Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Xynq3i5zDsC_1k00UYAzTRujdU4.roa
File:                     Xynq3i5zDsC_1k00UYAzTRujdU4.roa (raw, json)
Hash identifier:          VBf3ErKirJcjZ+kKNSOgzzLMbuWt5GQoYHBXi3peWHY=
Subject key identifier:   5F:29:EA:DE:2E:73:0E:C0:BF:D6:4D:34:51:80:33:4D:1B:A3:75:4E
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0185710C316A158126293360FFE6AB1A7581
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Xynq3i5zDsC_1k00UYAzTRujdU4.roa
Signing time:             Mon 02 Jan 2023 05:55:02 +0000
ROA not before:           Mon 02 Jan 2023 05:55:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     32780
IP address blocks:        212.60.12.0/24 maxlen: 24
                          45.67.141.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:31:6a:15:81:26:29:33:60:ff:e6:ab:1a:75:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan  2 05:55:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f29eade2e730ec0bfd64d345180334d1ba3754e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4e:f9:5a:4c:c5:e8:0e:b7:a8:1a:b5:d3:aa:
                    fa:64:03:d7:fa:ea:f2:d0:49:ce:9d:ed:ee:b2:c2:
                    3e:aa:95:b3:f2:f5:7e:b7:fd:ea:38:f4:54:33:0b:
                    1b:a9:97:24:b6:5c:f0:28:e2:e3:99:d8:d5:c5:4b:
                    1f:40:df:f0:66:36:f4:3b:77:96:13:17:02:e4:98:
                    26:5a:c4:5d:d5:fe:d5:2f:c7:b7:d5:fb:8c:d0:e9:
                    00:e5:1e:3d:52:f3:c6:ea:63:fc:85:53:69:41:02:
                    cd:a4:0a:1a:b5:99:f5:73:5a:7b:96:97:3b:a5:6e:
                    51:f6:64:82:d4:5b:bc:b8:0a:fa:2f:4a:a5:b7:f4:
                    22:3f:74:da:19:4c:5c:44:37:16:04:43:0e:6b:78:
                    c0:db:c6:cb:a4:0b:a8:ed:86:7c:5a:2f:ac:91:64:
                    9c:13:b1:a4:d4:4c:97:d6:60:a5:9c:61:28:a3:06:
                    03:79:f8:2e:97:40:15:59:de:b0:de:51:ad:e9:d1:
                    60:14:c5:61:60:88:0d:f3:b2:19:97:61:38:87:60:
                    7c:fa:14:3b:28:8a:0a:f5:44:10:e3:7a:bd:b6:e1:
                    8b:a7:0b:5c:2a:55:be:a6:2e:2c:19:e1:d5:36:d8:
                    c0:26:69:65:3f:ea:da:a0:13:1b:0f:c1:cf:f3:81:
                    36:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:29:EA:DE:2E:73:0E:C0:BF:D6:4D:34:51:80:33:4D:1B:A3:75:4E
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Xynq3i5zDsC_1k00UYAzTRujdU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.141.0/24
                  212.60.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:61:be:f3:5c:9b:6b:71:fb:a2:09:7f:a9:23:59:02:fe:1e:
         9a:e2:1c:88:83:8e:bf:3a:8a:02:28:1d:07:f3:c6:87:b6:cd:
         8f:74:d4:8c:03:1c:a9:1d:cd:a6:0e:3e:52:5c:d3:5e:ab:5c:
         cd:ab:f6:fe:46:92:52:11:43:ff:ff:fa:82:18:f6:09:b1:ef:
         95:3a:31:a3:90:66:7c:3d:ba:ef:fc:c0:2c:0d:fb:f6:c0:df:
         1c:36:bd:2d:5b:2c:ce:b8:94:a4:f8:93:d0:7c:44:8a:10:5e:
         2b:00:8f:cc:07:b9:61:b4:c7:00:96:d8:d6:46:05:22:c0:8c:
         8b:16:02:95:a3:10:c1:62:05:5c:ef:db:0e:b3:9f:1b:80:85:
         21:41:87:f0:15:6f:b6:f6:5f:d4:db:91:ad:3c:16:d6:6d:d5:
         a7:15:8f:f4:91:44:d0:f1:64:fb:c9:83:32:b9:e0:f5:06:b4:
         6d:e1:fc:bf:9f:1c:2e:bd:2a:64:95:09:39:39:f8:ab:0d:e5:
         57:47:ff:60:a4:ad:40:01:eb:32:21:e3:64:76:f8:d1:c3:23:
         90:5e:3d:f9:af:6d:53:13:37:2d:c8:8b:d0:96:5f:18:4a:fe:
         d5:53:88:ac:23:b1:70:f2:2d:6b:f7:f2:b7:11:35:5c:f2:e6:
         54:24:9d:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxDDFqFYEmKTNg/+arGnWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI5ZWFkZTJlNzMwZWMwYmZkNjRkMzQ1MTgwMzM0ZDFiYTM3NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU75WkzF6A63qBq106r6ZAPX+ury
0EnOne3ussI+qpWz8vV+t/3qOPRUMwsbqZcktlzwKOLjmdjVxUsfQN/wZjb0O3eW
ExcC5JgmWsRd1f7VL8e31fuM0OkA5R49UvPG6mP8hVNpQQLNpAoatZn1c1p7lpc7
pW5R9mSC1Fu8uAr6L0qlt/QiP3TaGUxcRDcWBEMOa3jA28bLpAuo7YZ8Wi+skWSc
E7Gk1EyX1mClnGEoowYDefgul0AVWd6w3lGt6dFgFMVhYIgN87IZl2E4h2B8+hQ7
KIoK9UQQ43q9tuGLpwtcKlW+pi4sGeHVNtjAJmllP+raoBMbD8HP84E2gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF8p6t4ucw7Av9ZNNFGAM00bo3VOMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvWHlucTNpNXpEc0NfMWswMFVZQXpUUnVqZFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUONAwQA
1DwMMA0GCSqGSIb3DQEBCwUAA4IBAQBXYb7zXJtrcfuiCX+pI1kC/h6a4hyIg46/
OooCKB0H88aHts2PdNSMAxypHc2mDj5SXNNeq1zNq/b+RpJSEUP///qCGPYJse+V
OjGjkGZ8Pbrv/MAsDfv2wN8cNr0tWyzOuJSk+JPQfESKEF4rAI/MB7lhtMcAltjW
RgUiwIyLFgKVoxDBYgVc79sOs58bgIUhQYfwFW+29l/U25GtPBbWbdWnFY/0kUTQ
8WT7yYMyueD1BrRt4fy/nxwuvSpklQk5OfirDeVXR/9gpK1AAesyIeNkdvjRwyOQ
Xj35r21TEzctyIvQll8YSv7VU4isI7Fw8i1r9/K3ETVc8uZUJJ3a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org