Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LQ8gsWS_xGKBczW8oTvnjMXqZXc.roa
File:                     LQ8gsWS_xGKBczW8oTvnjMXqZXc.roa (raw, json)
Hash identifier:          uo1zyN4G8kc5UTMBDX6TSV46a9DWWejq9JblWjVZPZE=
Subject key identifier:   2D:0F:20:B1:64:BF:C4:62:81:73:35:BC:A1:3B:E7:8C:C5:EA:65:77
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018C7347FDF312293F5646509786A221BC02
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LQ8gsWS_xGKBczW8oTvnjMXqZXc.roa
Signing time:             Sat 16 Dec 2023 15:39:07 +0000
ROA not before:           Sat 16 Dec 2023 15:39:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205361
IP address blocks:        45.8.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:73:47:fd:f3:12:29:3f:56:46:50:97:86:a2:21:bc:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Dec 16 15:39:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2d0f20b164bfc462817335bca13be78cc5ea6577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b1:60:73:fb:0b:2c:b5:ff:1c:07:51:30:c3:
                    35:0a:ef:fc:6e:7d:92:9e:3f:d9:84:42:2c:45:f9:
                    05:57:df:92:ab:0e:ae:fe:e2:1f:c4:e0:91:02:c8:
                    91:d3:29:9c:0e:e4:51:10:3b:0c:63:1a:f4:02:ea:
                    45:0d:0c:e1:1e:63:d8:aa:ed:67:5d:ec:6c:d9:f9:
                    b3:14:55:d0:38:6f:4f:81:6a:f6:d8:c8:63:00:bf:
                    5b:4e:9b:f9:41:28:1e:68:f6:84:24:90:c5:1c:8d:
                    14:e3:5f:86:15:7d:64:2b:93:b1:15:35:b0:5e:f5:
                    d9:cc:60:fb:76:b7:31:4f:2d:91:22:89:61:99:8d:
                    8e:22:cc:b0:ff:fa:a2:d5:bd:72:04:58:c5:f0:fe:
                    80:fa:94:89:9f:85:61:eb:54:20:da:9b:a3:bf:8f:
                    e7:ee:cc:3d:d8:11:0d:a9:2b:3f:21:f5:ae:c3:94:
                    bd:6a:62:4f:ef:8d:2e:a2:c3:a9:5b:c4:14:fe:10:
                    13:76:7d:7d:88:b1:08:d7:8c:01:ca:4a:46:a1:18:
                    78:9e:01:ab:43:65:db:08:6d:e4:7d:e7:5d:7a:76:
                    d9:bb:58:bf:49:31:34:9e:1a:71:71:a3:15:53:40:
                    64:d5:31:6c:e5:66:05:a3:48:93:c5:c6:d2:fa:dc:
                    8c:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:0F:20:B1:64:BF:C4:62:81:73:35:BC:A1:3B:E7:8C:C5:EA:65:77
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LQ8gsWS_xGKBczW8oTvnjMXqZXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:b4:12:5d:f8:e9:39:ec:9f:62:b8:85:5d:ec:c0:35:66:70:
         aa:fe:20:a0:8b:57:6d:a3:42:5d:87:ac:9e:4c:89:d5:e4:32:
         04:f3:99:08:6a:49:45:96:14:ca:83:ea:82:07:ca:75:b8:47:
         c8:4e:14:bb:d8:bb:ba:a2:ce:ac:d1:2b:d3:5d:da:c7:dc:be:
         54:dd:57:4a:a5:d6:79:5f:a2:63:dd:f0:9d:76:39:d2:df:a9:
         b7:cd:29:85:1f:0d:84:03:f7:12:d2:ac:a1:bb:7c:e5:8a:71:
         af:6a:2e:7d:90:bd:44:30:08:93:59:aa:6a:5a:19:08:68:56:
         db:71:07:ad:15:21:cf:ba:2f:d9:7b:17:86:b2:1a:11:1c:d6:
         d4:c4:60:fa:da:97:92:d6:36:2e:51:a1:fa:e3:e1:21:00:c5:
         86:c4:29:54:b0:6b:0d:eb:a2:9c:3c:cb:a7:85:d1:3b:58:e8:
         53:24:83:08:9f:0c:af:91:21:15:c6:06:55:13:7a:4e:25:0d:
         1e:7f:b3:fc:50:db:82:3d:69:cf:aa:ee:21:50:e2:16:d4:29:
         b0:b7:ba:3c:f3:63:64:82:d1:0a:67:5d:ed:35:4e:6f:10:c9:
         6f:f6:23:7f:d0:5e:69:8d:e8:92:28:45:c2:07:16:ff:99:9f:
         e0:49:07:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxzR/3zEik/VkZQl4aiIbwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMjE2MTUzOTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDBmMjBiMTY0YmZjNDYyODE3MzM1YmNhMTNiZTc4Y2M1ZWE2NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7Fgc/sLLLX/HAdRMMM1Cu/8bn2S
nj/ZhEIsRfkFV9+Sqw6u/uIfxOCRAsiR0ymcDuRREDsMYxr0AupFDQzhHmPYqu1n
Xexs2fmzFFXQOG9PgWr22MhjAL9bTpv5QSgeaPaEJJDFHI0U41+GFX1kK5OxFTWw
XvXZzGD7drcxTy2RIolhmY2OIsyw//qi1b1yBFjF8P6A+pSJn4Vh61Qg2pujv4/n
7sw92BENqSs/IfWuw5S9amJP740uosOpW8QU/hATdn19iLEI14wBykpGoRh4ngGr
Q2XbCG3kfeddenbZu1i/STE0nhpxcaMVU0Bk1TFs5WYFo0iTxcbS+tyMwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0PILFkv8RigXM1vKE754zF6mV3MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTFE4Z3NXU194R0tCY3pXOG9Udm5qTVhxWlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjIMA0G
CSqGSIb3DQEBCwUAA4IBAQABtBJd+Ok57J9iuIVd7MA1ZnCq/iCgi1dto0Jdh6ye
TInV5DIE85kIaklFlhTKg+qCB8p1uEfIThS72Lu6os6s0SvTXdrH3L5U3VdKpdZ5
X6Jj3fCddjnS36m3zSmFHw2EA/cS0qyhu3zlinGvai59kL1EMAiTWapqWhkIaFbb
cQetFSHPui/ZexeGshoRHNbUxGD62peS1jYuUaH64+EhAMWGxClUsGsN66KcPMun
hdE7WOhTJIMInwyvkSEVxgZVE3pOJQ0ef7P8UNuCPWnPqu4hUOIW1Cmwt7o882Nk
gtEKZ13tNU5vEMlv9iN/0F5pjeiSKEXCBxb/mZ/gSQfk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org