Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_Xu_vnLIP7EA9r0O8nogLZPJRxM.roa
File:                     _Xu_vnLIP7EA9r0O8nogLZPJRxM.roa (raw, json)
Hash identifier:          GcL0Yc5GabybKO8mgD2oLh4Ox08RIwFiMF/nJp86784=
Subject key identifier:   FD:7B:BF:BE:72:C8:3F:B1:00:F6:BD:0E:F2:7A:20:2D:93:C9:47:13
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C27FE3514B18CC6EFA7DBFA531693
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_Xu_vnLIP7EA9r0O8nogLZPJRxM.roa
Signing time:             Mon 02 Jan 2023 05:55:00 +0000
ROA not before:           Mon 02 Jan 2023 05:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61435
IP address blocks:        45.137.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:27:fe:35:14:b1:8c:c6:ef:a7:db:fa:53:16:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd7bbfbe72c83fb100f6bd0ef27a202d93c94713
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ff:0f:ed:f4:f6:cb:c4:db:0d:58:fd:da:af:
                    60:bd:dc:92:c3:a5:4a:7f:75:56:81:15:2d:7f:d1:
                    ee:5d:78:46:da:32:30:8f:3b:90:a5:af:48:d7:70:
                    ec:c9:02:d2:b3:aa:31:e7:7a:b2:af:1c:9c:a5:77:
                    26:cb:41:65:9d:21:0b:c8:83:84:03:80:cd:b3:14:
                    93:24:8b:d9:6f:27:da:d7:69:46:5b:de:45:ec:3b:
                    62:5c:eb:c8:00:86:1f:4c:d0:dc:d2:41:10:d5:ee:
                    0d:d7:ad:99:4d:d7:4f:02:29:8f:1e:3d:fa:1b:f4:
                    eb:0b:49:7b:30:44:be:cc:e6:ee:e0:d4:bf:a1:65:
                    76:72:e0:49:9e:7d:cc:43:f2:7a:90:0a:c1:7b:4c:
                    f7:13:85:6a:48:50:6d:2d:cf:70:3f:fa:d2:0e:22:
                    a2:2f:84:6f:36:89:5a:dc:d4:f7:3b:9f:a3:0a:75:
                    37:4e:0a:18:b6:27:0b:c6:c6:05:26:84:45:5a:4d:
                    57:18:7f:9a:fc:57:f2:59:a0:7d:05:bb:fb:36:98:
                    09:fe:3f:a1:ab:d4:2d:e5:3e:0f:02:7f:33:18:41:
                    3f:27:56:75:f1:87:69:62:7d:ea:40:21:fd:e9:c4:
                    a7:c1:cb:92:9f:e4:b8:a2:4c:ef:a2:96:07:de:d7:
                    bc:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:7B:BF:BE:72:C8:3F:B1:00:F6:BD:0E:F2:7A:20:2D:93:C9:47:13
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_Xu_vnLIP7EA9r0O8nogLZPJRxM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:3d:c6:bb:bc:2d:d9:38:15:e3:34:24:47:7d:2b:78:5a:e7:
         1f:02:34:38:1a:8e:2b:d5:97:67:f3:a2:5f:de:c7:fe:60:73:
         27:76:9d:a3:93:fd:ec:6e:10:19:8e:a4:7d:a2:f1:45:71:a3:
         cb:af:72:84:cf:8a:22:b0:62:6d:80:2d:69:45:b6:34:4e:4e:
         b5:82:eb:26:24:95:a8:3a:c9:fa:d1:76:d6:ea:3b:25:c2:68:
         3e:1e:06:7e:45:51:a2:a7:63:b0:35:18:81:ae:53:a1:8b:4e:
         f1:1a:63:ac:b0:92:93:2b:b4:5e:06:c4:d4:94:1e:51:48:be:
         d0:3c:45:6c:55:0f:f9:83:eb:30:bd:05:80:47:95:99:f3:09:
         fd:47:17:dc:a9:bb:6c:73:37:2c:0d:b2:54:43:37:bb:b8:a6:
         b1:1f:a2:8c:6b:ed:54:c0:9f:ff:3d:ea:96:49:ec:51:15:a5:
         c1:16:df:c5:0d:8e:1a:13:c2:b6:2c:e1:05:96:d6:76:6e:71:
         d6:a0:00:df:d1:a7:a8:d3:a7:c6:28:c2:80:05:d0:87:6f:6d:
         e6:4e:09:5f:d7:16:ac:b2:e2:92:f6:56:52:42:15:eb:ea:c9:
         83:96:f6:e4:60:77:f7:fb:10:81:0d:99:cd:71:23:aa:d0:c0:
         a7:bd:89:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDCf+NRSxjMbvp9v6UxaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdiYmZiZTcyYzgzZmIxMDBmNmJkMGVmMjdhMjAyZDkzYzk0NzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif8P7fT2y8TbDVj92q9gvdySw6VK
f3VWgRUtf9HuXXhG2jIwjzuQpa9I13DsyQLSs6ox53qyrxycpXcmy0FlnSELyIOE
A4DNsxSTJIvZbyfa12lGW95F7DtiXOvIAIYfTNDc0kEQ1e4N162ZTddPAimPHj36
G/TrC0l7MES+zObu4NS/oWV2cuBJnn3MQ/J6kArBe0z3E4VqSFBtLc9wP/rSDiKi
L4RvNola3NT3O5+jCnU3TgoYticLxsYFJoRFWk1XGH+a/FfyWaB9Bbv7NpgJ/j+h
q9Qt5T4PAn8zGEE/J1Z18YdpYn3qQCH96cSnwcuSn+S4okzvopYH3te8KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP17v75yyD+xAPa9DvJ6IC2TyUcTMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvX1h1X3ZuTElQN0VBOXIwTzhub2dMWlBKUnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYloMA0G
CSqGSIb3DQEBCwUAA4IBAQC7Pca7vC3ZOBXjNCRHfSt4WucfAjQ4Go4r1Zdn86Jf
3sf+YHMndp2jk/3sbhAZjqR9ovFFcaPLr3KEz4oisGJtgC1pRbY0Tk61gusmJJWo
Osn60XbW6jslwmg+HgZ+RVGip2OwNRiBrlOhi07xGmOssJKTK7ReBsTUlB5RSL7Q
PEVsVQ/5g+swvQWAR5WZ8wn9RxfcqbtsczcsDbJUQze7uKaxH6KMa+1UwJ//PeqW
SexRFaXBFt/FDY4aE8K2LOEFltZ2bnHWoADf0aeo06fGKMKABdCHb23mTglf1xas
suKS9lZSQhXr6smDlvbkYHf3+xCBDZnNcSOq0MCnvYmz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org