Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OEocin6_3MQrWqFgvima2oSSOHs.roa
File:                     OEocin6_3MQrWqFgvima2oSSOHs.roa (raw, json)
Hash identifier:          W55cqg23z2jJ5KbqvMIatzhNHKY1fznIuPyL+ArwpHI=
Subject key identifier:   38:4A:1C:8A:7E:BF:DC:C4:2B:5A:A1:60:BE:29:9A:DA:84:92:38:7B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018B141A5AAC247DA9A0021B3130203F03E3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OEocin6_3MQrWqFgvima2oSSOHs.roa
Signing time:             Mon 09 Oct 2023 11:02:33 +0000
ROA not before:           Mon 09 Oct 2023 11:02:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197432
IP address blocks:        45.123.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:14:1a:5a:ac:24:7d:a9:a0:02:1b:31:30:20:3f:03:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Oct  9 11:02:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=384a1c8a7ebfdcc42b5aa160be299ada8492387b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f7:3e:cb:b5:c8:8f:18:46:0b:00:b6:86:29:
                    92:36:e0:5a:46:96:8a:77:b2:8f:77:c2:ba:93:d6:
                    29:bf:3d:c6:48:cc:23:87:74:45:ea:bf:34:6a:34:
                    2b:29:ce:21:0a:e3:4d:a6:5c:09:d8:8d:ab:7d:96:
                    b6:54:7e:b2:8d:56:22:a2:ec:52:84:dd:b5:24:c1:
                    96:0d:2c:22:36:e5:d8:70:3f:bb:a2:66:f8:50:8a:
                    d0:ad:64:d7:a7:5d:03:7b:cd:75:12:2d:e2:11:cd:
                    f7:53:89:11:34:09:90:16:75:7b:e9:d0:6c:b8:81:
                    34:df:8e:45:a9:da:68:2c:76:80:44:cf:a9:da:91:
                    f8:2c:39:87:86:40:95:c9:b1:35:91:55:d6:1e:09:
                    c4:48:60:0f:8e:ac:23:d5:4a:fc:69:be:df:90:08:
                    a0:8f:01:e7:d2:11:c7:02:0e:14:e7:a4:a8:a5:0b:
                    ee:6c:9b:78:20:7b:ba:d7:fa:ba:6e:31:39:39:3b:
                    cf:d6:16:a6:be:a1:65:dc:ce:a4:e0:c1:72:e4:0a:
                    c6:73:0f:c5:e5:cb:d9:94:2b:e9:2e:24:41:b6:90:
                    e3:b1:79:e7:f8:83:00:10:6a:8f:4e:38:d8:1d:76:
                    6c:9c:53:c8:e4:74:4a:48:48:12:a0:62:90:91:65:
                    25:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:4A:1C:8A:7E:BF:DC:C4:2B:5A:A1:60:BE:29:9A:DA:84:92:38:7B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OEocin6_3MQrWqFgvima2oSSOHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.123.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:d1:c4:bf:36:7f:30:41:b0:3c:84:ef:48:e8:6f:99:38:89:
         3a:5a:2f:92:94:e0:a2:92:a2:5f:b7:e9:18:6f:21:1c:da:8f:
         e0:94:6e:c0:4a:03:0a:b1:1a:c2:04:a0:0b:94:fe:56:6a:94:
         15:94:21:1a:88:a8:ff:61:9c:49:6d:e7:b8:eb:46:8b:fe:61:
         a5:25:11:53:88:55:99:49:ac:35:f7:58:df:c3:ea:cc:30:1f:
         ae:9f:d8:1f:5d:39:01:54:6d:66:f0:5b:78:2b:03:00:03:0b:
         2d:70:f4:32:ff:b5:cf:fa:a1:7a:97:60:7c:89:59:be:80:a4:
         f9:ae:b1:26:b9:29:dd:82:e7:06:4d:10:24:60:f5:2b:c0:c0:
         5c:6a:3d:75:61:26:17:dd:23:47:bc:86:53:71:88:17:b6:0c:
         11:6b:a5:4d:e5:75:45:c8:82:e5:87:cc:c9:62:16:eb:6f:74:
         b3:75:96:ce:4d:3a:a5:f1:34:bf:9e:0a:18:5c:a4:c4:69:a1:
         4a:f0:3f:1b:e8:79:48:b9:3e:e8:1c:55:91:07:2d:70:35:4f:
         98:b9:c0:83:d4:66:47:49:06:b3:84:39:0d:1c:cb:64:9e:ce:
         04:76:f4:44:9a:53:5f:0d:0f:ad:2d:17:ae:02:a5:2a:30:bd:
         89:58:27:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsUGlqsJH2poAIbMTAgPwPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDA5MTEwMjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODRhMWM4YTdlYmZkY2M0MmI1YWExNjBiZTI5OWFkYTg0OTIzODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvc+y7XIjxhGCwC2himSNuBaRpaK
d7KPd8K6k9Ypvz3GSMwjh3RF6r80ajQrKc4hCuNNplwJ2I2rfZa2VH6yjVYiouxS
hN21JMGWDSwiNuXYcD+7omb4UIrQrWTXp10De811Ei3iEc33U4kRNAmQFnV76dBs
uIE0345FqdpoLHaARM+p2pH4LDmHhkCVybE1kVXWHgnESGAPjqwj1Ur8ab7fkAig
jwHn0hHHAg4U56SopQvubJt4IHu61/q6bjE5OTvP1hamvqFl3M6k4MFy5ArGcw/F
5cvZlCvpLiRBtpDjsXnn+IMAEGqPTjjYHXZsnFPI5HRKSEgSoGKQkWUlAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDhKHIp+v9zEK1qhYL4pmtqEkjh7MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvT0VvY2luNl8zTVFyV3FGZ3ZpbWEyb1NTT0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALXsoMA0G
CSqGSIb3DQEBCwUAA4IBAQBf0cS/Nn8wQbA8hO9I6G+ZOIk6Wi+SlOCikqJft+kY
byEc2o/glG7ASgMKsRrCBKALlP5WapQVlCEaiKj/YZxJbee460aL/mGlJRFTiFWZ
Saw191jfw+rMMB+un9gfXTkBVG1m8Ft4KwMAAwstcPQy/7XP+qF6l2B8iVm+gKT5
rrEmuSndgucGTRAkYPUrwMBcaj11YSYX3SNHvIZTcYgXtgwRa6VN5XVFyILlh8zJ
Yhbrb3SzdZbOTTql8TS/ngoYXKTEaaFK8D8b6HlIuT7oHFWRBy1wNU+YucCD1GZH
SQazhDkNHMtkns4EdvREmlNfDQ+tLReuAqUqML2JWCcb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org