Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/fFNGqlP9lNSPIZUccJLciwc4FoQ.roa
File:                     fFNGqlP9lNSPIZUccJLciwc4FoQ.roa (raw, json)
Hash identifier:          Q/C/C1z3/jg7u4ZVpNTdWDM69A3CH2FztLL+MwJAOiY=
Subject key identifier:   7C:53:46:AA:53:FD:94:D4:8F:21:95:1C:70:92:DC:8B:07:38:16:84
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C3ADE118849507D46CDE60F3B8E6D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/fFNGqlP9lNSPIZUccJLciwc4FoQ.roa
Signing time:             Mon 02 Jan 2023 05:55:05 +0000
ROA not before:           Mon 02 Jan 2023 05:55:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208413
IP address blocks:        45.138.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:3a:de:11:88:49:50:7d:46:cd:e6:0f:3b:8e:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:55:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c5346aa53fd94d48f21951c7092dc8b07381684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:36:27:a5:bb:16:84:4a:76:28:d7:8a:43:1b:
                    bf:f7:a2:2c:30:42:65:79:8d:f2:80:79:c9:2f:8c:
                    5c:6e:fb:40:87:52:cf:e5:32:d6:6c:17:c7:41:2d:
                    1d:1f:a2:bc:08:fd:a4:88:8f:6d:90:bb:aa:8f:65:
                    59:a0:75:d5:a8:fa:72:fe:3e:6a:fa:84:ab:a3:e2:
                    42:87:f1:c5:43:be:bd:89:d9:7b:bb:0d:d0:78:d1:
                    08:6a:5a:67:26:52:57:53:2c:c6:a1:e6:04:29:d0:
                    dd:e7:a8:0b:24:d2:c4:1e:8c:57:9c:e2:98:09:59:
                    e1:03:b4:76:ff:00:31:12:9f:d3:27:d4:87:83:2c:
                    9d:e2:9a:b1:48:7a:3b:d1:61:a3:c4:08:52:e7:c0:
                    9e:b3:86:bc:f0:5c:c7:6e:c5:01:de:45:36:69:67:
                    56:6b:81:38:1d:57:9d:49:b4:71:94:35:3c:60:d2:
                    85:e6:16:99:38:4d:c6:14:70:cc:9b:37:9c:10:97:
                    6b:fc:a3:86:5f:6e:7a:09:b2:ae:cb:da:0a:db:91:
                    f1:f8:2c:c6:69:2f:89:7d:81:45:d9:be:78:a4:11:
                    b7:c8:29:62:44:82:01:9a:ea:ba:76:d6:57:44:b5:
                    d0:1e:89:cc:78:a7:f4:5e:2a:ab:50:be:43:a0:75:
                    e9:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:53:46:AA:53:FD:94:D4:8F:21:95:1C:70:92:DC:8B:07:38:16:84
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/fFNGqlP9lNSPIZUccJLciwc4FoQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:f1:d1:32:dd:75:fa:b8:f8:7d:48:d9:c9:e0:d6:46:c3:b4:
         34:22:7b:49:f4:14:71:92:d1:a5:d1:a3:30:1a:51:d7:92:45:
         2a:66:36:7f:6f:e2:39:28:b9:c8:ec:48:1f:e3:af:5e:a5:3c:
         a6:33:60:93:77:cc:81:37:97:40:f4:45:b8:3a:e9:e0:af:7c:
         4f:9e:41:ed:b0:58:15:b9:73:b8:17:aa:e5:83:09:0c:60:52:
         26:11:90:4d:cb:03:6f:e7:57:e4:00:5f:dd:58:78:ba:a0:3d:
         8e:8a:72:51:77:73:45:fd:b9:14:41:19:98:c1:39:0d:8b:2e:
         3b:49:58:68:73:1c:e4:cf:0f:ae:33:a4:91:7b:4c:3d:93:95:
         c4:c6:6b:8e:82:f8:7a:84:57:ef:eb:06:49:24:d3:bc:8a:e8:
         3f:34:81:70:90:5f:a6:11:32:27:8e:ca:05:17:fc:b7:ee:ae:
         31:9d:5a:70:b6:05:fa:f0:4a:03:1a:44:7e:0e:99:09:fc:2c:
         92:8e:48:e4:22:53:22:57:70:77:cd:29:1c:ce:ea:4a:e6:6c:
         2a:91:3c:73:9d:92:39:6d:1f:8e:4a:0e:27:ee:b7:39:6d:68:
         be:5e:6c:ff:5e:62:4c:23:0e:6a:27:d9:79:39:a3:2d:24:55:
         44:35:34:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDDreEYhJUH1GzeYPO45tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzUzNDZhYTUzZmQ5NGQ0OGYyMTk1MWM3MDkyZGM4YjA3MzgxNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjYnpbsWhEp2KNeKQxu/96IsMEJl
eY3ygHnJL4xcbvtAh1LP5TLWbBfHQS0dH6K8CP2kiI9tkLuqj2VZoHXVqPpy/j5q
+oSro+JCh/HFQ769idl7uw3QeNEIalpnJlJXUyzGoeYEKdDd56gLJNLEHoxXnOKY
CVnhA7R2/wAxEp/TJ9SHgyyd4pqxSHo70WGjxAhS58Ces4a88FzHbsUB3kU2aWdW
a4E4HVedSbRxlDU8YNKF5haZOE3GFHDMmzecEJdr/KOGX256CbKuy9oK25Hx+CzG
aS+JfYFF2b54pBG3yCliRIIBmuq6dtZXRLXQHonMeKf0XiqrUL5DoHXpYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxTRqpT/ZTUjyGVHHCS3IsHOBaEMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvZkZOR3FsUDlsTlNQSVpVY2NKTGNpd2M0Rm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYpLMA0G
CSqGSIb3DQEBCwUAA4IBAQBw8dEy3XX6uPh9SNnJ4NZGw7Q0IntJ9BRxktGl0aMw
GlHXkkUqZjZ/b+I5KLnI7Egf469epTymM2CTd8yBN5dA9EW4Oungr3xPnkHtsFgV
uXO4F6rlgwkMYFImEZBNywNv51fkAF/dWHi6oD2OinJRd3NF/bkUQRmYwTkNiy47
SVhocxzkzw+uM6SRe0w9k5XExmuOgvh6hFfv6wZJJNO8iug/NIFwkF+mETInjsoF
F/y37q4xnVpwtgX68EoDGkR+DpkJ/CySjkjkIlMiV3B3zSkczupK5mwqkTxznZI5
bR+OSg4n7rc5bWi+Xmz/XmJMIw5qJ9l5OaMtJFVENTSF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org