Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-A8fR4V04O4fU6QkCQbwfl2YOec.roa
File:                     1-A8fR4V04O4fU6QkCQbwfl2YOec.roa (raw, json)
Hash identifier:          toVh3jnXk9/TFgFQOH7TSzd23bvwq3upbzU+qgdLJYE=
Subject key identifier:   F8:0F:1F:47:85:74:E0:EE:1F:53:A4:24:09:06:F0:7E:5D:98:39:E7
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018CC8DFB4EC6E486A74D26C6FD4F16BA6B9
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-A8fR4V04O4fU6QkCQbwfl2YOec.roa
Signing time:             Tue 02 Jan 2024 06:32:33 +0000
ROA not before:           Tue 02 Jan 2024 06:32:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216234
IP address blocks:        194.67.193.0/24 maxlen: 24
                          45.9.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Jul 2024 13:05:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:b4:ec:6e:48:6a:74:d2:6c:6f:d4:f1:6b:a6:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 06:32:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f80f1f478574e0ee1f53a4240906f07e5d9839e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:50:43:da:2d:88:0c:9a:15:b6:fd:23:e1:8d:
                    42:b4:28:38:f2:b0:71:3c:77:d9:a7:39:ea:77:aa:
                    fb:5f:1b:15:7c:28:8c:c5:82:b2:bf:bc:df:9c:61:
                    05:41:80:bc:c0:05:58:84:44:f6:b2:de:b3:67:c9:
                    91:c5:a5:04:94:d1:94:8f:6e:81:a5:6d:1d:ea:20:
                    8e:4b:ba:db:9e:37:b6:65:ee:68:94:ae:c3:37:a4:
                    f2:ac:65:95:20:34:55:fa:a7:1e:08:2f:a8:6e:57:
                    e5:a0:b6:82:bc:63:25:a8:01:75:4c:e6:cf:ff:49:
                    8a:91:b8:96:18:db:80:3d:1f:a8:79:ed:b7:b6:69:
                    bb:81:0d:60:a0:34:91:10:25:9e:fe:17:dc:1b:bf:
                    75:75:1d:01:a2:04:47:60:73:dc:8d:53:6f:0d:b9:
                    6a:a1:1a:04:f9:6b:ad:c1:b2:c4:12:51:fd:67:6f:
                    4d:e5:3e:11:38:58:84:71:d3:3c:89:e7:52:34:e2:
                    08:18:6b:18:cd:37:40:f2:7a:a2:f9:de:7f:22:ef:
                    09:65:62:a1:12:87:1d:4a:7a:57:42:61:1e:d8:2d:
                    cc:b2:b8:65:ab:ef:61:4e:4c:d8:f5:54:2a:06:88:
                    43:ed:89:b2:63:e2:8e:91:88:da:2d:52:fe:58:08:
                    f1:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:0F:1F:47:85:74:E0:EE:1F:53:A4:24:09:06:F0:7E:5D:98:39:E7
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-A8fR4V04O4fU6QkCQbwfl2YOec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.74.0/24
                  194.67.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:52:e9:89:1f:48:9b:f1:a7:41:1b:51:0f:10:d8:95:b8:82:
         aa:20:44:e8:0d:69:2f:c2:0c:29:5a:c9:da:a3:72:92:6a:e6:
         5f:af:22:74:0c:ca:74:a7:72:f5:3e:07:09:7c:dd:40:d7:6d:
         62:96:a2:03:61:ef:6f:ea:7e:39:01:ec:8e:7d:fc:4b:b1:7c:
         ee:17:76:8c:ad:08:f7:0c:d6:ee:62:95:93:54:7e:77:fe:29:
         4c:36:02:8c:b3:0b:82:52:26:96:74:c3:f1:a0:d8:c2:e1:7b:
         9c:ab:bd:d9:3c:66:cc:00:13:c8:00:47:67:8a:52:e4:ee:a5:
         cc:ad:39:4f:8b:46:94:fc:a3:d1:52:65:17:16:75:7f:2c:bd:
         b3:5e:bb:8c:6b:ca:48:55:f0:6c:63:c4:8f:df:3e:b2:d9:a8:
         35:f1:52:54:03:68:8d:36:97:4f:de:b8:62:c6:56:ba:aa:41:
         4f:dd:7f:0f:e5:fc:a6:f3:9c:aa:25:b8:86:0d:9d:2c:1f:13:
         f1:d7:15:78:d4:26:5d:9d:3f:63:5f:63:26:26:05:ca:05:5b:
         fe:9a:ad:4e:3b:d7:94:57:86:30:9a:e8:1a:9d:0c:78:dd:cd:
         5e:e7:f3:26:0b:1f:92:e3:f5:2a:39:e1:2b:91:d7:81:4b:2f:
         f6:05:bf:c2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzI37TsbkhqdNJsb9Txa6a5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBmMWY0Nzg1NzRlMGVlMWY1M2E0MjQwOTA2ZjA3ZTVkOTgzOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVBD2i2IDJoVtv0j4Y1CtCg48rBx
PHfZpznqd6r7XxsVfCiMxYKyv7zfnGEFQYC8wAVYhET2st6zZ8mRxaUElNGUj26B
pW0d6iCOS7rbnje2Ze5olK7DN6TyrGWVIDRV+qceCC+oblfloLaCvGMlqAF1TObP
/0mKkbiWGNuAPR+oee23tmm7gQ1goDSRECWe/hfcG791dR0BogRHYHPcjVNvDblq
oRoE+WutwbLEElH9Z29N5T4ROFiEcdM8iedSNOIIGGsYzTdA8nqi+d5/Iu8JZWKh
EocdSnpXQmEe2C3Msrhlq+9hTkzY9VQqBohD7YmyY+KOkYjaLVL+WAjxdQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPgPH0eFdODuH1OkJAkG8H5dmDnnMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMS1BOGZSNFYwNE80ZlU2UWtDUWJ3ZmwyWU9lYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2Nk
Mi8xL3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC0JSgME
AMJDwTANBgkqhkiG9w0BAQsFAAOCAQEAJVLpiR9Im/GnQRtRDxDYlbiCqiBE6A1p
L8IMKVrJ2qNykmrmX68idAzKdKdy9T4HCXzdQNdtYpaiA2Hvb+p+OQHsjn38S7F8
7hd2jK0I9wzW7mKVk1R+d/4pTDYCjLMLglImlnTD8aDYwuF7nKu92TxmzAATyABH
Z4pS5O6lzK05T4tGlPyj0VJlFxZ1fyy9s167jGvKSFXwbGPEj98+stmoNfFSVANo
jTaXT964YsZWuqpBT91/D+X8pvOcqiW4hg2dLB8T8dcVeNQmXZ0/Y19jJiYFygVb
/pqtTjvXlFeGMJroGp0MeN3NXufzJgsfkuP1KjnhK5HXgUsv9gW/wg==
-----END CERTIFICATE-----
Generated at Mon Jul 22 17:32:37 2024 by rpki-client on console-ams.rpki-client.org