Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h7__YkC-SSaPiqOD_GUMunEGYh4.roa
File:                     h7__YkC-SSaPiqOD_GUMunEGYh4.roa (raw, json)
Hash identifier:          GU7EJt2VWAXU6vUhiUDboA7vzI+/Upk2/uiTBM+V5d8=
Subject key identifier:   87:BF:FF:62:40:BE:49:26:8F:8A:A3:83:FC:65:0C:BA:71:06:62:1E
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0185710323E2F26F2402BC5307823AED2980
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h7__YkC-SSaPiqOD_GUMunEGYh4.roa
Signing time:             Mon 02 Jan 2023 05:45:09 +0000
ROA not before:           Mon 02 Jan 2023 05:45:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396356
IP address blocks:        45.80.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:23:e2:f2:6f:24:02:bc:53:07:82:3a:ed:29:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:45:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87bfff6240be49268f8aa383fc650cba7106621e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:db:41:d3:ec:a9:6d:50:9d:33:72:9c:6f:58:
                    0a:8c:6d:74:27:34:85:92:47:62:86:9d:0d:40:02:
                    7d:86:31:bb:08:db:a5:db:48:b1:bd:23:2f:69:fa:
                    bd:19:94:e7:4d:8b:6d:fc:12:82:f3:b0:5e:ac:ea:
                    17:51:ea:3a:07:0f:57:59:33:6c:f2:22:3b:f2:49:
                    32:b0:06:75:9f:bd:9f:a4:fc:68:47:a9:fb:31:50:
                    84:d4:8f:e0:71:a4:37:65:1f:46:bf:a1:f5:3c:af:
                    1b:ef:85:05:69:ec:fa:14:82:52:94:65:b5:7d:3e:
                    50:2f:fe:9c:c8:15:69:d5:98:a5:5b:5e:d6:a1:7c:
                    22:05:ed:eb:4d:7a:94:a7:14:09:29:71:e3:72:0b:
                    74:a4:d1:a8:71:e4:6e:82:ea:4e:0d:e8:e6:ca:c0:
                    05:c0:d5:ef:57:93:1f:5f:ee:fd:b5:a5:6b:45:fa:
                    c4:39:39:e3:83:0e:d1:e9:fa:22:1e:c5:17:cb:43:
                    9a:41:af:62:9d:61:c1:dc:9d:43:06:56:3c:f7:7f:
                    27:4b:19:7a:a4:56:b5:89:99:f0:45:d5:20:6f:6d:
                    c5:56:eb:d0:f0:ec:2d:82:6a:7f:f3:1d:66:50:da:
                    c5:a5:2b:a7:ec:3b:45:4f:f6:4a:fc:80:8d:88:0e:
                    61:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:BF:FF:62:40:BE:49:26:8F:8A:A3:83:FC:65:0C:BA:71:06:62:1E
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h7__YkC-SSaPiqOD_GUMunEGYh4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:13:44:6f:a0:e0:3a:b7:d6:6a:71:1d:78:31:5f:6c:1e:9c:
         dc:71:55:59:3e:24:cc:f7:90:d4:58:ae:86:b7:8b:1f:ac:64:
         fc:3d:d6:a6:88:1a:14:56:2c:ea:35:b6:9e:75:cc:a0:50:5b:
         35:91:b9:b4:be:73:97:df:b1:b2:9a:0b:2a:94:01:5a:a4:cf:
         fc:21:dc:47:33:b8:93:cc:f1:b2:76:21:89:b1:41:df:21:30:
         9d:17:8b:fd:84:17:78:25:7d:d9:ee:23:6d:b7:d1:9b:f5:d6:
         af:2e:47:bf:c2:e6:db:af:b8:62:db:3b:c8:8c:a7:1b:d1:1e:
         b4:6f:cc:94:0d:c7:3c:34:a8:a9:28:81:53:b8:5f:e7:b5:8a:
         97:fe:7f:e3:3d:ca:05:2d:93:25:5c:01:fb:79:2a:fd:a9:43:
         a8:e7:32:c7:3e:f8:b4:0b:48:74:c8:75:c1:cf:82:a6:98:3b:
         ac:35:f3:e3:7b:23:dc:c5:40:40:7b:6b:b9:79:6e:45:6f:b3:
         15:cb:20:20:8e:ca:1e:23:85:71:66:ad:47:ac:44:e7:f9:5a:
         6f:2e:dd:5f:d4:b9:84:b2:34:78:bb:b8:d3:0c:8f:f9:90:47:
         f2:b6:51:1b:e7:b4:a1:6d:92:c5:f5:60:2b:a0:bf:8b:50:45:
         56:03:de:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAyPi8m8kArxTB4I67SmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2JmZmY2MjQwYmU0OTI2OGY4YWEzODNmYzY1MGNiYTcxMDY2MjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNtB0+ypbVCdM3Kcb1gKjG10JzSF
kkdihp0NQAJ9hjG7CNul20ixvSMvafq9GZTnTYtt/BKC87BerOoXUeo6Bw9XWTNs
8iI78kkysAZ1n72fpPxoR6n7MVCE1I/gcaQ3ZR9Gv6H1PK8b74UFaez6FIJSlGW1
fT5QL/6cyBVp1ZilW17WoXwiBe3rTXqUpxQJKXHjcgt0pNGoceRugupODejmysAF
wNXvV5MfX+79taVrRfrEOTnjgw7R6foiHsUXy0OaQa9inWHB3J1DBlY8938nSxl6
pFa1iZnwRdUgb23FVuvQ8Owtgmp/8x1mUNrFpSun7DtFT/ZK/ICNiA5hOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIe//2JAvkkmj4qjg/xlDLpxBmIeMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaDdfX1lrQy1TU2FQaXFPRF9HVU11bkVHWWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVCfMA0G
CSqGSIb3DQEBCwUAA4IBAQAQE0RvoOA6t9ZqcR14MV9sHpzccVVZPiTM95DUWK6G
t4sfrGT8PdamiBoUVizqNbaedcygUFs1kbm0vnOX37GymgsqlAFapM/8IdxHM7iT
zPGydiGJsUHfITCdF4v9hBd4JX3Z7iNtt9Gb9davLke/wubbr7hi2zvIjKcb0R60
b8yUDcc8NKipKIFTuF/ntYqX/n/jPcoFLZMlXAH7eSr9qUOo5zLHPvi0C0h0yHXB
z4KmmDusNfPjeyPcxUBAe2u5eW5Fb7MVyyAgjsoeI4VxZq1HrETn+VpvLt1f1LmE
sjR4u7jTDI/5kEfytlEb57ShbZLF9WAroL+LUEVWA94/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org