Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0jy0nkZnsA7ebHpLzzciXbxCj2Y.roa
File:                     0jy0nkZnsA7ebHpLzzciXbxCj2Y.roa (raw, json)
Hash identifier:          PSza6gvGusCVnmRgKfBDZyy7dBa+0+jC9fNS0qa10Gg=
Subject key identifier:   D2:3C:B4:9E:46:67:B0:0E:DE:6C:7A:4B:CF:37:22:5D:BC:42:8F:66
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018C77781213248B7CCA5FEDA72369351E2B
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0jy0nkZnsA7ebHpLzzciXbxCj2Y.roa
Signing time:             Sun 17 Dec 2023 11:10:06 +0000
ROA not before:           Sun 17 Dec 2023 11:10:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        45.15.143.0/24 maxlen: 24
                          5.253.38.0/24 maxlen: 24
                          45.92.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:77:78:12:13:24:8b:7c:ca:5f:ed:a7:23:69:35:1e:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Dec 17 11:10:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d23cb49e4667b00ede6c7a4bcf37225dbc428f66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0a:bb:54:c8:e2:f0:d6:b9:2f:b5:84:fd:78:
                    e1:f8:09:f6:67:15:56:46:4e:34:85:d1:69:d9:f9:
                    dd:5e:5b:9b:83:a1:68:b3:dd:06:1d:2d:ce:15:68:
                    55:7b:85:16:3e:69:b5:7c:90:50:79:bd:80:33:0b:
                    df:4d:a3:68:9b:6f:e9:b4:47:80:87:81:35:a2:27:
                    7d:21:cc:f3:c9:4e:f4:a2:07:22:31:8f:75:cc:a7:
                    8e:f7:6e:6d:dd:c9:ca:bc:25:14:f3:01:8d:01:a0:
                    3a:80:b5:03:e7:6c:ac:ea:2c:73:07:b3:22:89:04:
                    5b:e0:23:01:aa:2b:cf:e9:91:8d:c0:72:25:ca:c0:
                    80:26:53:03:61:1a:52:4d:f6:54:fd:1f:bd:40:68:
                    51:eb:82:0e:c3:7f:a3:73:2c:da:f1:b6:ba:3d:40:
                    91:30:b6:57:65:bc:0a:69:36:a3:1c:7f:b9:38:1e:
                    5d:45:68:53:50:76:50:77:de:5e:07:59:d3:a6:68:
                    0c:67:e8:5c:ea:ba:10:e9:fd:08:89:f5:97:17:e2:
                    43:d5:68:45:ce:07:d7:96:53:3e:4d:15:80:ae:79:
                    d6:ad:04:17:ce:a4:e2:3e:95:12:04:9e:5a:26:6b:
                    ad:78:50:cb:d7:17:67:35:aa:3a:19:90:06:f3:a0:
                    e9:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:3C:B4:9E:46:67:B0:0E:DE:6C:7A:4B:CF:37:22:5D:BC:42:8F:66
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0jy0nkZnsA7ebHpLzzciXbxCj2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.38.0/24
                  45.15.143.0/24
                  45.92.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:63:84:01:a7:8b:91:ab:8a:96:a1:d8:ed:a1:5f:1a:c8:67:
         b0:8a:9d:5e:1f:44:34:4e:99:fe:f3:0d:c9:6a:61:4f:45:5a:
         2e:a2:87:4a:2a:ed:40:6a:1c:32:63:ac:4f:4d:8a:ca:89:6c:
         e4:5f:b6:42:1d:b4:33:16:b1:5b:76:d7:60:f0:25:06:3e:77:
         75:f3:d3:87:75:38:48:9d:76:43:3c:db:01:99:83:0f:5f:e6:
         99:9f:77:55:1c:ae:a5:15:bf:65:12:b2:72:ff:b3:32:b4:ed:
         b8:5e:d5:41:f1:a9:70:46:0e:be:68:ef:af:b9:7d:b5:66:29:
         99:35:09:33:c7:59:a0:94:e8:92:09:33:99:69:3d:cb:e4:ea:
         a4:98:47:4b:c4:72:89:7c:b9:46:a1:96:a7:e9:65:e0:40:d6:
         54:1f:54:f1:26:c8:85:3a:52:fc:28:47:92:a3:37:3f:9a:a2:
         8c:be:a7:b0:67:f3:a8:a0:e8:3c:c6:d5:1e:fa:e6:6c:46:49:
         66:95:8e:be:02:7e:06:b3:5e:12:74:5c:9d:7b:90:03:23:38:
         59:8c:e5:41:27:65:fc:92:b2:dd:0b:b6:4d:a0:b1:f1:5d:38:
         3f:c8:c8:21:f0:48:66:c1:f1:4c:ee:5d:c1:fe:24:cd:21:f2:
         84:8f:8c:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx3eBITJIt8yl/tpyNpNR4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMjE3MTExMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjNjYjQ5ZTQ2NjdiMDBlZGU2YzdhNGJjZjM3MjI1ZGJjNDI4ZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwq7VMji8Na5L7WE/Xjh+An2ZxVW
Rk40hdFp2fndXlubg6Fos90GHS3OFWhVe4UWPmm1fJBQeb2AMwvfTaNom2/ptEeA
h4E1oid9IczzyU70ogciMY91zKeO925t3cnKvCUU8wGNAaA6gLUD52ys6ixzB7Mi
iQRb4CMBqivP6ZGNwHIlysCAJlMDYRpSTfZU/R+9QGhR64IOw3+jcyza8ba6PUCR
MLZXZbwKaTajHH+5OB5dRWhTUHZQd95eB1nTpmgMZ+hc6roQ6f0IifWXF+JD1WhF
zgfXllM+TRWArnnWrQQXzqTiPpUSBJ5aJmuteFDL1xdnNao6GZAG86Dp6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNI8tJ5GZ7AO3mx6S883Il28Qo9mMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMGp5MG5rWm5zQTdlYkhwTHp6Y2lYYnhDajJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABf0mAwQA
LQ+PAwQALVzDMA0GCSqGSIb3DQEBCwUAA4IBAQCsY4QBp4uRq4qWodjtoV8ayGew
ip1eH0Q0Tpn+8w3JamFPRVouoodKKu1AahwyY6xPTYrKiWzkX7ZCHbQzFrFbdtdg
8CUGPnd189OHdThInXZDPNsBmYMPX+aZn3dVHK6lFb9lErJy/7MytO24XtVB8alw
Rg6+aO+vuX21ZimZNQkzx1mglOiSCTOZaT3L5OqkmEdLxHKJfLlGoZan6WXgQNZU
H1TxJsiFOlL8KEeSozc/mqKMvqewZ/OooOg8xtUe+uZsRklmlY6+An4Gs14SdFyd
e5ADIzhZjOVBJ2X8krLdC7ZNoLHxXTg/yMgh8EhmwfFM7l3B/iTNIfKEj4yG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org