Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iGt8tOcNYXDwfcP1rdqSNM4xAh8.roa
File:                     iGt8tOcNYXDwfcP1rdqSNM4xAh8.roa (raw, json)
Hash identifier:          vXsu5Vt1fNOugCfEfgltlR1MYIlQ2KQifQ8+27UPB38=
Subject key identifier:   88:6B:7C:B4:E7:0D:61:70:F0:7D:C3:F5:AD:DA:92:34:CE:31:02:1F
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018CC8DE7F0EB761E6349B32F91E35046CF0
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iGt8tOcNYXDwfcP1rdqSNM4xAh8.roa
Signing time:             Tue 02 Jan 2024 06:31:13 +0000
ROA not before:           Tue 02 Jan 2024 06:31:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5065
IP address blocks:        45.9.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Feb 2024 11:40:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:7f:0e:b7:61:e6:34:9b:32:f9:1e:35:04:6c:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  2 06:31:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=886b7cb4e70d6170f07dc3f5adda9234ce31021f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:7c:22:32:2a:fd:43:fa:06:c7:2b:14:69:49:
                    11:69:a7:77:b4:85:44:4e:e7:d2:d8:d3:8f:d7:97:
                    a1:1d:3e:0f:ab:4b:6d:3c:ea:f1:23:20:03:d2:5a:
                    88:5e:88:c7:17:bc:3f:86:a1:62:3e:2a:ec:5f:d8:
                    6e:b4:03:e8:46:ee:0d:61:f7:12:35:63:d3:92:0c:
                    c0:7a:18:ec:67:a0:d5:3a:20:40:92:ad:45:30:c1:
                    ba:f0:1e:f9:f5:28:dc:d4:f3:a2:7f:80:c6:9e:b6:
                    50:5b:a0:12:db:f2:87:e8:8f:c7:b0:2e:7a:0b:2d:
                    8d:9d:ef:af:7b:99:85:89:21:b2:18:73:bc:b1:64:
                    e6:d3:e4:6a:32:99:14:77:1b:65:9a:b1:97:d8:b6:
                    a5:1a:90:99:df:20:82:8c:48:a7:a2:7f:93:7f:2e:
                    53:ba:07:0d:d5:c2:6f:db:0a:d9:bf:04:51:b3:ac:
                    cd:0d:29:1b:ee:99:19:13:71:d7:54:ad:1c:4d:98:
                    74:c5:e1:e4:08:d8:bc:ae:7f:55:38:51:4a:77:47:
                    6a:79:7a:d4:f3:e5:04:67:e0:2f:01:22:27:9c:5d:
                    cf:d2:7f:45:32:b5:6e:20:38:c2:45:ea:b0:c0:d0:
                    97:01:8f:7e:96:8e:f1:e0:d0:1e:2c:95:e8:f1:34:
                    3c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:6B:7C:B4:E7:0D:61:70:F0:7D:C3:F5:AD:DA:92:34:CE:31:02:1F
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iGt8tOcNYXDwfcP1rdqSNM4xAh8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:7f:86:4c:89:4d:b8:8a:ad:cc:da:04:08:63:12:64:67:34:
         a9:af:2b:d8:c2:ce:fb:54:9e:23:62:5a:61:d9:b1:04:14:8f:
         c9:bb:35:af:41:a0:24:c7:75:19:fe:49:e9:bc:23:30:d0:a8:
         33:36:0b:e1:c5:17:9e:f1:1f:b8:06:52:e3:9b:65:23:63:0c:
         cf:af:a0:12:c4:bb:f4:e4:81:87:04:a8:f5:9a:e3:3c:92:d0:
         b2:5e:ee:08:9d:d6:f9:cc:27:78:c7:27:06:d8:21:68:a2:b8:
         70:06:0b:81:52:f8:33:c1:0b:59:4c:69:87:68:39:a3:3b:2b:
         24:68:6a:b5:83:81:d5:55:65:17:13:56:76:38:ba:27:27:c5:
         9c:58:43:4d:48:54:0d:13:17:60:fa:f0:36:0d:98:a5:61:03:
         54:08:23:45:f9:69:6b:e5:f0:0a:8b:58:ee:6b:55:9a:c0:37:
         08:35:2b:34:73:e4:8a:94:f1:78:d5:19:17:10:fb:60:9e:c9:
         d1:07:4d:10:a6:55:d9:71:83:73:e5:9d:cf:02:7c:92:da:78:
         b4:83:68:a7:a8:08:d8:5a:c4:8a:01:e0:09:0c:92:b0:f1:c3:
         61:cb:5c:85:1e:c3:c7:d4:8c:58:ae:45:14:f9:20:c5:08:48:
         0d:d1:90:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3n8Ot2HmNJsy+R41BGzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZiN2NiNGU3MGQ2MTcwZjA3ZGMzZjVhZGRhOTIzNGNlMzEwMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHwiMir9Q/oGxysUaUkRaad3tIVE
TufS2NOP15ehHT4Pq0ttPOrxIyAD0lqIXojHF7w/hqFiPirsX9hutAPoRu4NYfcS
NWPTkgzAehjsZ6DVOiBAkq1FMMG68B759Sjc1POif4DGnrZQW6AS2/KH6I/HsC56
Cy2Nne+ve5mFiSGyGHO8sWTm0+RqMpkUdxtlmrGX2LalGpCZ3yCCjEinon+Tfy5T
ugcN1cJv2wrZvwRRs6zNDSkb7pkZE3HXVK0cTZh0xeHkCNi8rn9VOFFKd0dqeXrU
8+UEZ+AvASInnF3P0n9FMrVuIDjCReqwwNCXAY9+lo7x4NAeLJXo8TQ8vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhrfLTnDWFw8H3D9a3akjTOMQIfMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaUd0OHRPY05ZWER3ZmNQMXJkcVNOTTR4QWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQkDMA0G
CSqGSIb3DQEBCwUAA4IBAQCdf4ZMiU24iq3M2gQIYxJkZzSpryvYws77VJ4jYlph
2bEEFI/JuzWvQaAkx3UZ/knpvCMw0KgzNgvhxRee8R+4BlLjm2UjYwzPr6ASxLv0
5IGHBKj1muM8ktCyXu4Indb5zCd4xycG2CFoorhwBguBUvgzwQtZTGmHaDmjOysk
aGq1g4HVVWUXE1Z2OLonJ8WcWENNSFQNExdg+vA2DZilYQNUCCNF+Wlr5fAKi1ju
a1WawDcINSs0c+SKlPF41RkXEPtgnsnRB00QplXZcYNz5Z3PAnyS2ni0g2inqAjY
WsSKAeAJDJKw8cNhy1yFHsPH1IxYrkUU+SDFCEgN0ZC0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org