Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/s_eHRBzkJ28vrg_OpXaTlRGFeFA.roa
File:                     s_eHRBzkJ28vrg_OpXaTlRGFeFA.roa (raw, json)
Hash identifier:          MyprddYl6y1unhyMLjUthNvhlPUqtR9hT4D8YBF+iS0=
Subject key identifier:   B3:F7:87:44:1C:E4:27:6F:2F:AE:0F:CE:A5:76:93:95:11:85:78:50
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0188BFF6D55D53F402B05C89EE604413B7F3
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/s_eHRBzkJ28vrg_OpXaTlRGFeFA.roa
Signing time:             Thu 15 Jun 2023 16:50:04 +0000
ROA not before:           Thu 15 Jun 2023 16:50:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     394844
IP address blocks:        94.154.180.0/23 maxlen: 23
                          45.67.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Jun 2023 04:06:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:bf:f6:d5:5d:53:f4:02:b0:5c:89:ee:60:44:13:b7:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jun 15 16:50:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3f787441ce4276f2fae0fcea576939511857850
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:43:bb:0c:68:b3:30:ba:50:10:44:58:52:70:
                    5e:59:a1:e4:dd:22:49:b1:ed:68:ca:c0:a6:53:c6:
                    6f:1b:5a:8b:6e:38:64:d3:bb:8b:b8:0d:40:f3:33:
                    e0:b6:b0:be:5d:32:0f:7a:3f:4e:47:58:3c:f8:c8:
                    d2:79:05:99:51:63:84:46:43:73:0c:53:06:2d:90:
                    59:53:9b:d4:c7:5f:91:ba:a3:32:bc:41:3b:0e:40:
                    96:c2:5a:ff:3a:8e:86:cf:3e:93:09:2b:ac:ca:e2:
                    9c:77:14:a5:59:00:79:8c:f5:00:3e:ef:d7:56:48:
                    6c:40:03:f6:85:d7:0b:bc:7d:40:71:1b:e0:9c:a2:
                    22:b9:01:9d:bf:35:88:7b:5b:c1:fe:16:39:9a:64:
                    b8:b1:30:b7:88:c4:ab:08:f6:bc:7f:08:5c:e3:66:
                    35:c9:ab:68:70:23:57:a9:e0:a4:70:d9:de:72:df:
                    50:36:a2:12:5b:bc:0a:d7:23:93:33:28:2c:15:f3:
                    d5:29:b2:8e:b0:ea:f4:19:fc:06:b1:ca:d4:36:9d:
                    60:0a:45:db:1d:be:0b:e9:99:cb:6a:06:42:ab:78:
                    8a:4b:c2:0a:a9:7c:95:aa:fd:d4:a4:8d:9e:30:82:
                    3a:d3:0e:0d:92:ca:6b:d5:0e:5d:eb:8e:fa:94:bf:
                    3e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:F7:87:44:1C:E4:27:6F:2F:AE:0F:CE:A5:76:93:95:11:85:78:50
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/s_eHRBzkJ28vrg_OpXaTlRGFeFA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.140.0/24
                  94.154.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         88:ba:38:30:0a:44:9a:bb:83:5d:f7:95:32:4d:0f:16:ec:cd:
         57:68:59:6e:6c:5e:7c:99:ec:6e:ec:40:08:87:c3:eb:63:e4:
         cf:60:fa:c1:2c:c8:ec:1e:36:2e:0b:52:b0:4e:43:dd:06:27:
         a9:d5:5c:b8:88:1d:92:79:14:47:92:7a:c5:4e:ef:55:e6:a3:
         3e:42:1c:f6:49:5f:b0:02:0c:c1:ea:63:72:cf:ce:af:be:7a:
         1a:27:3a:31:fb:9f:4d:66:d3:93:50:56:de:60:9d:37:56:00:
         54:6e:56:c1:9a:5d:2f:92:73:33:38:f2:3c:25:22:a7:02:1d:
         f6:1b:1d:4c:64:61:99:63:8d:61:a2:7c:34:bd:e4:c6:ea:d6:
         ba:07:f7:fe:2b:0f:5d:30:d2:85:41:a1:a2:42:cb:bc:42:47:
         03:d0:1e:ec:52:4f:a6:02:2d:33:1b:e5:39:9e:9d:83:ec:ab:
         cd:9a:e3:23:fd:82:63:57:bc:8c:0b:a8:44:9e:f8:c4:fa:0e:
         9d:35:f2:6c:66:d8:1c:bc:d3:b6:3f:e4:ee:1d:1e:4d:ce:0d:
         ed:60:f5:9e:78:ce:6c:66:0f:7b:df:8a:54:5c:b0:e7:52:c3:
         c9:4a:97:2e:a1:7c:75:23:de:65:bc:a7:04:11:2a:fd:d6:d4:
         03:7a:c2:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi/9tVdU/QCsFyJ7mBEE7fzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwNjE1MTY1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Y3ODc0NDFjZTQyNzZmMmZhZTBmY2VhNTc2OTM5NTExODU3ODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikO7DGizMLpQEERYUnBeWaHk3SJJ
se1oysCmU8ZvG1qLbjhk07uLuA1A8zPgtrC+XTIPej9OR1g8+MjSeQWZUWOERkNz
DFMGLZBZU5vUx1+RuqMyvEE7DkCWwlr/Oo6Gzz6TCSusyuKcdxSlWQB5jPUAPu/X
VkhsQAP2hdcLvH1AcRvgnKIiuQGdvzWIe1vB/hY5mmS4sTC3iMSrCPa8fwhc42Y1
yatocCNXqeCkcNnect9QNqISW7wK1yOTMygsFfPVKbKOsOr0GfwGscrUNp1gCkXb
Hb4L6ZnLagZCq3iKS8IKqXyVqv3UpI2eMII60w4Nkspr1Q5d6476lL8+nQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLP3h0Qc5CdvL64PzqV2k5URhXhQMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvc19lSFJCemtKMjh2cmdfT3BYYVRsUkdGZUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUOMAwQB
Xpq0MA0GCSqGSIb3DQEBCwUAA4IBAQCIujgwCkSau4Nd95UyTQ8W7M1XaFlubF58
mexu7EAIh8PrY+TPYPrBLMjsHjYuC1KwTkPdBiep1Vy4iB2SeRRHknrFTu9V5qM+
Qhz2SV+wAgzB6mNyz86vvnoaJzox+59NZtOTUFbeYJ03VgBUblbBml0vknMzOPI8
JSKnAh32Gx1MZGGZY41honw0veTG6ta6B/f+Kw9dMNKFQaGiQsu8QkcD0B7sUk+m
Ai0zG+U5np2D7KvNmuMj/YJjV7yMC6hEnvjE+g6dNfJsZtgcvNO2P+TuHR5Nzg3t
YPWeeM5sZg9734pUXLDnUsPJSpcuoXx1I95lvKcEESr91tQDesKs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:17 2024 by rpki-client on console-ams.rpki-client.org