Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/DsOzF0QvBBqMJ99uuyD0Z8rWyC8.roa
File:                     DsOzF0QvBBqMJ99uuyD0Z8rWyC8.roa (raw, json)
Hash identifier:          A/t5odIpJ3FQ79n+zj943jR+tcO/JepDVNN4YNCxd2c=
Subject key identifier:   0E:C3:B3:17:44:2F:04:1A:8C:27:DF:6E:BB:20:F4:67:CA:D6:C8:2F
Certificate issuer:       /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial:       01856FCB87721F838E4718AB1EC83AF31786
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/DsOzF0QvBBqMJ99uuyD0Z8rWyC8.roa
Signing time:             Mon 02 Jan 2023 00:04:47 +0000
ROA not before:           Mon 02 Jan 2023 00:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        45.133.136.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Thu 28 Sep 2023 13:59:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:87:72:1f:83:8e:47:18:ab:1e:c8:3a:f3:17:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
        Validity
            Not Before: Jan  2 00:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ec3b317442f041a8c27df6ebb20f467cad6c82f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:99:45:f8:71:3a:7e:ab:db:46:a1:55:71:c0:
                    be:5d:d3:67:a9:79:70:bb:5b:5f:13:f8:a6:fa:d0:
                    09:a1:e0:3d:cc:77:39:eb:65:f3:91:5b:33:39:07:
                    9e:a5:04:50:d7:61:10:2b:85:bd:51:75:cc:95:ba:
                    a8:11:a7:8c:ef:11:11:be:36:88:e2:c4:81:6d:36:
                    bf:d7:e8:25:22:dd:a8:c6:09:4e:75:76:5a:19:53:
                    af:7b:72:38:e8:c2:6d:e4:25:6f:c4:83:10:67:53:
                    10:5b:09:6c:6d:10:f3:67:04:10:40:48:0f:5c:18:
                    40:e2:50:52:1f:2e:cb:0e:e6:ab:48:32:f1:0c:e4:
                    78:1b:67:30:a0:c2:6b:62:76:98:48:9a:22:17:56:
                    be:92:c6:01:58:96:52:fa:fb:a9:35:6c:3f:4e:f6:
                    1f:bb:23:f5:c1:22:eb:13:34:9e:44:e4:f8:7c:67:
                    a4:ae:36:a9:d3:82:53:29:55:b1:9f:8f:e2:1a:2c:
                    fa:a5:70:0c:2a:ed:80:ea:4e:b7:e1:f5:7a:fe:7b:
                    c6:c4:54:bb:20:b6:1d:8b:d6:b5:c5:a7:00:c0:8d:
                    bb:1c:aa:14:70:81:89:c1:c9:8b:f7:5d:e0:f9:56:
                    10:d7:12:1e:83:5a:fa:65:5f:91:d1:74:61:63:07:
                    b6:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:C3:B3:17:44:2F:04:1A:8C:27:DF:6E:BB:20:F4:67:CA:D6:C8:2F
            X509v3 Authority Key Identifier:
                keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/DsOzF0QvBBqMJ99uuyD0Z8rWyC8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:7f:65:e6:82:69:cb:e5:d5:14:11:c8:f1:9b:02:bd:b9:6b:
         48:16:81:b9:e6:24:47:0d:ba:99:0a:80:f6:5c:26:bb:49:c4:
         6f:f8:2d:29:96:51:1b:01:cf:48:b3:f0:a2:b3:f3:8e:fe:25:
         79:8a:49:28:94:9f:d3:e9:d4:e5:46:5f:f5:c3:68:8f:65:fc:
         c2:ee:81:70:e6:0c:4f:b5:2b:f9:d6:e9:c8:74:4c:72:ab:bd:
         22:93:76:94:fe:c7:24:d2:92:90:2c:3a:13:68:5b:41:e7:ff:
         27:85:a5:cd:a7:37:53:26:ae:fd:69:aa:1a:f3:39:f3:d1:e7:
         b0:8b:63:d8:ce:37:df:3b:c6:05:6c:2b:2e:cc:0b:a7:a6:bc:
         39:58:96:16:74:a7:a9:7f:d5:3c:c0:bc:0d:a3:52:03:42:c2:
         72:89:e7:81:b0:90:77:85:46:0a:4c:0c:c1:c0:3b:cd:39:6c:
         67:f5:02:99:83:f2:e9:af:30:94:ea:26:2f:17:c2:bd:a6:8e:
         6d:17:96:ec:6b:c9:34:ff:af:c6:83:54:bd:3c:03:a0:4e:ab:
         0d:85:ee:1f:54:e6:8a:9c:c3:e1:fc:06:ba:e7:eb:c9:d0:cb:
         58:f6:5f:64:3c:bb:df:6f:cc:1b:14:c7:52:66:d9:fa:ba:38:
         67:75:ec:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy4dyH4OORxirHsg68xeGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMwMTAyMDAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWMzYjMxNzQ0MmYwNDFhOGMyN2RmNmViYjIwZjQ2N2NhZDZjODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5lF+HE6fqvbRqFVccC+XdNnqXlw
u1tfE/im+tAJoeA9zHc562XzkVszOQeepQRQ12EQK4W9UXXMlbqoEaeM7xERvjaI
4sSBbTa/1+glIt2oxglOdXZaGVOve3I46MJt5CVvxIMQZ1MQWwlsbRDzZwQQQEgP
XBhA4lBSHy7LDuarSDLxDOR4G2cwoMJrYnaYSJoiF1a+ksYBWJZS+vupNWw/TvYf
uyP1wSLrEzSeROT4fGekrjap04JTKVWxn4/iGiz6pXAMKu2A6k634fV6/nvGxFS7
ILYdi9a1xacAwI27HKoUcIGJwcmL913g+VYQ1xIeg1r6ZV+R0XRhYwe2hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7DsxdELwQajCffbrsg9GfK1sgvMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvRHNPekYwUXZCQnFNSjk5dXV5RDBaOHJXeUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYWIMA0G
CSqGSIb3DQEBCwUAA4IBAQBif2XmgmnL5dUUEcjxmwK9uWtIFoG55iRHDbqZCoD2
XCa7ScRv+C0pllEbAc9Is/Cis/OO/iV5ikkolJ/T6dTlRl/1w2iPZfzC7oFw5gxP
tSv51unIdExyq70ik3aU/sck0pKQLDoTaFtB5/8nhaXNpzdTJq79aaoa8znz0eew
i2PYzjffO8YFbCsuzAunprw5WJYWdKepf9U8wLwNo1IDQsJyieeBsJB3hUYKTAzB
wDvNOWxn9QKZg/LprzCU6iYvF8K9po5tF5bsa8k0/6/Gg1S9PAOgTqsNhe4fVOaK
nMPh/Aa65+vJ0MtY9l9kPLvfb8wbFMdSZtn6ujhndexh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org