Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/i7Tbwl8YQ2Qx3D1qp4ZEBptjVlw.roa
File:                     i7Tbwl8YQ2Qx3D1qp4ZEBptjVlw.roa (raw, json)
Hash identifier:          ojjd+vNB9zsyoPy+OajfgibUIKT9C7Ay8TP4WXjwpqA=
Subject key identifier:   8B:B4:DB:C2:5F:18:43:64:31:DC:3D:6A:A7:86:44:06:9B:63:56:5C
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0185F1F07E465B140E35880656A51B470F6D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/i7Tbwl8YQ2Qx3D1qp4ZEBptjVlw.roa
Signing time:             Fri 27 Jan 2023 06:35:48 +0000
ROA not before:           Fri 27 Jan 2023 06:35:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3507
IP address blocks:        45.156.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Jan 2023 11:35:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f1:f0:7e:46:5b:14:0e:35:88:06:56:a5:1b:47:0f:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 27 06:35:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8bb4dbc25f18436431dc3d6aa78644069b63565c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b3:89:af:96:44:c6:7f:4c:72:4f:40:ea:24:
                    14:08:d5:10:31:06:bb:d6:79:55:21:4e:cf:43:85:
                    6e:c9:ac:68:05:84:54:f3:b9:a0:4f:26:8c:19:a7:
                    5e:56:c6:93:45:04:97:2d:e5:ff:22:d6:b6:56:dc:
                    4c:f0:f1:08:f8:f6:0b:67:d7:b3:c7:d1:26:96:10:
                    ce:21:bb:f6:d3:75:dd:5d:18:7e:7e:86:a6:cc:ee:
                    03:1c:22:f0:9d:43:7d:7e:03:55:af:69:e6:a5:55:
                    e8:6b:ae:11:f2:d3:4d:59:5f:16:39:af:5d:ff:d5:
                    73:93:8f:31:2b:cf:7d:18:ca:4a:64:4b:b6:eb:59:
                    60:a0:b1:de:01:13:db:eb:e0:59:19:39:75:14:74:
                    ef:88:d6:5a:4b:30:1b:45:75:ab:15:ef:d9:ec:56:
                    84:60:ea:57:37:36:9c:fd:3b:c1:aa:89:45:49:39:
                    f3:cc:f1:c5:c6:7f:de:b1:25:2a:e7:67:49:ed:7d:
                    c0:97:41:7a:90:e9:83:d2:fa:1a:20:0c:42:6e:25:
                    a4:de:d4:40:f8:9a:f6:28:95:2b:40:44:d4:21:0f:
                    9c:62:d4:6b:a1:e7:18:f0:cd:2d:f7:f8:29:55:d1:
                    c0:60:02:b2:07:ee:27:f3:bd:0b:2b:5c:3a:9a:9a:
                    33:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:B4:DB:C2:5F:18:43:64:31:DC:3D:6A:A7:86:44:06:9B:63:56:5C
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/i7Tbwl8YQ2Qx3D1qp4ZEBptjVlw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:cf:85:23:82:7d:be:f3:5d:f7:d7:f0:15:4c:e4:14:9d:76:
         f3:b1:b0:6e:19:b9:aa:68:18:55:85:06:af:64:1b:65:0c:1b:
         de:10:69:3b:fb:04:e0:04:a2:2c:3b:45:09:77:55:ae:d8:4f:
         1b:14:45:32:97:ea:28:c2:35:45:2d:16:72:60:b1:6b:ad:d5:
         70:81:f1:19:7e:8f:31:01:d6:1f:5b:f7:79:75:9c:2e:d9:82:
         d0:ac:30:03:6e:6d:94:3e:80:de:b8:9e:13:96:e2:87:50:61:
         d3:6a:3f:df:9e:b0:2c:bc:a4:fd:38:27:8a:bb:cb:d6:cd:68:
         cb:c6:20:b2:a1:f7:3a:06:f4:89:a2:a2:8b:0e:04:fb:6c:3b:
         9a:82:63:ec:c2:de:55:ee:11:a8:d9:30:8a:9f:ee:60:19:e5:
         46:cd:33:20:ed:10:d0:bb:3b:4e:94:f6:6b:ee:a3:d7:8b:0a:
         d5:dd:7d:78:bc:89:b6:41:71:c2:9e:91:07:cf:a1:75:eb:53:
         3d:d1:0c:14:ee:c9:37:6c:07:e5:38:51:a5:95:56:5d:9f:68:
         88:02:4b:aa:fb:66:60:a2:d9:a8:13:5d:e3:45:b6:cc:6e:fc:
         fb:43:b7:53:d0:fa:7a:0e:d2:38:0c:9f:b6:48:76:83:82:bf:
         3a:a9:bd:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXx8H5GWxQONYgGVqUbRw9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI3MDYzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmI0ZGJjMjVmMTg0MzY0MzFkYzNkNmFhNzg2NDQwNjliNjM1NjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rOJr5ZExn9Mck9A6iQUCNUQMQa7
1nlVIU7PQ4VuyaxoBYRU87mgTyaMGadeVsaTRQSXLeX/Ita2VtxM8PEI+PYLZ9ez
x9EmlhDOIbv203XdXRh+foamzO4DHCLwnUN9fgNVr2nmpVXoa64R8tNNWV8WOa9d
/9Vzk48xK899GMpKZEu261lgoLHeARPb6+BZGTl1FHTviNZaSzAbRXWrFe/Z7FaE
YOpXNzac/TvBqolFSTnzzPHFxn/esSUq52dJ7X3Al0F6kOmD0voaIAxCbiWk3tRA
+Jr2KJUrQETUIQ+cYtRroecY8M0t9/gpVdHAYAKyB+4n870LK1w6mpozoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIu028JfGENkMdw9aqeGRAabY1ZcMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaTdUYndsOFlRMlF4M0QxcXA0WkVCcHRqVmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZydMA0G
CSqGSIb3DQEBCwUAA4IBAQAEz4Ujgn2+81331/AVTOQUnXbzsbBuGbmqaBhVhQav
ZBtlDBveEGk7+wTgBKIsO0UJd1Wu2E8bFEUyl+oowjVFLRZyYLFrrdVwgfEZfo8x
AdYfW/d5dZwu2YLQrDADbm2UPoDeuJ4TluKHUGHTaj/fnrAsvKT9OCeKu8vWzWjL
xiCyofc6BvSJoqKLDgT7bDuagmPswt5V7hGo2TCKn+5gGeVGzTMg7RDQuztOlPZr
7qPXiwrV3X14vIm2QXHCnpEHz6F161M90QwU7sk3bAflOFGllVZdn2iIAkuq+2Zg
otmoE13jRbbMbvz7Q7dT0Pp6DtI4DJ+2SHaDgr86qb12
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org