Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/tVBBwYL2GTyt6VUhKQ9gt0rzHgw.roa
File:                     tVBBwYL2GTyt6VUhKQ9gt0rzHgw.roa (raw, json)
Hash identifier:          qBxv9Zh7N3cav3t7S1OltC4i1r+p/pHOeFeD7Crsfjs=
Subject key identifier:   B5:50:41:C1:82:F6:19:3C:AD:E9:55:21:29:0F:60:B7:4A:F3:1E:0C
Certificate issuer:       /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial:       01857139BAF87120B245D4484D11670FCF46
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/tVBBwYL2GTyt6VUhKQ9gt0rzHgw.roa
Signing time:             Mon 02 Jan 2023 06:44:46 +0000
ROA not before:           Mon 02 Jan 2023 06:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60985
IP address blocks:        45.10.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:ba:f8:71:20:b2:45:d4:48:4d:11:67:0f:cf:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
        Validity
            Not Before: Jan  2 06:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b55041c182f6193cade95521290f60b74af31e0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:0c:fb:05:68:4c:7b:d1:49:b1:98:da:3d:1e:
                    2e:3e:9b:7d:62:cc:5d:6f:42:04:e2:42:c9:b6:7d:
                    6d:4f:80:50:b4:e8:e9:b7:dc:03:c6:55:f1:47:4d:
                    92:17:6b:45:2d:30:df:02:aa:1d:41:2d:c4:a4:ae:
                    6c:c9:7f:14:95:c0:e3:38:91:7b:c2:b9:dc:67:12:
                    91:fe:e5:1a:95:8f:f8:eb:32:4c:b7:62:8f:c3:cf:
                    a8:7f:3f:b5:54:5d:1a:43:ff:05:0f:bc:fb:36:43:
                    ae:fd:49:94:d8:f1:07:33:7a:4a:e2:43:6e:4f:dd:
                    c8:80:d9:b1:14:99:1a:4d:3c:77:ba:95:4d:74:56:
                    a2:19:50:e9:d5:b9:57:39:78:c1:b2:2c:69:2d:35:
                    8f:e4:d9:f7:f4:83:66:32:7f:36:1e:c6:ea:b4:70:
                    c5:07:4a:3c:28:21:cb:0d:45:82:c4:13:6b:5c:b6:
                    2d:65:48:06:0f:a4:79:9a:ef:7c:4c:ff:0a:5c:92:
                    5d:43:de:77:4f:19:0c:10:0e:9b:50:bc:ee:91:60:
                    e7:d7:51:f0:b8:48:f3:f9:90:54:bb:80:ee:4d:85:
                    25:5a:42:39:67:4e:fa:d0:ed:3a:56:18:a9:84:08:
                    b4:83:72:23:7d:8a:36:20:a0:49:53:48:92:3f:e7:
                    36:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:50:41:C1:82:F6:19:3C:AD:E9:55:21:29:0F:60:B7:4A:F3:1E:0C
            X509v3 Authority Key Identifier:
                keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/tVBBwYL2GTyt6VUhKQ9gt0rzHgw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:0e:8b:2d:71:c7:30:c8:53:bc:47:6a:e2:58:e8:39:c9:48:
         34:f3:a7:f7:a3:17:35:d2:9e:a1:19:a5:8b:b3:a0:1f:e1:d2:
         f1:0f:4e:20:c8:0b:ad:4e:4f:28:db:96:c0:6f:d5:e7:d3:8f:
         d9:de:2b:a0:3b:f1:06:11:38:2e:72:14:62:db:3b:62:1a:0e:
         3c:cc:09:32:f4:63:b6:f2:fd:e6:08:78:d5:67:b2:7b:cd:3c:
         f8:1e:39:f9:5b:66:88:bb:eb:4a:c2:1e:be:55:d0:f2:d3:e2:
         47:8d:33:58:84:79:5e:09:ec:da:df:88:6e:66:47:d5:77:03:
         5d:5a:24:f7:d2:0a:9a:ae:63:fb:37:5d:93:1c:d7:72:eb:c7:
         92:e0:dd:08:6e:75:a7:e3:3e:2f:43:ed:79:af:2f:a8:f2:dd:
         28:0f:a9:e1:d0:2a:85:56:d6:a6:91:63:1c:31:ec:c1:52:67:
         5f:a4:f2:b3:aa:51:fb:d4:99:2f:1f:1e:6a:a6:f9:2f:98:55:
         a1:8c:fa:11:08:81:1f:8a:62:1a:b0:e9:19:09:d6:96:d2:21:
         8d:8b:aa:f4:27:04:54:a4:67:10:0f:2a:74:61:63:0a:93:74:
         90:0d:74:c5:01:13:8b:5f:f2:49:6c:14:7e:1e:d2:0a:40:18:
         be:e9:ab:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxObr4cSCyRdRITRFnD89GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjMwMTAyMDY0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTUwNDFjMTgyZjYxOTNjYWRlOTU1MjEyOTBmNjBiNzRhZjMxZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQz7BWhMe9FJsZjaPR4uPpt9Ysxd
b0IE4kLJtn1tT4BQtOjpt9wDxlXxR02SF2tFLTDfAqodQS3EpK5syX8UlcDjOJF7
wrncZxKR/uUalY/46zJMt2KPw8+ofz+1VF0aQ/8FD7z7NkOu/UmU2PEHM3pK4kNu
T93IgNmxFJkaTTx3upVNdFaiGVDp1blXOXjBsixpLTWP5Nn39INmMn82HsbqtHDF
B0o8KCHLDUWCxBNrXLYtZUgGD6R5mu98TP8KXJJdQ953TxkMEA6bULzukWDn11Hw
uEjz+ZBUu4DuTYUlWkI5Z0760O06VhiphAi0g3IjfYo2IKBJU0iSP+c2+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVQQcGC9hk8relVISkPYLdK8x4MMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvdFZCQndZTDJHVHl0NlZVaEtROWd0MHJ6SGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQpgMA0G
CSqGSIb3DQEBCwUAA4IBAQAlDostcccwyFO8R2riWOg5yUg086f3oxc10p6hGaWL
s6Af4dLxD04gyAutTk8o25bAb9Xn04/Z3iugO/EGETguchRi2ztiGg48zAky9GO2
8v3mCHjVZ7J7zTz4Hjn5W2aIu+tKwh6+VdDy0+JHjTNYhHleCeza34huZkfVdwNd
WiT30gqarmP7N12THNdy68eS4N0IbnWn4z4vQ+15ry+o8t0oD6nh0CqFVtamkWMc
MezBUmdfpPKzqlH71JkvHx5qpvkvmFWhjPoRCIEfimIasOkZCdaW0iGNi6r0JwRU
pGcQDyp0YWMKk3SQDXTFAROLX/JJbBR+HtIKQBi+6at0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org