Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Nkk0A09iIz4rk_DSx0WT-PO5HBo.roa
File:                     Nkk0A09iIz4rk_DSx0WT-PO5HBo.roa (raw, json)
Hash identifier:          KsBNM3ktWECeKmMnntN/0oIsq37bLA18aulrMngC0Cg=
Subject key identifier:   36:49:34:03:4F:62:23:3E:2B:93:F0:D2:C7:45:93:F8:F3:B9:1C:1A
Certificate issuer:       /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial:       018C62B7B623D31197C0D730D4F9DF023211
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Nkk0A09iIz4rk_DSx0WT-PO5HBo.roa
Signing time:             Wed 13 Dec 2023 10:27:36 +0000
ROA not before:           Wed 13 Dec 2023 10:27:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197740
IP address blocks:        45.151.74.0/23 maxlen: 23
                          45.151.72.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:62:b7:b6:23:d3:11:97:c0:d7:30:d4:f9:df:02:32:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
        Validity
            Not Before: Dec 13 10:27:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=364934034f62233e2b93f0d2c74593f8f3b91c1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c0:23:ee:4d:86:5c:d6:db:96:65:e1:3c:b9:
                    32:c2:d3:47:27:4c:a6:57:66:a8:f7:72:82:d0:c1:
                    5b:49:78:d4:76:f3:e0:35:e2:74:af:77:52:74:5b:
                    bd:84:44:9e:a2:9d:d4:01:43:84:61:8c:43:54:58:
                    1d:28:b4:b1:05:d0:90:c9:72:c5:14:b0:de:ff:a6:
                    18:21:43:2b:f1:eb:36:ef:63:ad:0b:1e:0d:95:f0:
                    31:25:6f:e7:2b:7f:f5:16:c4:07:4c:dc:bc:ef:3f:
                    06:ac:d7:26:f5:6f:c7:3f:23:87:ae:21:6f:ef:f2:
                    8b:84:e9:ff:ac:c0:bb:f3:7d:60:a1:98:b4:63:80:
                    04:9f:db:81:af:6e:79:be:66:7d:bb:4a:88:c6:8b:
                    c7:8d:81:37:07:7c:57:72:9c:bb:30:44:69:3b:27:
                    d9:37:b8:65:5f:4d:9c:ba:22:61:dd:94:65:e3:2a:
                    ae:73:86:b4:22:a8:65:66:0e:43:66:87:0a:0d:f4:
                    54:2f:95:40:fa:20:a4:72:a9:d5:9f:60:d1:70:57:
                    a3:e5:42:47:4d:69:b6:ce:9f:eb:8c:ec:5d:99:24:
                    1a:cc:ee:51:d1:be:ea:f7:a9:0b:2b:36:f8:0a:86:
                    cd:e7:39:d6:9e:ae:1d:cb:47:71:4f:7d:05:24:a2:
                    d3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:49:34:03:4F:62:23:3E:2B:93:F0:D2:C7:45:93:F8:F3:B9:1C:1A
            X509v3 Authority Key Identifier:
                keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Nkk0A09iIz4rk_DSx0WT-PO5HBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:fe:67:71:32:35:7a:bd:ab:05:00:27:1f:9c:2a:38:18:90:
         6e:45:be:64:71:03:78:2d:03:c8:fc:f6:a3:df:d9:9e:ef:62:
         a4:c6:3c:f8:0e:ae:f8:73:2b:72:60:52:f7:e0:e2:5a:97:87:
         66:ab:2d:f6:dc:44:9a:53:e3:3f:c9:2d:72:93:4b:f3:87:af:
         85:31:e3:7a:33:e5:a2:2b:8a:da:5b:1c:12:9f:c0:fa:de:af:
         01:f2:db:ce:0c:5f:27:a4:9c:34:8c:25:28:aa:94:f5:15:5a:
         32:f0:74:99:43:3b:6c:f2:27:ca:8b:01:49:66:4b:9d:8f:40:
         f0:69:6f:0c:18:a4:37:85:5c:b1:c8:5b:25:3b:c5:e8:cb:4e:
         d1:91:ed:48:90:89:a7:4b:0b:9a:ba:61:6d:ec:61:fb:f0:03:
         9d:7d:dd:8a:90:0f:be:fa:64:9a:65:6c:3f:12:dd:5b:98:ca:
         31:36:94:42:e1:9c:ec:fb:c9:dd:b1:c0:38:e8:9b:58:43:08:
         84:2a:f0:39:7d:a1:41:60:60:ba:3e:fc:9c:81:7a:a6:d9:f5:
         8a:46:d2:82:52:0f:55:42:6f:da:1b:71:8a:02:50:c7:4f:c2:
         e1:03:9d:8c:63:9e:26:44:cd:d4:2c:dc:40:aa:ef:27:51:2a:
         99:57:4d:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxit7Yj0xGXwNcw1PnfAjIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMjEzMTAyNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ5MzQwMzRmNjIyMzNlMmI5M2YwZDJjNzQ1OTNmOGYzYjkxYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsAj7k2GXNbblmXhPLkywtNHJ0ym
V2ao93KC0MFbSXjUdvPgNeJ0r3dSdFu9hESeop3UAUOEYYxDVFgdKLSxBdCQyXLF
FLDe/6YYIUMr8es272OtCx4NlfAxJW/nK3/1FsQHTNy87z8GrNcm9W/HPyOHriFv
7/KLhOn/rMC7831goZi0Y4AEn9uBr255vmZ9u0qIxovHjYE3B3xXcpy7MERpOyfZ
N7hlX02cuiJh3ZRl4yquc4a0IqhlZg5DZocKDfRUL5VA+iCkcqnVn2DRcFej5UJH
TWm2zp/rjOxdmSQazO5R0b7q96kLKzb4CobN5znWnq4dy0dxT30FJKLTwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZJNANPYiM+K5Pw0sdFk/jzuRwaMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvTmtrMEEwOWlJejRya19EU3gwV1QtUE81SEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZdIMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ/mdxMjV6vasFACcfnCo4GJBuRb5kcQN4LQPI/Paj
39me72Kkxjz4Dq74cytyYFL34OJal4dmqy323ESaU+M/yS1yk0vzh6+FMeN6M+Wi
K4raWxwSn8D63q8B8tvODF8npJw0jCUoqpT1FVoy8HSZQzts8ifKiwFJZkudj0Dw
aW8MGKQ3hVyxyFslO8Xoy07Rke1IkImnSwuaumFt7GH78AOdfd2KkA+++mSaZWw/
Et1bmMoxNpRC4Zzs+8ndscA46JtYQwiEKvA5faFBYGC6PvycgXqm2fWKRtKCUg9V
Qm/aG3GKAlDHT8LhA52MY54mRM3ULNxAqu8nUSqZV01o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org