Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bRuZ3PEb9Kqlf63xamDG2XqE95c.roa
File:                     bRuZ3PEb9Kqlf63xamDG2XqE95c.roa (raw, json)
Hash identifier:          C1AmtK/Woq3EWcGIhp9gWP9e+wEiVBEK7IEoFxL0ln4=
Subject key identifier:   6D:1B:99:DC:F1:1B:F4:AA:A5:7F:AD:F1:6A:60:C6:D9:7A:84:F7:97
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018CC8DF9BDE2860086805F4022AEC0E54F7
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bRuZ3PEb9Kqlf63xamDG2XqE95c.roa
Signing time:             Tue 02 Jan 2024 06:32:26 +0000
ROA not before:           Tue 02 Jan 2024 06:32:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50214
IP address blocks:        45.138.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 Jan 2024 10:27:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:9b:de:28:60:08:68:05:f4:02:2a:ec:0e:54:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 06:32:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6d1b99dcf11bf4aaa57fadf16a60c6d97a84f797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:36:8e:91:c6:8c:fb:7f:bc:f7:c4:43:ab:24:
                    52:dc:ef:d8:3c:81:79:e0:c4:83:19:ad:59:e9:1d:
                    f9:56:34:39:fb:ee:8a:6e:cf:38:68:cb:b0:a3:c7:
                    8d:7d:aa:d3:85:0f:3f:92:3f:94:76:a8:2c:d9:ce:
                    5a:c9:46:eb:a4:a5:f1:5c:90:5f:6e:27:9d:ee:0e:
                    1f:db:20:1d:94:10:66:7c:b2:19:19:93:e0:6c:ec:
                    e4:bf:a5:61:d1:18:96:f2:7e:13:aa:a4:13:f6:d5:
                    39:ff:21:20:14:7c:87:ce:12:4f:d3:bf:dd:c5:59:
                    81:f2:e5:be:cc:51:9b:da:73:a4:dc:f4:da:49:b5:
                    37:38:e7:3c:c1:85:df:eb:9b:3a:eb:27:f7:93:88:
                    08:3f:43:6c:b5:4c:d0:be:a4:65:e5:7f:d4:f6:97:
                    83:76:4f:49:48:59:94:da:38:ed:a7:f9:58:23:5f:
                    16:09:bb:f2:24:2b:e4:42:56:dd:0d:55:9d:70:e0:
                    3c:fb:46:6a:93:e0:a5:bb:76:2a:bb:77:e5:c0:de:
                    b9:e4:8f:b8:28:3c:ba:bc:d1:6c:49:b0:9a:4d:08:
                    23:9e:2b:6c:6f:35:56:bf:bc:cf:f6:66:dc:7e:77:
                    f8:72:7b:0c:46:90:2f:8d:da:5c:ce:42:63:54:f1:
                    21:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:1B:99:DC:F1:1B:F4:AA:A5:7F:AD:F1:6A:60:C6:D9:7A:84:F7:97
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bRuZ3PEb9Kqlf63xamDG2XqE95c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:5d:fd:5f:31:e7:a6:73:3e:29:df:d8:b2:34:f5:40:f4:67:
         de:9d:08:36:c8:03:a0:e3:1b:64:04:64:39:12:35:78:53:18:
         9a:1c:69:b6:85:2d:0e:4a:da:f9:ef:ea:69:1d:a9:69:41:57:
         aa:dc:da:e1:51:a0:e2:02:d4:cc:40:3e:f6:88:ad:ad:e7:43:
         9d:40:7a:31:31:0c:fb:f2:28:c9:74:f6:b8:d2:c9:a7:6c:57:
         e4:19:19:9e:4d:62:00:2f:a9:28:9f:cf:78:7f:a0:e3:7a:ac:
         73:b9:83:49:81:f6:5a:12:44:a9:5f:37:92:29:9b:ea:21:22:
         fa:f6:70:ca:dc:a5:b4:eb:f0:9b:d8:f4:00:19:66:f1:fc:17:
         8b:bb:23:c6:73:77:2b:4a:28:9c:73:01:56:84:72:2d:49:01:
         ac:3b:40:c8:95:0a:78:25:a0:4e:17:c7:7d:62:5a:39:32:f0:
         d4:73:c1:38:f2:9a:88:fd:d3:06:b9:e8:65:27:d6:ff:07:b7:
         15:b6:87:60:88:3d:20:a6:d9:10:77:e7:cf:68:78:c8:28:6d:
         b5:95:5b:7c:01:09:0d:a7:63:91:60:40:d5:7c:88:fd:a0:61:
         35:f0:99:77:e5:8e:b2:0c:ef:89:38:a3:4a:71:a3:b1:af:98:
         d4:e6:4f:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI35veKGAIaAX0AirsDlT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFiOTlkY2YxMWJmNGFhYTU3ZmFkZjE2YTYwYzZkOTdhODRmNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTaOkcaM+3+898RDqyRS3O/YPIF5
4MSDGa1Z6R35VjQ5++6Kbs84aMuwo8eNfarThQ8/kj+Udqgs2c5ayUbrpKXxXJBf
bied7g4f2yAdlBBmfLIZGZPgbOzkv6Vh0RiW8n4TqqQT9tU5/yEgFHyHzhJP07/d
xVmB8uW+zFGb2nOk3PTaSbU3OOc8wYXf65s66yf3k4gIP0NstUzQvqRl5X/U9peD
dk9JSFmU2jjtp/lYI18WCbvyJCvkQlbdDVWdcOA8+0Zqk+Clu3Yqu3flwN655I+4
KDy6vNFsSbCaTQgjnitsbzVWv7zP9mbcfnf4cnsMRpAvjdpczkJjVPEhUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0bmdzxG/SqpX+t8Wpgxtl6hPeXMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYlJ1WjNQRWI5S3FsZjYzeGFtREcyWHFFOTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYpJMA0G
CSqGSIb3DQEBCwUAA4IBAQCLXf1fMeemcz4p39iyNPVA9GfenQg2yAOg4xtkBGQ5
EjV4UxiaHGm2hS0OStr57+ppHalpQVeq3NrhUaDiAtTMQD72iK2t50OdQHoxMQz7
8ijJdPa40smnbFfkGRmeTWIAL6kon894f6DjeqxzuYNJgfZaEkSpXzeSKZvqISL6
9nDK3KW06/Cb2PQAGWbx/BeLuyPGc3crSiiccwFWhHItSQGsO0DIlQp4JaBOF8d9
Ylo5MvDUc8E48pqI/dMGuehlJ9b/B7cVtodgiD0gptkQd+fPaHjIKG21lVt8AQkN
p2ORYEDVfIj9oGE18Jl35Y6yDO+JOKNKcaOxr5jU5k8t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org