Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/9a0ef7-dd34-4671-bf51-5f2c1050375d/1/Xg2b_tVNLRi4pzhyKh0jBl03qjc.roa
File:                     Xg2b_tVNLRi4pzhyKh0jBl03qjc.roa (raw, json)
Hash identifier:          opwauBtoePbkrVSMKxMtPnokwFGEPZoGhvtl/bs1lMg=
Subject key identifier:   5E:0D:9B:FE:D5:4D:2D:18:B8:A7:38:72:2A:1D:23:06:5D:37:AA:37
Certificate issuer:       /CN=905deafea3bad9248217b1629e42cffc7e491bd9
Certificate serial:       01857231221FE27683757C76CEAD092151FE
Authority key identifier: 90:5D:EA:FE:A3:BA:D9:24:82:17:B1:62:9E:42:CF:FC:7E:49:1B:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kF3q_qO62SSCF7FinkLP_H5JG9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/9a0ef7-dd34-4671-bf51-5f2c1050375d/1/Xg2b_tVNLRi4pzhyKh0jBl03qjc.roa
Signing time:             Mon 02 Jan 2023 11:15:00 +0000
ROA not before:           Mon 02 Jan 2023 11:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208609
IP address blocks:        45.92.68.0/23 maxlen: 23
                          45.92.69.0/24 maxlen: 24
                          45.92.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:31:22:1f:e2:76:83:75:7c:76:ce:ad:09:21:51:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=905deafea3bad9248217b1629e42cffc7e491bd9
        Validity
            Not Before: Jan  2 11:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e0d9bfed54d2d18b8a738722a1d23065d37aa37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:9f:71:a5:c3:10:5e:e7:6e:08:a6:55:5b:5f:
                    69:0a:9b:ec:e1:4f:81:4d:f6:2b:da:ee:96:46:3e:
                    4d:6e:15:c5:3b:45:2e:18:40:c8:d1:c7:28:95:c5:
                    cd:80:eb:fc:0d:42:cd:05:39:eb:ba:44:00:b2:58:
                    c4:68:f9:04:21:34:49:14:59:2b:0d:12:ba:4c:b9:
                    e4:34:2c:95:f1:eb:09:64:67:e1:df:60:6e:17:69:
                    f1:bd:ea:1a:d7:30:97:49:65:76:90:c9:96:7d:62:
                    df:cb:ac:fb:0b:84:fb:0b:dc:0e:cd:84:ec:4d:24:
                    1d:82:40:ea:53:3b:7e:01:6a:8f:df:54:ba:75:e5:
                    fd:3a:22:d3:15:f1:ba:60:77:55:36:32:cd:60:3a:
                    4e:50:37:5b:a7:39:38:33:53:9d:2c:f9:89:80:7d:
                    7b:2c:0d:7e:51:36:74:57:46:bc:cf:68:a0:b8:61:
                    fd:9f:ca:7a:83:c2:4f:0d:88:79:4b:f7:9b:f9:44:
                    63:3b:d2:ab:2e:ed:12:07:d4:fe:80:83:d9:be:5a:
                    1d:60:2c:f6:97:04:1e:95:85:4a:3b:d0:88:9e:a9:
                    c0:d1:65:1c:c6:d1:2d:12:a9:38:0a:7e:93:2b:29:
                    d1:e2:bd:a5:83:d7:51:c2:b0:9e:78:59:37:0c:17:
                    a5:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:0D:9B:FE:D5:4D:2D:18:B8:A7:38:72:2A:1D:23:06:5D:37:AA:37
            X509v3 Authority Key Identifier:
                keyid:90:5D:EA:FE:A3:BA:D9:24:82:17:B1:62:9E:42:CF:FC:7E:49:1B:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kF3q_qO62SSCF7FinkLP_H5JG9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/9a0ef7-dd34-4671-bf51-5f2c1050375d/1/Xg2b_tVNLRi4pzhyKh0jBl03qjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/9a0ef7-dd34-4671-bf51-5f2c1050375d/1/kF3q_qO62SSCF7FinkLP_H5JG9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.92.68.0/23

    Signature Algorithm: sha256WithRSAEncryption
         40:a9:48:20:6d:67:be:f3:f9:33:a0:a6:aa:04:2c:9f:ac:32:
         99:7d:05:9a:9b:84:e7:25:b6:7d:c7:27:a5:e2:05:e2:d7:c1:
         2d:93:2f:70:22:f2:39:ea:63:0b:f8:a9:24:d4:b4:9e:f1:b2:
         16:2c:0a:b5:58:b0:0a:42:bc:32:84:e0:bb:3c:5d:cb:f7:fc:
         3e:a8:76:d4:30:79:55:f5:47:48:d6:12:a8:39:31:ff:16:ca:
         2c:6f:02:c1:10:a0:21:ee:0e:b3:e9:21:d1:10:a5:3c:ad:41:
         61:c2:9b:bd:81:d9:0b:28:ef:9f:90:fc:c1:22:0f:12:20:c5:
         b2:38:00:20:3e:00:87:03:34:4f:0f:12:d4:20:2d:ca:aa:d8:
         c6:ae:35:dc:d7:cf:6b:07:6e:0e:3f:f6:99:2c:f8:35:31:10:
         87:8e:f0:6f:64:94:fc:3e:d8:8b:0e:7a:23:1c:1e:73:d2:96:
         a2:65:5b:01:ff:66:a1:d6:14:d9:24:07:19:a5:b9:e3:35:6a:
         bc:6b:c2:fd:51:80:0d:e9:b4:23:a4:13:f4:d9:9b:26:6a:9f:
         08:3c:13:be:7d:01:09:04:91:1c:6f:f1:4e:6f:26:53:53:bf:
         ba:ab:e4:ee:25:0b:d6:f2:82:a9:dd:dc:c0:02:ad:a8:eb:ba:
         42:16:e8:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMSIf4naDdXx2zq0JIVH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNWRlYWZlYTNiYWQ5MjQ4MjE3YjE2MjllNDJjZmZjN2U0
OTFiZDkwHhcNMjMwMTAyMTExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTBkOWJmZWQ1NGQyZDE4YjhhNzM4NzIyYTFkMjMwNjVkMzdhYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh59xpcMQXuduCKZVW19pCpvs4U+B
TfYr2u6WRj5NbhXFO0UuGEDI0ccolcXNgOv8DULNBTnrukQAsljEaPkEITRJFFkr
DRK6TLnkNCyV8esJZGfh32BuF2nxveoa1zCXSWV2kMmWfWLfy6z7C4T7C9wOzYTs
TSQdgkDqUzt+AWqP31S6deX9OiLTFfG6YHdVNjLNYDpOUDdbpzk4M1OdLPmJgH17
LA1+UTZ0V0a8z2iguGH9n8p6g8JPDYh5S/eb+URjO9KrLu0SB9T+gIPZvlodYCz2
lwQelYVKO9CInqnA0WUcxtEtEqk4Cn6TKynR4r2lg9dRwrCeeFk3DBel+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4Nm/7VTS0YuKc4ciodIwZdN6o3MB8GA1UdIwQY
MBaAFJBd6v6jutkkghexYp5Cz/x+SRvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0YzcV9xTzYyU1NDRjdGaW5rTFBfSDVKRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi85YTBlZjctZGQzNC00NjcxLWJmNTEt
NWYyYzEwNTAzNzVkLzEvWGcyYl90Vk5MUmk0cHpoeUtoMGpCbDAzcWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi85YTBlZjctZGQzNC00NjcxLWJmNTEtNWYyYzEwNTAzNzVk
LzEva0YzcV9xTzYyU1NDRjdGaW5rTFBfSDVKRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVxEMA0G
CSqGSIb3DQEBCwUAA4IBAQBAqUggbWe+8/kzoKaqBCyfrDKZfQWam4TnJbZ9xyel
4gXi18Etky9wIvI56mML+Kkk1LSe8bIWLAq1WLAKQrwyhOC7PF3L9/w+qHbUMHlV
9UdI1hKoOTH/FsosbwLBEKAh7g6z6SHREKU8rUFhwpu9gdkLKO+fkPzBIg8SIMWy
OAAgPgCHAzRPDxLUIC3KqtjGrjXc189rB24OP/aZLPg1MRCHjvBvZJT8PtiLDnoj
HB5z0paiZVsB/2ah1hTZJAcZpbnjNWq8a8L9UYAN6bQjpBP02Zsmap8IPBO+fQEJ
BJEcb/FObyZTU7+6q+TuJQvW8oKp3dzAAq2o67pCFujx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:16 2024 by rpki-client on console-fra.rpki-client.org