Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hxrSwG9mW9ULLWAk5uyimt4zMPo.roa
File:                     hxrSwG9mW9ULLWAk5uyimt4zMPo.roa (raw, json)
Hash identifier:          cgqGoP1urh+KBNpXfidUjZ9F0iI+Faq0hMcBxGmgz+I=
Subject key identifier:   87:1A:D2:C0:6F:66:5B:D5:0B:2D:60:24:E6:EC:A2:9A:DE:33:30:FA
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C29ED8B14DBFB1A9A45E93DA79B5F
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hxrSwG9mW9ULLWAk5uyimt4zMPo.roa
Signing time:             Mon 02 Jan 2023 05:55:00 +0000
ROA not before:           Mon 02 Jan 2023 05:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199599
IP address blocks:        45.8.210.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:29:ed:8b:14:db:fb:1a:9a:45:e9:3d:a7:9b:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=871ad2c06f665bd50b2d6024e6eca29ade3330fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:0b:2d:d5:05:f8:e8:fc:c6:79:fd:9a:f9:e6:
                    a7:8a:1f:51:48:bc:e0:ba:69:4d:38:74:47:a2:18:
                    0b:f5:29:82:eb:80:a5:88:ad:81:5b:60:d4:23:28:
                    9e:44:d5:8e:9c:4b:9c:24:9d:ae:5b:2d:48:d3:59:
                    c9:3b:20:d5:4e:e1:ec:8c:75:69:f4:68:b1:7c:fd:
                    ce:82:38:c4:dc:93:a1:c0:42:b7:7b:80:69:7c:92:
                    8d:69:48:70:41:33:4d:cb:96:75:19:bd:70:d3:72:
                    a2:c2:bc:3b:33:71:b5:d2:3b:81:51:67:fc:a6:63:
                    75:ab:75:15:6d:1e:29:58:70:ba:86:59:c8:3e:ad:
                    91:a1:24:f5:e1:23:9b:8d:65:45:ad:42:5c:68:8c:
                    0d:29:22:ae:19:b6:7e:55:9a:84:e9:03:dd:4c:b1:
                    34:20:90:e3:de:07:de:8e:8e:8a:68:f7:b2:ae:41:
                    c5:8c:e8:2b:22:0a:ee:26:e6:a3:0f:50:53:fa:16:
                    a9:6f:8e:2d:56:f9:72:c2:ca:f9:42:9f:9e:aa:25:
                    19:2b:12:40:c9:8b:b5:8c:0e:20:f6:d5:b1:d1:bf:
                    a1:d5:f1:0f:9a:99:99:10:02:8b:a3:3f:ba:ec:98:
                    96:9a:38:09:8c:98:5b:f3:15:ca:2c:71:1d:6c:fa:
                    a6:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:1A:D2:C0:6F:66:5B:D5:0B:2D:60:24:E6:EC:A2:9A:DE:33:30:FA
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hxrSwG9mW9ULLWAk5uyimt4zMPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:e9:b2:7a:3b:d6:3e:c7:6a:7f:9b:95:a3:28:7d:e9:8d:20:
         7d:83:99:3d:3c:dd:8b:b4:ae:3c:bf:50:b8:8a:11:70:0c:73:
         67:73:5f:c0:66:bf:94:e8:26:2b:8f:69:0e:da:79:5e:c6:32:
         65:47:5a:70:30:21:bf:bc:0d:cc:c7:6f:01:c7:0d:a7:a4:ef:
         97:92:32:be:d6:bd:49:5c:51:26:d9:83:b4:70:90:f7:34:2c:
         78:57:9f:da:7b:1e:c8:69:26:0c:1d:f4:6d:5d:f4:37:0b:da:
         17:d8:59:7f:e9:cf:ce:d6:d8:fd:16:bb:c8:49:35:35:cb:92:
         71:de:ec:64:a0:e7:90:24:c9:10:57:fd:0e:b1:41:b7:a0:03:
         82:76:af:c3:9b:63:13:20:f9:b4:5b:bc:26:b9:97:f4:6f:83:
         46:22:f7:bd:6c:bf:8b:a7:f6:ec:65:4c:4f:44:0d:84:78:fa:
         5d:71:68:a4:d0:31:5e:8d:fe:8f:8c:2b:f8:5e:2b:2b:de:27:
         27:77:1e:83:86:5b:f1:82:66:b1:a6:cb:73:a6:3a:1e:e5:18:
         80:b7:88:d6:d3:6a:50:b6:3b:a1:c5:c1:90:ed:2c:52:ec:16:
         b8:43:1a:11:c8:a1:66:d0:eb:73:3c:15:0e:19:81:cf:a4:12:
         c4:19:7c:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDCntixTb+xqaRek9p5tfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFhZDJjMDZmNjY1YmQ1MGIyZDYwMjRlNmVjYTI5YWRlMzMzMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgst1QX46PzGef2a+eanih9RSLzg
umlNOHRHohgL9SmC64CliK2BW2DUIyieRNWOnEucJJ2uWy1I01nJOyDVTuHsjHVp
9GixfP3OgjjE3JOhwEK3e4BpfJKNaUhwQTNNy5Z1Gb1w03Kiwrw7M3G10juBUWf8
pmN1q3UVbR4pWHC6hlnIPq2RoST14SObjWVFrUJcaIwNKSKuGbZ+VZqE6QPdTLE0
IJDj3gfejo6KaPeyrkHFjOgrIgruJuajD1BT+hapb44tVvlywsr5Qp+eqiUZKxJA
yYu1jA4g9tWx0b+h1fEPmpmZEAKLoz+67JiWmjgJjJhb8xXKLHEdbPqm4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIca0sBvZlvVCy1gJObsopreMzD6MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvaHhyU3dHOW1XOVVMTFdBazV1eWltdDR6TVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjSMA0G
CSqGSIb3DQEBCwUAA4IBAQCn6bJ6O9Y+x2p/m5WjKH3pjSB9g5k9PN2LtK48v1C4
ihFwDHNnc1/AZr+U6CYrj2kO2nlexjJlR1pwMCG/vA3Mx28Bxw2npO+XkjK+1r1J
XFEm2YO0cJD3NCx4V5/aex7IaSYMHfRtXfQ3C9oX2Fl/6c/O1tj9FrvISTU1y5Jx
3uxkoOeQJMkQV/0OsUG3oAOCdq/Dm2MTIPm0W7wmuZf0b4NGIve9bL+Lp/bsZUxP
RA2EePpdcWik0DFejf6PjCv4Xisr3icndx6Dhlvxgmaxpstzpjoe5RiAt4jW02pQ
tjuhxcGQ7SxS7Ba4QxoRyKFm0OtzPBUOGYHPpBLEGXyU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org