Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0RGEQoKHQqwDw8LPLufUzDNexlk.roa
File:                     0RGEQoKHQqwDw8LPLufUzDNexlk.roa (raw, json)
Hash identifier:          TI3C4pw6PfGoUNFcuSHbmnKFofMLdcFXCVtsrDbVvog=
Subject key identifier:   D1:11:84:42:82:87:42:AC:03:C3:C2:CF:2E:E7:D4:CC:33:5E:C6:59
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018C1FB4589A3AAD5C023B33F860543C8400
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0RGEQoKHQqwDw8LPLufUzDNexlk.roa
Signing time:             Thu 30 Nov 2023 10:09:21 +0000
ROA not before:           Thu 30 Nov 2023 10:09:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.8.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 Nov 2023 15:18:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1f:b4:58:9a:3a:ad:5c:02:3b:33:f8:60:54:3c:84:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Nov 30 10:09:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1118442828742ac03c3c2cf2ee7d4cc335ec659
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:0a:04:d7:c2:a5:4e:58:d8:4a:4b:c9:fd:cd:
                    8d:c5:38:fc:4b:95:02:85:d9:f0:38:ec:fe:6b:f2:
                    c8:79:cc:9b:09:8e:75:2e:db:1b:be:57:75:96:a2:
                    5c:f8:79:e2:f2:f0:37:8c:89:c9:87:73:f5:53:f9:
                    d8:33:5a:61:dd:60:7e:db:11:56:3f:b9:85:ec:d4:
                    6d:da:1a:72:be:f7:f0:d0:4f:c9:1f:b1:88:17:c3:
                    9f:a4:4f:5e:de:52:af:3a:50:02:d7:4e:07:0b:25:
                    36:8b:7e:21:df:5c:5e:4e:77:e0:4a:ce:dd:5d:19:
                    89:b5:7b:c9:7f:60:38:e9:f7:b7:e5:40:7d:a1:65:
                    a3:8f:08:4b:b2:47:8b:ed:ec:ed:a0:2a:c1:68:33:
                    cb:85:82:d3:02:a6:5b:bb:25:2b:04:cb:4e:1f:77:
                    5a:d7:37:48:0e:b6:5f:56:06:0e:0e:ba:19:c0:5e:
                    d2:6e:e6:43:9e:b5:aa:27:04:f4:3d:27:fa:83:08:
                    54:64:f3:91:9c:1b:99:e0:50:16:71:0a:c3:48:8c:
                    7f:4b:c1:c1:27:8a:90:06:b8:ad:17:00:26:95:b5:
                    6f:1e:10:9f:ae:e8:0d:24:7f:e7:97:60:08:48:47:
                    1e:10:82:bf:6b:08:cf:80:1c:6a:87:0b:2e:54:c6:
                    cd:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:11:84:42:82:87:42:AC:03:C3:C2:CF:2E:E7:D4:CC:33:5E:C6:59
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0RGEQoKHQqwDw8LPLufUzDNexlk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:80:4a:25:21:cd:8f:cb:67:57:6b:11:d1:fb:fd:4b:51:05:
         59:a1:c8:da:21:eb:e2:1a:22:57:dd:d5:a3:d9:81:46:69:31:
         a1:8f:df:98:10:62:34:97:75:be:e7:12:b4:d6:04:00:de:31:
         e6:16:d9:08:0e:fd:7b:14:ad:2e:dd:fa:57:53:94:53:c2:ca:
         8b:0d:f9:1a:42:1f:95:14:ba:e8:17:f7:63:0a:8b:58:4e:eb:
         38:40:66:d3:f3:f1:8d:8b:61:e9:e1:4c:31:2d:85:ad:34:d3:
         71:53:37:9f:fe:39:af:87:3a:b9:5f:4b:7d:ee:89:4e:db:b6:
         57:5c:dd:14:67:d0:6e:b7:4e:4d:74:64:52:10:a5:bc:80:a4:
         20:a6:59:93:99:f2:07:da:d9:c0:6c:8f:5c:3d:9c:e5:85:7c:
         d0:ef:4e:6a:cf:22:c7:b7:6a:1a:86:4d:d7:19:52:26:a5:3f:
         cb:63:5d:a4:88:7a:5c:cb:59:e1:19:38:be:0d:d2:b2:26:28:
         97:41:1b:32:5c:06:de:65:b8:f7:6a:cc:52:53:c7:b8:70:59:
         30:c9:1c:e3:18:f1:50:76:47:be:7f:13:ce:ba:13:12:a6:ea:
         3d:c0:75:53:7f:48:b6:ed:3c:5c:cc:27:a9:35:c9:d1:3c:23:
         aa:43:fd:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwftFiaOq1cAjsz+GBUPIQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMTMwMTAwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTExODQ0MjgyODc0MmFjMDNjM2MyY2YyZWU3ZDRjYzMzNWVjNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgoE18KlTljYSkvJ/c2NxTj8S5UC
hdnwOOz+a/LIecybCY51Ltsbvld1lqJc+Hni8vA3jInJh3P1U/nYM1ph3WB+2xFW
P7mF7NRt2hpyvvfw0E/JH7GIF8OfpE9e3lKvOlAC104HCyU2i34h31xeTnfgSs7d
XRmJtXvJf2A46fe35UB9oWWjjwhLskeL7eztoCrBaDPLhYLTAqZbuyUrBMtOH3da
1zdIDrZfVgYODroZwF7SbuZDnrWqJwT0PSf6gwhUZPORnBuZ4FAWcQrDSIx/S8HB
J4qQBritFwAmlbVvHhCfrugNJH/nl2AISEceEIK/awjPgBxqhwsuVMbN+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNERhEKCh0KsA8PCzy7n1MwzXsZZMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMFJHRVFvS0hRcXdEdzhMUEx1ZlV6RE5leGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQi5MA0G
CSqGSIb3DQEBCwUAA4IBAQBJgEolIc2Py2dXaxHR+/1LUQVZocjaIeviGiJX3dWj
2YFGaTGhj9+YEGI0l3W+5xK01gQA3jHmFtkIDv17FK0u3fpXU5RTwsqLDfkaQh+V
FLroF/djCotYTus4QGbT8/GNi2Hp4UwxLYWtNNNxUzef/jmvhzq5X0t97olO27ZX
XN0UZ9But05NdGRSEKW8gKQgplmTmfIH2tnAbI9cPZzlhXzQ705qzyLHt2oahk3X
GVImpT/LY12kiHpcy1nhGTi+DdKyJiiXQRsyXAbeZbj3asxSU8e4cFkwyRzjGPFQ
dke+fxPOuhMSpuo9wHVTf0i27TxczCepNcnRPCOqQ/01
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org