2:52:e3:36:86:55:46:52:7c:cf:0f:f0:46:
                    e1:64:04:c2:8a:90:8f:57:15:6c:00:45:3b:41:3d:
                    6b:3d:35:a0:39:6e:b3:65:18:78:04:e9:c9:d5:73:
                    d2:8f:a1:58:1a:f9:04:32:96:ec:4d:03:8e:74:ad:
                    43:74:e5:aa:2a:cf:6b:42:37:4c:33:3b:25:e4:dd:
                    80:58:94:7c:79:d3:3f:d3:32:19:14:63:ac:5d:28:
                    16:7b:d0:24:6a:d8:53:52:0b:d9:cb:9e:56:7b:10:
                    06:ba:1b:74:ca:b3:0e:30:c8:e1:3b:c4:32:ca:23:
                    ab:63:25:fa:c7:4c:a3:ed:41:d3:37:0a:9a:6c:18:
                    07:44:2d:5d:bf:cf:c1:72:c2:c0:9a:9d:31:ac:24:
                    fd:d7:d6:d2:f3:ca:ba:52:f0:79:b5:9a:bb:0b:84:
                    2d:e0:74:f1:fc:6c:f8:a0:ff:33:6d:af:c0:36:fb:
                    f4:2d:28:57:40:c5:7e:18:95:b5:f5:21:09:91:b0:
                    90:78:03:db:21:eb:bc:bb:7f:a1:26:18:71:c9:b9:
                    c0:fe:43:6a:4c:2f:13:7b:8a:89:d6:6c:10:75:63:
                    f7:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F0:72:38:74:A0:D5:E1:6C:E7:43:20:CC:1E:7F:CE:3B:CE:20:8F
            X509v3 Authority Key Identifier:
                keyid:CA:C9:80:4E:22:7E:AA:C9:AC:09:B0:82:1F:C0:7E:E2:81:77:77:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/avByOHSg1eFs50MgzB5_zjvOII8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/ysmATiJ-qsmsCbCCH8B-4oF3d7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.255.0/24
                  193.57.172.0/24
                IPv6:
                  2a11:5ec0::/40

    Signature Algorithm: sha256WithRSAEncryption
         62:de:00:f5:3a:56:6e:0f:1a:85:3e:0c:b9:66:5e:83:68:6e:
         f2:98:7f:d4:0b:8e:2c:b4:67:fb:8f:22:4b:f6:73:16:64:34:
         fc:57:27:ad:4a:ec:3d:88:3b:42:41:4b:86:52:81:ac:c5:b5:
         cc:13:cb:5a:e6:01:2e:ff:35:96:34:c9:f0:49:1d:88:e1:56:
         1c:26:62:9e:4f:b2:36:32:d8:e5:28:c8:31:f4:2f:8e:b2:dc:
         ed:17:45:a0:1e:d1:b8:a3:73:0b:9f:c0:03:0b:76:ab:bf:5c:
         91:a9:49:7c:66:1d:1b:9a:6b:70:1e:c7:a0:c2:d2:a0:da:d2:
         58:7a:0e:48:09:17:db:70:18:c0:44:d2:3d:fe:13:9d:6b:36:
         78:a0:6f:1d:40:a0:85:a0:c8:7d:14:57:4f:c7:67:15:04:f2:
         5f:30:a0:0d:d1:ac:f4:89:b0:d5:c3:77:a8:80:02:99:0b:20:
         41:80:5e:55:0c:52:45:8d:af:0f:f9:38:bb:4f:2f:78:7d:bf:
         63:8f:7b:7f:f0:f6:87:cc:96:c8:74:d0:95:2e:c7:8d:d1:17:
         90:ce:7b:65:a9:a5:cb:bb:a7:9d:8a:95:f2:15:df:ac:28:21:
         9e:90:45:1e:37:97:7e:68:bc:dc:91:12:83:06:f8:78:b8:e1:
         a2:06:d3:ec
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVxAt5xVAzLYKgeY7CW0DIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYzk4MDRlMjI3ZWFhYzlhYzA5YjA4MjFmYzA3ZWUyODE3
Nzc3YjUwHhcNMjMwMTAyMDU0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWYwNzIzODc0YTBkNWUxNmNlNzQzMjBjYzFlN2ZjZTNiY2UyMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/doLvOonqC2+n9PLdXubETu+VDr
NgtWns0tUrpdIbJS4zaGVUZSfM8P8EbhZATCipCPVxVsAEU7QT1rPTWgOW6zZRh4
BOnJ1XPSj6FYGvkEMpbsTQOOdK1DdOWqKs9rQjdMMzsl5N2AWJR8edM/0zIZFGOs
XSgWe9AkathTUgvZy55WexAGuht0yrMOMMjhO8QyyiOrYyX6x0yj7UHTNwqabBgH
RC1dv8/BcsLAmp0xrCT919bS88q6UvB5tZq7C4Qt4HTx/Gz4oP8zba/ANvv0LShX
QMV+GJW19SEJkbCQeAPbIeu8u3+hJhhxybnA/kNqTC8Te4qJ1mwQdWP39QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGrwcjh0oNXhbOdDIMwef847ziCPMB8GA1UdIwQY
MBaAFMrJgE4ifqrJrAmwgh/AfuKBd3e1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXNtQVRpSi1xc21zQ2JDQ0g4Qi00b0YzZDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9iY2VhNWQtNTE0ZS00ZjUyLWI0OWEt
OTBmYjU3ZDQwY2E3LzEvYXZCeU9IU2cxZUZzNTBNZ3pCNV96anZPSUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9iY2VhNWQtNTE0ZS00ZjUyLWI0OWEtOTBmYjU3ZDQwY2E3
LzEveXNtQVRpSi1xc21zQ2JDQ0g4Qi00b0YzZDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALVv/AwQA
wTmsMA4EAgACMAgDBgAqEV7AADANBgkqhkiG9w0BAQsFAAOCAQEAYt4A9TpWbg8a
hT4MuWZeg2hu8ph/1AuOLLRn+48iS/ZzFmQ0/FcnrUrsPYg7QkFLhlKBrMW1zBPL
WuYBLv81ljTJ8EkdiOFWHCZink+yNjLY5SjIMfQvjrLc7RdFoB7RuKNzC5/AAwt2
q79ckalJfGYdG5prcB7HoMLSoNrSWHoOSAkX23AYwETSPf4TnWs2eKBvHUCghaDI
fRRXT8dnFQTyXzCgDdGs9Imw1cN3qIACmQsgQYBeVQxSRY2vD/k4u08veH2/Y497
f/D2h8yWyHTQlS7HjdEXkM57Zamly7unnYqV8hXfrCghnpBFHjeXfmi83JESgwb4
eLjhogbT7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:11 2024 by rpki-client on console-ams.rpki-client.org