Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/2rTiv7c-LJJ0nbPQtbrefKvWTsE.roa
File:                     2rTiv7c-LJJ0nbPQtbrefKvWTsE.roa (raw, json)
Hash identifier:          hDvgX4WUvbcwiSE7NjxHno5wH3ZoPcM1/E4k5qaHqE8=
Subject key identifier:   DA:B4:E2:BF:B7:3E:2C:92:74:9D:B3:D0:B5:BA:DE:7C:AB:D6:4E:C1
Certificate issuer:       /CN=62927b36b138f086358938e3acfda4638e56a792
Certificate serial:       01856EF43278CA78A3B707DCB0C84B968EDA
Authority key identifier: 62:92:7B:36:B1:38:F0:86:35:89:38:E3:AC:FD:A4:63:8E:56:A7:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/2rTiv7c-LJJ0nbPQtbrefKvWTsE.roa
Signing time:             Sun 01 Jan 2023 20:09:35 +0000
ROA not before:           Sun 01 Jan 2023 20:09:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207265
IP address blocks:        45.151.128.0/22 maxlen: 22
                          2a10:20c0::/30 maxlen: 30

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:f4:32:78:ca:78:a3:b7:07:dc:b0:c8:4b:96:8e:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62927b36b138f086358938e3acfda4638e56a792
        Validity
            Not Before: Jan  1 20:09:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dab4e2bfb73e2c92749db3d0b5bade7cabd64ec1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:fd:b9:7e:f9:34:2b:09:60:0d:ba:13:7e:79:
                    cd:87:48:53:d8:5b:c1:9f:af:dd:e8:90:88:be:13:
                    93:23:7f:87:39:ec:98:d6:d8:5e:44:fd:90:86:4d:
                    80:bf:b3:6a:cb:19:1d:2f:66:d1:35:8c:6a:a5:35:
                    51:98:a9:7b:28:d5:a4:de:e9:15:8c:0f:49:1e:92:
                    eb:37:a4:e9:65:6b:93:bd:34:0d:9b:58:3f:7b:2c:
                    b0:d0:da:46:a5:7f:12:de:95:f9:2f:da:24:61:c4:
                    97:32:53:19:4d:8d:c0:ff:59:9c:40:ce:85:5a:b2:
                    77:99:e3:6e:13:31:5e:42:03:fc:8e:50:34:a2:e2:
                    8e:e1:c0:32:fe:1a:47:17:5e:b0:f2:2d:09:0a:8e:
                    9f:05:69:d5:52:f5:18:a2:db:a8:68:7e:b9:6a:f7:
                    04:34:54:d6:db:e5:d0:72:90:ea:b8:0c:af:86:e3:
                    3c:7d:ba:c9:b7:7e:8c:ec:9f:8b:08:95:47:5f:cb:
                    7b:95:e2:75:f0:c3:5a:d0:34:27:4d:02:ca:79:77:
                    5e:32:db:51:d2:68:5f:12:57:f6:e2:81:92:e9:75:
                    e0:86:44:bb:a3:da:1a:28:1f:0f:7c:3b:a1:eb:33:
                    de:78:4f:f3:bf:da:91:ef:4d:30:39:a1:26:ee:b2:
                    7f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:B4:E2:BF:B7:3E:2C:92:74:9D:B3:D0:B5:BA:DE:7C:AB:D6:4E:C1
            X509v3 Authority Key Identifier:
                keyid:62:92:7B:36:B1:38:F0:86:35:89:38:E3:AC:FD:A4:63:8E:56:A7:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/2rTiv7c-LJJ0nbPQtbrefKvWTsE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/YpJ7NrE48IY1iTjjrP2kY45Wp5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.128.0/22
                IPv6:
                  2a10:20c0::/30

    Signature Algorithm: sha256WithRSAEncryption
         4b:1f:97:3c:50:1e:c0:f5:50:34:93:cd:2c:7e:6f:11:d9:89:
         82:2b:ba:50:6f:ee:f3:c1:ae:8a:97:8c:e1:53:17:ed:8f:66:
         c4:99:45:40:af:a4:0b:ac:9b:fb:5d:98:13:43:c0:ba:5d:00:
         ef:38:d1:3a:a7:5f:c4:ae:fe:54:36:3b:80:b5:88:bf:16:58:
         d1:ed:85:f1:f3:7d:48:8a:95:8d:98:79:13:63:d1:c0:e4:f5:
         e9:7a:22:36:dc:2a:fb:e6:b2:b0:34:0e:09:6a:b4:6a:c3:7a:
         35:b0:6b:40:2c:69:17:87:23:3d:37:42:a5:0c:74:c1:93:c7:
         89:2c:bd:12:a4:a2:b3:a0:a1:01:79:2e:cd:09:1d:b6:98:48:
         bb:30:da:4f:58:77:87:69:70:eb:4d:f6:03:30:bd:2d:c9:44:
         4f:62:84:a5:3e:29:1f:cf:09:8b:75:28:64:f6:c7:d2:ca:ad:
         38:aa:fc:a3:f5:e7:ec:38:4e:78:5b:6c:48:eb:69:df:55:97:
         65:d6:5d:28:a0:89:39:0d:fa:cf:24:b4:fc:ae:e2:c0:e4:af:
         9a:19:98:68:74:76:5b:9e:0f:95:bc:98:48:3c:9c:5f:08:b6:
         7b:69:8b:1e:bf:04:68:3f:6a:ba:4f:e6:13:ff:03:92:0c:53:
         c7:61:17:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu9DJ4ynijtwfcsMhLlo7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOTI3YjM2YjEzOGYwODYzNTg5MzhlM2FjZmRhNDYzOGU1
NmE3OTIwHhcNMjMwMTAxMjAwOTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI0ZTJiZmI3M2UyYzkyNzQ5ZGIzZDBiNWJhZGU3Y2FiZDY0ZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif25fvk0KwlgDboTfnnNh0hT2FvB
n6/d6JCIvhOTI3+HOeyY1theRP2Qhk2Av7NqyxkdL2bRNYxqpTVRmKl7KNWk3ukV
jA9JHpLrN6TpZWuTvTQNm1g/eyyw0NpGpX8S3pX5L9okYcSXMlMZTY3A/1mcQM6F
WrJ3meNuEzFeQgP8jlA0ouKO4cAy/hpHF16w8i0JCo6fBWnVUvUYotuoaH65avcE
NFTW2+XQcpDquAyvhuM8fbrJt36M7J+LCJVHX8t7leJ18MNa0DQnTQLKeXdeMttR
0mhfElf24oGS6XXghkS7o9oaKB8PfDuh6zPeeE/zv9qR700wOaEm7rJ/TQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNq04r+3PiySdJ2z0LW63nyr1k7BMB8GA1UdIwQY
MBaAFGKSezaxOPCGNYk446z9pGOOVqeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXBKN05yRTQ4SVkxaVRqanJQMmtZNDVXcDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZDI0MWYtNzFlYS00YTFiLTk2ZWEt
YTk5YzdlZTVjMjg0LzEvMnJUaXY3Yy1MSkowbmJQUXRicmVmS3ZXVHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZDI0MWYtNzFlYS00YTFiLTk2ZWEtYTk5YzdlZTVjMjg0
LzEvWXBKN05yRTQ4SVkxaVRqanJQMmtZNDVXcDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZeAMA0E
AgACMAcDBQIqECDAMA0GCSqGSIb3DQEBCwUAA4IBAQBLH5c8UB7A9VA0k80sfm8R
2YmCK7pQb+7zwa6Kl4zhUxftj2bEmUVAr6QLrJv7XZgTQ8C6XQDvONE6p1/Erv5U
NjuAtYi/FljR7YXx831IipWNmHkTY9HA5PXpeiI23Cr75rKwNA4JarRqw3o1sGtA
LGkXhyM9N0KlDHTBk8eJLL0SpKKzoKEBeS7NCR22mEi7MNpPWHeHaXDrTfYDML0t
yURPYoSlPikfzwmLdShk9sfSyq04qvyj9efsOE54W2xI62nfVZdl1l0ooIk5DfrP
JLT8ruLA5K+aGZhodHZbng+VvJhIPJxfCLZ7aYsevwRoP2q6T+YT/wOSDFPHYRcx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:07 2024 by rpki-client on console-ams.rpki-client.org