Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hgBqb1ZEmXO1DLmPk71mrq5mimQ.roa
File:                     hgBqb1ZEmXO1DLmPk71mrq5mimQ.roa (raw, json)
Hash identifier:          kHLQeNNNOFZgtk1UtSs0AMV3KVj+ohyakuwHGnsA2cM=
Subject key identifier:   86:00:6A:6F:56:44:99:73:B5:0C:B9:8F:93:BD:66:AE:AE:66:8A:64
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0188387C3A5B36A6712F22D2B828CD44D156
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hgBqb1ZEmXO1DLmPk71mrq5mimQ.roa
Signing time:             Sat 20 May 2023 09:27:25 +0000
ROA not before:           Sat 20 May 2023 09:27:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200131
IP address blocks:        45.8.200.0/24 maxlen: 24
                          5.180.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 16 Dec 2023 15:39:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:38:7c:3a:5b:36:a6:71:2f:22:d2:b8:28:cd:44:d1:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: May 20 09:27:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86006a6f56449973b50cb98f93bd66aeae668a64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fc:2b:79:da:32:b3:d1:2f:70:53:9c:1b:ea:
                    d6:eb:72:b5:f2:b7:93:45:61:ad:9b:4b:f3:9b:0e:
                    14:cd:9d:b9:aa:5a:6c:ef:11:14:0f:be:5a:82:aa:
                    7e:75:cd:66:07:b7:6b:27:40:0f:85:bf:2f:9c:ea:
                    ab:ef:2e:96:61:f0:27:43:08:7d:14:a4:63:f7:d5:
                    dd:01:62:7e:ce:01:a8:5a:46:76:08:b7:81:f8:93:
                    93:e7:8c:40:0e:22:60:cc:8e:97:ee:f0:2e:42:4d:
                    bc:a5:0a:61:77:0e:21:27:07:ac:d2:ee:d3:2f:cc:
                    0c:76:62:aa:a2:f2:b4:4b:79:19:cf:c5:e7:0c:eb:
                    03:73:8e:95:51:56:41:50:f2:78:a6:64:43:bf:37:
                    c6:01:50:64:c2:94:c4:dd:c2:66:9d:e1:89:86:b1:
                    ce:01:4d:05:4b:d2:2b:c6:47:51:7e:f8:7e:4e:67:
                    65:9f:3d:0d:a5:ff:1b:c8:c5:3e:30:a8:29:a1:17:
                    88:85:a7:87:c3:df:53:af:19:82:55:ca:1a:16:b0:
                    76:63:23:de:63:95:f1:61:0d:06:05:07:46:f9:01:
                    5c:cd:3b:e4:b9:60:2c:20:cf:7a:09:f3:bf:5c:d3:
                    f0:a4:60:86:88:cb:47:44:90:d8:17:9e:5d:af:8c:
                    13:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:00:6A:6F:56:44:99:73:B5:0C:B9:8F:93:BD:66:AE:AE:66:8A:64
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hgBqb1ZEmXO1DLmPk71mrq5mimQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.48.0/24
                  45.8.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:59:6d:b2:3f:2e:48:9c:b1:59:be:1d:e8:b2:71:c9:ed:af:
         14:c1:00:8b:a6:fd:58:ea:88:ba:bd:d6:bb:ab:8e:07:de:67:
         f1:5e:b2:66:93:98:fc:d4:c3:cd:20:5e:94:27:8e:72:21:fc:
         2a:60:be:bf:73:06:87:a2:85:53:d6:1d:fe:95:3d:6a:d0:45:
         e4:86:49:92:79:71:6f:ae:f9:20:6c:69:48:1f:f7:3e:7c:4b:
         d6:ae:7e:2f:78:e2:7d:e6:6e:a9:38:ac:74:55:ce:ce:58:14:
         2a:66:90:76:3d:3d:10:9c:a5:d2:ad:0b:1b:00:81:0b:de:12:
         d7:ef:22:b4:09:91:f5:11:f3:7b:28:e2:23:da:8a:b2:a8:e2:
         b7:54:42:12:3e:06:33:d4:e1:37:f3:df:bb:ee:cf:7c:4a:c8:
         5c:c6:42:b6:1b:67:9e:f8:df:28:61:17:2f:8e:fd:22:cd:18:
         6c:02:b1:22:66:5c:e8:74:72:be:b4:cf:13:70:e9:a7:4a:5d:
         86:35:66:a4:e5:6e:47:05:8d:ee:bc:d2:a4:9b:9b:f9:30:23:
         91:cd:58:40:a7:c5:78:3d:96:3f:45:2a:f4:a7:63:14:ac:3f:
         91:0c:b6:69:9f:a5:27:7d:99:dd:ef:25:8a:30:bd:51:63:94:
         29:15:ed:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYg4fDpbNqZxLyLSuCjNRNFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNTIwMDkyNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjAwNmE2ZjU2NDQ5OTczYjUwY2I5OGY5M2JkNjZhZWFlNjY4YTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPwredoys9EvcFOcG+rW63K18reT
RWGtm0vzmw4UzZ25qlps7xEUD75agqp+dc1mB7drJ0APhb8vnOqr7y6WYfAnQwh9
FKRj99XdAWJ+zgGoWkZ2CLeB+JOT54xADiJgzI6X7vAuQk28pQphdw4hJwes0u7T
L8wMdmKqovK0S3kZz8XnDOsDc46VUVZBUPJ4pmRDvzfGAVBkwpTE3cJmneGJhrHO
AU0FS9IrxkdRfvh+Tmdlnz0Npf8byMU+MKgpoReIhaeHw99TrxmCVcoaFrB2YyPe
Y5XxYQ0GBQdG+QFczTvkuWAsIM96CfO/XNPwpGCGiMtHRJDYF55dr4wTIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIYAam9WRJlztQy5j5O9Zq6uZopkMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaGdCcWIxWkVtWE8xRExtUGs3MW1ycTVtaW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQwAwQA
LQjIMA0GCSqGSIb3DQEBCwUAA4IBAQCOWW2yPy5InLFZvh3osnHJ7a8UwQCLpv1Y
6oi6vda7q44H3mfxXrJmk5j81MPNIF6UJ45yIfwqYL6/cwaHooVT1h3+lT1q0EXk
hkmSeXFvrvkgbGlIH/c+fEvWrn4veOJ95m6pOKx0Vc7OWBQqZpB2PT0QnKXSrQsb
AIEL3hLX7yK0CZH1EfN7KOIj2oqyqOK3VEISPgYz1OE389+77s98SshcxkK2G2ee
+N8oYRcvjv0izRhsArEiZlzodHK+tM8TcOmnSl2GNWak5W5HBY3uvNKkm5v5MCOR
zVhAp8V4PZY/RSr0p2MUrD+RDLZpn6UnfZnd7yWKML1RY5QpFe2O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org