Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iZBXSUGftWrWEMsjj_k07gaeaEk.roa
File:                     iZBXSUGftWrWEMsjj_k07gaeaEk.roa (raw, json)
Hash identifier:          JOaf8xpipVlY26INVvdstdpewFQRRutfasE8h4/FYOM=
Subject key identifier:   89:90:57:49:41:9F:B5:6A:D6:10:CB:23:8F:F9:34:EE:06:9E:68:49
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018A94392F11A3BF409A690BB8A3057F21F7
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iZBXSUGftWrWEMsjj_k07gaeaEk.roa
Signing time:             Thu 14 Sep 2023 15:04:50 +0000
ROA not before:           Thu 14 Sep 2023 15:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142111
IP address blocks:        45.86.73.0/24 maxlen: 24
                          45.89.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:94:39:2f:11:a3:bf:40:9a:69:0b:b8:a3:05:7f:21:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Sep 14 15:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89905749419fb56ad610cb238ff934ee069e6849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:13:73:2a:09:c6:db:3b:94:65:20:03:36:3d:
                    37:59:97:e1:48:eb:6b:d6:a5:8b:fb:13:0a:81:e2:
                    03:05:10:02:5a:f0:d9:62:df:67:db:d2:27:82:b8:
                    84:06:d1:35:82:dc:f6:e2:25:55:44:f2:45:d6:08:
                    52:af:d7:f2:57:db:c0:73:65:3e:8d:d7:12:d7:2d:
                    41:20:f2:24:51:cd:50:19:d8:e4:10:2d:7b:56:e7:
                    65:f4:08:c1:88:88:76:87:43:5e:db:79:e3:a7:cc:
                    d5:3d:4a:ca:0c:30:4e:87:a7:1c:6d:41:9f:71:ca:
                    57:18:48:e1:08:dd:7c:63:e1:1b:3a:43:64:51:e2:
                    2e:3d:f2:fc:27:38:a8:31:3f:10:17:78:79:0b:16:
                    b9:70:5a:1e:d8:ee:9b:b3:a1:b0:b2:16:64:e6:19:
                    51:1d:c5:59:37:e1:d2:c7:28:82:7d:bb:fa:a9:25:
                    9d:da:72:d1:4c:89:67:46:25:67:94:ed:a6:5d:bd:
                    b9:d4:76:0b:f1:b1:9d:42:65:af:bc:e1:8e:f3:73:
                    51:09:17:c4:99:f9:e2:fa:5c:52:1e:5a:62:4d:89:
                    0c:fc:56:08:d1:e4:30:1e:b5:8c:70:e3:59:aa:cf:
                    dd:30:0d:2d:fe:9e:f9:0f:d8:d6:07:a8:d5:62:32:
                    45:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:90:57:49:41:9F:B5:6A:D6:10:CB:23:8F:F9:34:EE:06:9E:68:49
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iZBXSUGftWrWEMsjj_k07gaeaEk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.73.0/24
                  45.89.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:7b:3a:46:91:74:46:3b:2b:c8:ad:15:1d:a2:cf:a8:49:9e:
         29:39:c7:b6:e5:cc:34:12:6f:1b:b5:02:b6:19:4e:f3:57:4f:
         12:f7:17:60:e6:2c:2c:0a:93:69:2d:02:91:b4:f0:8b:a5:93:
         9c:33:6b:9c:2f:ba:a6:06:0a:55:d2:47:aa:22:48:46:7e:3b:
         25:96:9b:01:23:21:52:ca:92:3a:45:86:7a:ac:6b:b6:29:d0:
         26:39:7e:ce:02:94:4f:06:a1:ea:6c:b0:e8:71:80:5f:a7:68:
         8c:37:d1:9a:d0:1b:8e:f1:d3:04:0e:7d:a4:01:a2:4f:eb:5b:
         13:9f:74:72:85:3b:3d:04:b2:0f:2e:fe:38:d4:8c:d4:4a:22:
         13:64:49:7a:82:df:60:f2:40:bc:71:34:ef:b8:02:87:e1:e9:
         e1:43:91:62:03:01:ef:ff:31:ce:92:80:87:d5:73:d7:58:3c:
         5c:ab:e4:41:f2:12:f4:76:52:01:46:1e:fd:7e:e5:8b:87:29:
         a5:66:0d:95:e7:9b:a1:d1:6b:a7:f2:a6:45:7a:77:16:79:8e:
         fb:e3:39:c4:43:46:00:29:61:ab:25:59:76:fd:3e:8f:8f:47:
         a4:cf:f0:cb:34:af:ab:5d:a6:f2:d9:47:c1:3d:72:2a:60:31:
         d4:82:0b:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqUOS8Ro79AmmkLuKMFfyH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTE0MTUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTkwNTc0OTQxOWZiNTZhZDYxMGNiMjM4ZmY5MzRlZTA2OWU2ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxNzKgnG2zuUZSADNj03WZfhSOtr
1qWL+xMKgeIDBRACWvDZYt9n29IngriEBtE1gtz24iVVRPJF1ghSr9fyV9vAc2U+
jdcS1y1BIPIkUc1QGdjkEC17Vudl9AjBiIh2h0Ne23njp8zVPUrKDDBOh6ccbUGf
ccpXGEjhCN18Y+EbOkNkUeIuPfL8JzioMT8QF3h5Cxa5cFoe2O6bs6GwshZk5hlR
HcVZN+HSxyiCfbv6qSWd2nLRTIlnRiVnlO2mXb251HYL8bGdQmWvvOGO83NRCRfE
mfni+lxSHlpiTYkM/FYI0eQwHrWMcONZqs/dMA0t/p75D9jWB6jVYjJFLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImQV0lBn7Vq1hDLI4/5NO4GnmhJMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaVpCWFNVR2Z0V3JXRU1zampfazA3Z2FlYUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVZJAwQA
LVloMA0GCSqGSIb3DQEBCwUAA4IBAQClezpGkXRGOyvIrRUdos+oSZ4pOce25cw0
Em8btQK2GU7zV08S9xdg5iwsCpNpLQKRtPCLpZOcM2ucL7qmBgpV0keqIkhGfjsl
lpsBIyFSypI6RYZ6rGu2KdAmOX7OApRPBqHqbLDocYBfp2iMN9Ga0BuO8dMEDn2k
AaJP61sTn3RyhTs9BLIPLv441IzUSiITZEl6gt9g8kC8cTTvuAKH4enhQ5FiAwHv
/zHOkoCH1XPXWDxcq+RB8hL0dlIBRh79fuWLhymlZg2V55uh0Wun8qZFencWeY77
4znEQ0YAKWGrJVl2/T6Pj0ekz/DLNK+rXaby2UfBPXIqYDHUgguV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org