Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NDj_gQEOtu5oby-ryO7roe3S3Fs.roa
File:                     NDj_gQEOtu5oby-ryO7roe3S3Fs.roa (raw, json)
Hash identifier:          7JFhWSi17PcMVKM/bXONMzM7yCxhVAH8jKNmVtl1Ye0=
Subject key identifier:   34:38:FF:81:01:0E:B6:EE:68:6F:2F:AB:C8:EE:EB:A1:ED:D2:DC:5B
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018602528643FADD1E24927CA6D65FAC8172
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NDj_gQEOtu5oby-ryO7roe3S3Fs.roa
Signing time:             Mon 30 Jan 2023 10:56:48 +0000
ROA not before:           Mon 30 Jan 2023 10:56:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200181
IP address blocks:        45.8.200.0/24 maxlen: 24
                          5.180.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 16 Dec 2023 15:39:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:02:52:86:43:fa:dd:1e:24:92:7c:a6:d6:5f:ac:81:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan 30 10:56:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3438ff81010eb6ee686f2fabc8eeeba1edd2dc5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:4c:b9:06:2f:59:ca:0f:22:e6:82:0a:45:bb:
                    fd:03:07:69:9b:13:d1:fd:6d:2f:ac:56:6d:20:e4:
                    21:01:26:63:3b:8e:85:92:29:a4:be:83:f5:54:02:
                    29:8c:64:3e:9f:a2:d0:31:f6:98:47:83:d4:43:b6:
                    89:78:47:ff:43:07:9b:17:73:07:8e:84:49:72:da:
                    ab:78:70:c4:85:67:21:03:0b:8d:0f:a4:0a:8f:92:
                    b8:9b:3f:8d:cf:d4:e6:7c:b8:3c:7f:f1:e3:0d:17:
                    d0:93:c8:36:0c:cf:d8:ab:58:b7:5b:18:70:38:13:
                    78:59:57:41:c4:7e:7c:c6:64:6c:52:61:45:82:19:
                    71:f7:3f:70:1c:33:37:a7:1a:a1:6e:07:e6:68:02:
                    a5:5e:d3:07:c9:24:11:6b:f2:a6:b0:b5:24:bb:d3:
                    b0:b2:d5:87:a3:3f:62:88:b8:8e:d4:14:95:9f:bc:
                    55:3a:20:7f:28:dc:d8:11:f0:6d:5c:2f:7b:ff:b1:
                    07:28:77:7c:41:54:28:ee:23:1c:81:a0:11:f5:bc:
                    68:21:04:12:95:ce:19:6a:e2:2d:bc:3f:95:f2:3f:
                    5c:5e:c4:35:5f:65:06:6a:79:f8:ce:b1:91:17:22:
                    ab:0e:40:28:56:fe:8c:2f:0c:4f:db:6a:03:56:cd:
                    9c:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:38:FF:81:01:0E:B6:EE:68:6F:2F:AB:C8:EE:EB:A1:ED:D2:DC:5B
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NDj_gQEOtu5oby-ryO7roe3S3Fs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.48.0/24
                  45.8.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:ef:53:d8:81:3f:2b:23:01:ec:4a:fa:dd:c8:de:54:15:5a:
         be:c1:6a:40:b0:9b:5e:65:d4:83:01:8f:03:86:8e:92:7a:32:
         85:5d:03:f4:1f:54:ff:21:61:3d:f4:88:78:fc:48:e4:c9:fb:
         74:1f:83:0a:8c:d5:0b:f9:ba:52:4a:1c:bb:d0:e7:60:2f:a2:
         5f:d0:78:65:19:c0:68:f8:0f:e4:a6:67:b5:d6:2b:09:a0:52:
         d1:f5:f4:e9:79:3d:ba:3f:f6:3e:cd:ac:bb:6d:2c:8f:46:c9:
         c0:84:5e:d9:f9:e6:15:6e:2d:57:c0:e0:02:4f:b1:78:8b:1d:
         44:85:a1:ea:3b:21:6a:95:3c:c8:f7:aa:29:c6:18:5f:44:60:
         bf:84:3b:b7:03:46:b1:af:5d:63:fa:7f:1d:7e:89:10:dc:97:
         e7:a8:98:84:d3:ca:d8:1c:e0:fc:9e:ce:32:27:82:7f:19:1a:
         3b:b8:da:ab:d5:8b:c7:ff:a7:b1:c0:37:bc:47:d2:d2:15:a4:
         35:02:5b:15:d5:4f:3b:b9:6e:38:f2:2f:7b:17:51:e4:5b:e3:
         a9:c9:de:09:2e:4e:f5:fc:ef:13:02:4f:2f:4f:dc:f1:54:a7:
         35:8c:e4:3f:ae:8b:b8:78:17:35:c4:62:a9:96:6e:10:d5:98:
         71:48:00:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYCUoZD+t0eJJJ8ptZfrIFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTMwMTA1NjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM4ZmY4MTAxMGViNmVlNjg2ZjJmYWJjOGVlZWJhMWVkZDJkYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0y5Bi9Zyg8i5oIKRbv9AwdpmxPR
/W0vrFZtIOQhASZjO46FkimkvoP1VAIpjGQ+n6LQMfaYR4PUQ7aJeEf/QwebF3MH
joRJctqreHDEhWchAwuND6QKj5K4mz+Nz9TmfLg8f/HjDRfQk8g2DM/Yq1i3Wxhw
OBN4WVdBxH58xmRsUmFFghlx9z9wHDM3pxqhbgfmaAKlXtMHySQRa/KmsLUku9Ow
stWHoz9iiLiO1BSVn7xVOiB/KNzYEfBtXC97/7EHKHd8QVQo7iMcgaAR9bxoIQQS
lc4ZauItvD+V8j9cXsQ1X2UGann4zrGRFyKrDkAoVv6MLwxP22oDVs2cyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDQ4/4EBDrbuaG8vq8ju66Ht0txbMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTkRqX2dRRU90dTVvYnktcnlPN3JvZTNTM0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQwAwQA
LQjIMA0GCSqGSIb3DQEBCwUAA4IBAQAp71PYgT8rIwHsSvrdyN5UFVq+wWpAsJte
ZdSDAY8Dho6SejKFXQP0H1T/IWE99Ih4/Ejkyft0H4MKjNUL+bpSShy70OdgL6Jf
0HhlGcBo+A/kpme11isJoFLR9fTpeT26P/Y+zay7bSyPRsnAhF7Z+eYVbi1XwOAC
T7F4ix1EhaHqOyFqlTzI96opxhhfRGC/hDu3A0axr11j+n8dfokQ3JfnqJiE08rY
HOD8ns4yJ4J/GRo7uNqr1YvH/6exwDe8R9LSFaQ1AlsV1U87uW448i97F1HkW+Op
yd4JLk71/O8TAk8vT9zxVKc1jOQ/rou4eBc1xGKplm4Q1ZhxSACs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org