Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tSTkQ6lSOMrXxyJXXTvgCNr-eoY.roa
File:                     tSTkQ6lSOMrXxyJXXTvgCNr-eoY.roa (raw, json)
Hash identifier:          5D94JGrqVstYcjQzOTwsCN911NPgU4lupLrmW6D7Ko8=
Subject key identifier:   B5:24:E4:43:A9:52:38:CA:D7:C7:22:57:5D:3B:E0:08:DA:FE:7A:86
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018B1549BCFBA12A1D0D56BBC57C4885C01D
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tSTkQ6lSOMrXxyJXXTvgCNr-eoY.roa
Signing time:             Mon 09 Oct 2023 16:33:55 +0000
ROA not before:           Mon 09 Oct 2023 16:33:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61135
IP address blocks:        45.15.177.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 09 Dec 2023 08:10:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:15:49:bc:fb:a1:2a:1d:0d:56:bb:c5:7c:48:85:c0:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Oct  9 16:33:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b524e443a95238cad7c722575d3be008dafe7a86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:91:f7:09:3c:53:aa:fd:79:12:fc:a2:9e:53:
                    7f:44:b8:0e:a2:f1:13:55:8e:8c:4a:51:77:9b:29:
                    99:fb:63:84:45:56:1a:f7:c7:64:5f:67:48:47:9d:
                    05:d3:74:73:d2:79:9b:36:81:ce:c5:0d:33:87:8e:
                    95:70:e5:43:c5:cb:cf:1b:8a:02:78:40:62:95:5f:
                    6b:a7:58:aa:27:8a:7e:7c:3b:24:6b:78:00:1e:0b:
                    57:4b:b3:5b:01:39:00:89:5c:cf:0c:7d:bf:aa:18:
                    52:4d:ee:f7:7b:87:0b:ea:e3:a4:e5:33:b6:22:23:
                    84:cf:41:ef:03:48:7c:a9:f4:11:dc:20:bc:31:f0:
                    ae:1b:ef:1f:ef:97:ed:10:88:ba:52:cb:e2:0d:d5:
                    da:e5:d9:ed:ef:6b:ed:16:75:d6:f1:31:45:e1:13:
                    74:f8:0d:8e:a1:c9:4a:e3:ec:1c:55:76:e7:72:47:
                    33:55:10:51:92:a7:6d:36:6f:4c:ef:7c:1b:b5:f6:
                    f8:ea:d4:7f:2a:93:b5:9d:c1:b9:17:1a:bd:2c:c8:
                    b8:e6:dc:17:b7:4c:0d:dc:74:1a:ca:8c:4e:31:62:
                    f6:dd:5a:0c:fe:ff:72:fe:1b:d1:f5:00:44:8c:6a:
                    27:13:c0:54:f2:47:95:ca:cb:4d:7a:41:9f:85:8a:
                    f9:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:24:E4:43:A9:52:38:CA:D7:C7:22:57:5D:3B:E0:08:DA:FE:7A:86
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tSTkQ6lSOMrXxyJXXTvgCNr-eoY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.15.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:35:8f:d0:02:ef:87:1a:78:72:5c:18:dc:01:16:4e:61:95:
         c5:e0:86:3e:0a:bd:3b:cf:cb:35:82:dd:94:96:1b:9c:fc:e7:
         66:8c:14:7a:d4:73:a5:6d:4a:11:5a:1e:38:06:f6:9f:9c:77:
         c2:39:fb:01:1d:c7:0b:38:ac:d9:ef:28:8b:6e:98:9c:6c:a7:
         d0:ab:bc:48:97:19:6e:0a:ff:d9:b2:4c:2f:d0:5a:b9:9e:ef:
         7d:01:c7:74:41:8a:1d:80:92:2d:e5:6e:07:08:40:03:7d:6f:
         0a:2f:be:f4:e4:6d:42:ad:32:b3:dc:39:0d:8b:1f:89:1e:29:
         1d:23:9f:9c:d0:56:a6:70:17:b5:42:b6:22:27:39:80:73:30:
         d8:22:38:8c:4a:0b:03:ab:e2:3f:ff:80:83:c8:a1:ea:5f:9c:
         48:7d:94:49:4f:22:02:28:9c:75:36:15:28:c1:7e:7d:59:cc:
         1f:2e:61:49:65:91:8a:af:a4:84:2a:3c:98:00:e8:57:2b:2c:
         31:b4:5a:75:73:2c:aa:ed:4d:d7:0d:66:83:eb:71:4d:16:17:
         56:77:23:6a:49:02:e6:3d:cd:c0:d9:12:85:f3:83:88:10:65:
         8d:e8:ec:87:dc:8e:3b:30:00:c8:37:49:a2:ab:af:d1:f0:75:
         4b:fa:9a:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsVSbz7oSodDVa7xXxIhcAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMDA5MTYzMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI0ZTQ0M2E5NTIzOGNhZDdjNzIyNTc1ZDNiZTAwOGRhZmU3YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZH3CTxTqv15EvyinlN/RLgOovET
VY6MSlF3mymZ+2OERVYa98dkX2dIR50F03Rz0nmbNoHOxQ0zh46VcOVDxcvPG4oC
eEBilV9rp1iqJ4p+fDska3gAHgtXS7NbATkAiVzPDH2/qhhSTe73e4cL6uOk5TO2
IiOEz0HvA0h8qfQR3CC8MfCuG+8f75ftEIi6UsviDdXa5dnt72vtFnXW8TFF4RN0
+A2OoclK4+wcVXbnckczVRBRkqdtNm9M73wbtfb46tR/KpO1ncG5Fxq9LMi45twX
t0wN3HQayoxOMWL23VoM/v9y/hvR9QBEjGonE8BU8keVystNekGfhYr5jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUk5EOpUjjK18ciV1074Aja/nqGMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdFNUa1E2bFNPTXJYeHlKWFhUdmdDTnItZW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ+xMA0G
CSqGSIb3DQEBCwUAA4IBAQAFNY/QAu+HGnhyXBjcARZOYZXF4IY+Cr07z8s1gt2U
lhuc/OdmjBR61HOlbUoRWh44BvafnHfCOfsBHccLOKzZ7yiLbpicbKfQq7xIlxlu
Cv/Zskwv0Fq5nu99Acd0QYodgJIt5W4HCEADfW8KL7705G1CrTKz3DkNix+JHikd
I5+c0FamcBe1QrYiJzmAczDYIjiMSgsDq+I//4CDyKHqX5xIfZRJTyICKJx1NhUo
wX59WcwfLmFJZZGKr6SEKjyYAOhXKywxtFp1cyyq7U3XDWaD63FNFhdWdyNqSQLm
Pc3A2RKF84OIEGWN6OyH3I47MADIN0miq6/R8HVL+pot
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org