Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4IAFeynDXPWoZxGeiY805FAJrZI.roa
File:                     4IAFeynDXPWoZxGeiY805FAJrZI.roa (raw, json)
Hash identifier:          GozJWRMwvqbW5DU6M1YnSJ0vkhqpzC1EMwOa1BUihd4=
Subject key identifier:   E0:80:05:7B:29:C3:5C:F5:A8:67:11:9E:89:8F:34:E4:50:09:AD:92
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018CC8DE8E0D143AD8B327A41469956D086B
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4IAFeynDXPWoZxGeiY805FAJrZI.roa
Signing time:             Tue 02 Jan 2024 06:31:17 +0000
ROA not before:           Tue 02 Jan 2024 06:31:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204174
IP address blocks:        45.8.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Mar 2024 11:52:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:8e:0d:14:3a:d8:b3:27:a4:14:69:95:6d:08:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  2 06:31:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e080057b29c35cf5a867119e898f34e45009ad92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:24:1f:1a:1f:a6:3f:d9:f8:ea:ca:e8:b3:0b:
                    9d:7b:94:5e:a4:d9:77:84:ab:70:9c:24:ae:c9:3c:
                    78:ac:55:59:3e:cb:c0:be:a7:a4:74:96:e5:24:50:
                    83:20:de:92:1d:14:3a:38:ca:50:b8:48:cc:9f:7d:
                    58:b4:d5:3b:94:e7:4e:ea:7d:e8:8b:2e:9e:a9:ea:
                    93:e0:f5:43:63:41:5d:59:0d:c4:51:13:08:8c:61:
                    14:8d:1a:de:81:68:d4:a2:ff:c6:3a:c3:2d:7b:62:
                    89:91:0d:c6:e2:58:0f:bc:8c:7e:77:93:4e:80:e0:
                    74:fc:96:55:9d:aa:b6:1e:ca:5a:d0:92:91:9c:83:
                    27:e6:88:20:c9:5d:40:4f:18:3e:fa:a6:a7:b7:e1:
                    d0:2b:b2:13:ee:b9:42:0c:ac:9b:52:d3:e7:c6:e1:
                    e2:be:9c:13:84:ad:09:6a:e1:e9:3c:79:b3:a6:c2:
                    6a:36:81:12:b9:63:3e:35:cb:0a:c7:9d:f8:e7:9c:
                    17:ff:be:29:ea:b7:22:3c:16:fa:4c:e4:e0:31:c7:
                    59:be:43:36:11:d7:46:bf:53:55:9c:de:38:b2:ba:
                    52:0e:0f:22:f7:b6:f6:4d:3e:c1:0e:fe:b8:c5:53:
                    19:e5:4c:20:91:9d:81:30:69:51:66:1b:e8:09:6b:
                    c5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:80:05:7B:29:C3:5C:F5:A8:67:11:9E:89:8F:34:E4:50:09:AD:92
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4IAFeynDXPWoZxGeiY805FAJrZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:c8:c4:7d:ab:ca:53:db:0a:90:c7:4c:08:98:6f:c8:93:0a:
         b3:2a:d6:b7:da:42:b4:e3:51:ba:2b:c4:58:d3:55:de:29:68:
         a7:16:22:30:8b:8c:f1:6e:6a:db:1b:6a:b4:28:c4:5d:a5:6a:
         50:8f:00:b4:65:f9:e8:0b:f0:41:6b:33:b7:ba:44:27:e1:6f:
         74:d7:f4:46:2e:35:d6:cc:39:66:e0:e2:ff:37:c3:5f:b0:33:
         97:00:15:9c:76:bb:13:d5:88:b9:97:e3:64:9d:8e:25:cd:3f:
         46:32:e8:24:01:fc:aa:4b:38:74:44:5a:7c:f2:0b:d6:40:89:
         a0:fc:ee:14:ea:f4:02:ce:db:58:c3:df:36:39:d4:56:d9:97:
         ef:a9:09:02:b2:0b:be:39:dd:0b:c1:75:5d:e5:8c:9a:2c:8f:
         a1:87:df:05:f4:32:1d:d6:ba:4a:32:9a:8c:3f:1a:1f:4b:4c:
         5e:3b:6b:ad:dd:3e:fe:87:f8:a2:8c:57:9d:f8:8f:14:9c:e1:
         df:5b:c7:4c:ba:7d:70:59:f1:e0:5d:b8:80:70:3d:e1:3c:53:
         59:41:cd:87:75:4e:72:62:05:bd:8c:4e:29:e2:e4:2b:3c:7a:
         e1:45:21:cc:3f:58:2d:90:36:c5:0d:6d:0a:4b:13:d2:b5:cc:
         48:e9:af:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3o4NFDrYsyekFGmVbQhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDgwMDU3YjI5YzM1Y2Y1YTg2NzExOWU4OThmMzRlNDUwMDlhZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiQfGh+mP9n46sroswude5RepNl3
hKtwnCSuyTx4rFVZPsvAvqekdJblJFCDIN6SHRQ6OMpQuEjMn31YtNU7lOdO6n3o
iy6eqeqT4PVDY0FdWQ3EURMIjGEUjRregWjUov/GOsMte2KJkQ3G4lgPvIx+d5NO
gOB0/JZVnaq2Hspa0JKRnIMn5oggyV1ATxg++qant+HQK7IT7rlCDKybUtPnxuHi
vpwThK0JauHpPHmzpsJqNoESuWM+NcsKx53455wX/74p6rciPBb6TOTgMcdZvkM2
EddGv1NVnN44srpSDg8i97b2TT7BDv64xVMZ5UwgkZ2BMGlRZhvoCWvFXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOCABXspw1z1qGcRnomPNORQCa2SMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNElBRmV5bkRYUFdvWnhHZWlZODA1RkFKclpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjNMA0G
CSqGSIb3DQEBCwUAA4IBAQAAyMR9q8pT2wqQx0wImG/IkwqzKta32kK041G6K8RY
01XeKWinFiIwi4zxbmrbG2q0KMRdpWpQjwC0ZfnoC/BBazO3ukQn4W901/RGLjXW
zDlm4OL/N8NfsDOXABWcdrsT1Yi5l+NknY4lzT9GMugkAfyqSzh0RFp88gvWQImg
/O4U6vQCzttYw982OdRW2ZfvqQkCsgu+Od0LwXVd5YyaLI+hh98F9DId1rpKMpqM
PxofS0xeO2ut3T7+h/iijFed+I8UnOHfW8dMun1wWfHgXbiAcD3hPFNZQc2HdU5y
YgW9jE4p4uQrPHrhRSHMP1gtkDbFDW0KSxPStcxI6a9j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org