Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bCQy285bktoCILyZh1LE1Y1NIJQ.roa
File:                     bCQy285bktoCILyZh1LE1Y1NIJQ.roa (raw, json)
Hash identifier:          CuWcmWcFWX41SvthmoPd3tzoadFfWaYtVGtn916IL6A=
Subject key identifier:   6C:24:32:DB:CE:5B:92:DA:02:20:BC:99:87:52:C4:D5:8D:4D:20:94
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018C1B07BF2773FFF7A0D85E34395AA8D93D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bCQy285bktoCILyZh1LE1Y1NIJQ.roa
Signing time:             Wed 29 Nov 2023 12:22:21 +0000
ROA not before:           Wed 29 Nov 2023 12:22:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215951
IP address blocks:        45.90.16.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1b:07:bf:27:73:ff:f7:a0:d8:5e:34:39:5a:a8:d9:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Nov 29 12:22:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c2432dbce5b92da0220bc998752c4d58d4d2094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ec:b7:f1:f7:b5:78:4f:7c:59:22:b1:e8:39:
                    c5:27:b1:83:5d:03:93:0e:9e:d1:6e:20:bf:96:83:
                    8c:62:02:75:4f:a6:e4:69:a2:a4:aa:85:87:21:87:
                    21:e5:97:e4:13:be:dd:75:ab:d2:83:aa:fb:90:47:
                    37:9d:1f:99:3a:24:60:4c:52:c3:15:0f:36:14:4b:
                    da:15:8f:d9:5e:0b:f3:33:0e:dc:f8:c6:d0:4c:49:
                    bf:8e:4a:f0:fb:94:9d:25:3f:d7:6f:4c:52:db:f6:
                    5a:6a:e0:62:8f:47:8c:b5:7e:dc:16:6f:59:d3:b7:
                    6e:58:40:da:87:60:75:1f:3c:20:ac:0f:0e:a5:e9:
                    80:5a:48:81:02:00:24:c3:b7:91:3d:40:3f:68:64:
                    7f:13:63:7e:b2:e5:86:d1:a4:7b:df:86:84:e9:c6:
                    23:fc:a3:5c:31:ef:30:ce:1b:4b:99:44:af:6b:59:
                    bb:83:fd:da:ad:08:a1:eb:c9:f0:01:2e:4b:fb:76:
                    cf:8f:fb:e9:d2:90:f7:f8:8f:fc:b5:b0:e6:b9:93:
                    bd:a5:bb:d0:f5:dc:8c:f6:54:25:57:a3:67:d3:2b:
                    68:2d:d7:0d:a7:71:1d:e5:d8:62:a5:22:38:b0:0d:
                    71:a0:2b:32:92:ac:dc:d3:1e:a9:4f:47:ad:9d:34:
                    8b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:24:32:DB:CE:5B:92:DA:02:20:BC:99:87:52:C4:D5:8D:4D:20:94
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bCQy285bktoCILyZh1LE1Y1NIJQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:58:c4:94:e5:05:3a:24:e8:e2:83:01:72:24:3f:7a:f4:80:
         fe:06:42:1f:b0:f8:d5:18:17:8d:af:98:63:b2:fc:3e:30:69:
         97:4e:56:af:e5:b3:ce:93:e2:4f:0e:1e:05:5f:1b:c3:df:0b:
         ce:84:b2:f0:63:7b:5c:d8:2e:64:7d:ea:92:01:3b:b9:40:0a:
         59:ca:99:cf:ba:b0:e0:d5:90:5b:2e:9f:44:10:ce:01:93:65:
         d7:25:61:cd:a1:16:29:53:56:10:93:59:70:76:ac:c1:6b:40:
         04:bf:c3:1b:9e:c5:c8:ba:80:59:f2:67:50:e8:a9:6f:5c:f3:
         91:dc:f9:62:64:09:89:b7:2c:f2:c4:34:02:44:c6:fd:dd:d7:
         74:56:a5:7a:c9:0f:cd:55:ac:a0:24:26:af:e5:7e:b9:a2:d1:
         00:cd:43:fe:4b:ff:fa:08:25:d8:c3:cd:ea:7c:9a:23:e5:ee:
         35:d1:f7:60:b8:5f:ee:1e:b4:b4:b3:14:cc:b5:d4:a4:6e:df:
         f8:22:fe:d7:c5:21:66:e4:e0:8f:77:04:fb:3e:48:87:30:c6:
         83:82:5d:b7:e2:ad:60:3a:e1:77:ce:cb:05:8b:46:a8:27:a4:
         5c:88:4d:70:75:00:4d:03:c9:df:c3:25:73:6b:f0:01:94:06:
         a5:a0:99:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwbB78nc//3oNheNDlaqNk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTI5MTIyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzI0MzJkYmNlNWI5MmRhMDIyMGJjOTk4NzUyYzRkNThkNGQyMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOy38fe1eE98WSKx6DnFJ7GDXQOT
Dp7RbiC/loOMYgJ1T6bkaaKkqoWHIYch5ZfkE77ddavSg6r7kEc3nR+ZOiRgTFLD
FQ82FEvaFY/ZXgvzMw7c+MbQTEm/jkrw+5SdJT/Xb0xS2/ZaauBij0eMtX7cFm9Z
07duWEDah2B1HzwgrA8OpemAWkiBAgAkw7eRPUA/aGR/E2N+suWG0aR734aE6cYj
/KNcMe8wzhtLmUSva1m7g/3arQih68nwAS5L+3bPj/vp0pD3+I/8tbDmuZO9pbvQ
9dyM9lQlV6Nn0ytoLdcNp3Ed5dhipSI4sA1xoCsykqzc0x6pT0etnTSLtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwkMtvOW5LaAiC8mYdSxNWNTSCUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYkNReTI4NWJrdG9DSUx5WmgxTEUxWTFOSUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVoQMA0G
CSqGSIb3DQEBCwUAA4IBAQCiWMSU5QU6JOjigwFyJD969ID+BkIfsPjVGBeNr5hj
svw+MGmXTlav5bPOk+JPDh4FXxvD3wvOhLLwY3tc2C5kfeqSATu5QApZypnPurDg
1ZBbLp9EEM4Bk2XXJWHNoRYpU1YQk1lwdqzBa0AEv8MbnsXIuoBZ8mdQ6KlvXPOR
3PliZAmJtyzyxDQCRMb93dd0VqV6yQ/NVaygJCav5X65otEAzUP+S//6CCXYw83q
fJoj5e410fdguF/uHrS0sxTMtdSkbt/4Iv7XxSFm5OCPdwT7PkiHMMaDgl234q1g
OuF3zssFi0aoJ6RciE1wdQBNA8nfwyVza/ABlAaloJk6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org