Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GpG-yieIF_mSkw61QnS5jaFpuDs.roa
File:                     GpG-yieIF_mSkw61QnS5jaFpuDs.roa (raw, json)
Hash identifier:          OBd+7txxiO2pnBHpxvLPcNEgX00V26pWWwjwrHXrogo=
Subject key identifier:   1A:91:BE:CA:27:88:17:F9:92:93:0E:B5:42:74:B9:8D:A1:69:B8:3B
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C53FED4B2E18A9530155E8E7E685F4D
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GpG-yieIF_mSkw61QnS5jaFpuDs.roa
Signing time:             Sun 01 Jan 2023 07:55:21 +0000
ROA not before:           Sun 01 Jan 2023 07:55:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59598
IP address blocks:        45.136.2.0/24 maxlen: 32
                          45.136.1.0/24 maxlen: 32
                          45.136.0.0/24 maxlen: 32
                          45.136.3.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:fe:d4:b2:e1:8a:95:30:15:5e:8e:7e:68:5f:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a91beca278817f992930eb54274b98da169b83b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:4a:4a:66:50:7f:0c:06:17:62:ab:17:55:ff:
                    5b:b9:e1:14:b2:68:f0:18:33:17:12:7a:a4:7d:69:
                    1f:13:10:0b:05:00:37:0c:a0:c4:36:cd:fd:3c:6c:
                    68:ec:f4:c2:d1:91:2f:41:b0:61:f8:a0:6e:f3:a3:
                    99:cc:f9:a3:7f:81:bc:11:c2:ab:c0:07:35:d5:f3:
                    4a:02:f6:75:1f:3a:c2:32:63:3f:fe:23:c2:19:16:
                    37:78:7b:36:0a:0e:37:fb:de:6b:48:51:66:4e:a0:
                    a6:71:49:a6:7a:e3:f9:d2:64:2e:5b:5d:43:ed:98:
                    99:51:f9:a7:67:2f:11:03:b2:7d:b7:a6:70:b5:43:
                    b8:7f:f5:be:30:61:50:e0:c7:28:da:2d:99:0c:95:
                    da:58:64:18:2c:8e:d1:00:06:7f:b8:81:5b:44:a8:
                    d6:31:33:05:23:24:c3:e2:17:b3:be:30:97:88:ba:
                    ce:84:b5:9f:02:06:c2:ff:1b:cc:95:9f:80:a2:09:
                    ba:ee:07:38:8f:55:30:e5:37:3b:60:e8:70:a6:4a:
                    09:0f:dd:b2:bd:8c:c8:44:86:c9:60:55:9d:15:0c:
                    b7:89:55:8f:31:d9:21:7c:2a:0b:28:4b:fa:94:ed:
                    96:03:89:57:c9:b4:d7:e8:e4:03:8e:e8:6d:ec:f3:
                    f7:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:91:BE:CA:27:88:17:F9:92:93:0E:B5:42:74:B9:8D:A1:69:B8:3B
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GpG-yieIF_mSkw61QnS5jaFpuDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:4e:3d:74:3f:e6:c4:69:46:2b:31:61:f1:7e:0d:2c:db:e1:
         01:1a:3b:44:b2:c4:0f:a5:5d:5e:f6:80:8f:23:5e:f7:95:cd:
         37:1a:00:87:3b:77:20:e6:68:dd:8e:68:fe:60:ce:d4:a5:62:
         cb:22:4a:df:1e:91:c0:23:50:7a:50:0a:58:cb:a4:91:35:ca:
         25:ce:16:50:66:88:ee:7c:4a:28:3b:47:3e:71:ee:4d:f8:ed:
         5f:f6:48:54:1d:5f:67:49:c5:18:39:8c:12:66:d3:81:e2:c6:
         5c:58:4c:ed:c6:72:65:e0:ad:dc:df:b4:d1:91:f0:47:dc:c0:
         ad:2d:f3:31:9f:87:ef:52:34:89:cb:02:84:0e:f7:48:42:9b:
         20:1f:3e:3f:5f:2b:52:65:51:3d:3d:6d:21:48:0c:6b:fd:b9:
         03:d3:59:22:b2:5b:ee:49:37:0a:1e:39:07:04:01:18:15:23:
         36:a4:a7:9a:bd:3b:35:50:d9:79:23:51:bf:6b:ee:93:e3:51:
         6e:2d:78:41:12:af:86:5a:77:85:1e:89:06:09:30:01:1c:93:
         61:b7:f6:2d:51:aa:78:e5:9c:a7:84:15:15:dd:da:a0:96:4e:
         7a:20:14:36:40:11:78:cd:5d:d8:e1:ea:1f:1e:c3:ce:64:68:
         8b:10:03:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU/7UsuGKlTAVXo5+aF9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkxYmVjYTI3ODgxN2Y5OTI5MzBlYjU0Mjc0Yjk4ZGExNjliODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUpKZlB/DAYXYqsXVf9bueEUsmjw
GDMXEnqkfWkfExALBQA3DKDENs39PGxo7PTC0ZEvQbBh+KBu86OZzPmjf4G8EcKr
wAc11fNKAvZ1HzrCMmM//iPCGRY3eHs2Cg43+95rSFFmTqCmcUmmeuP50mQuW11D
7ZiZUfmnZy8RA7J9t6ZwtUO4f/W+MGFQ4Mco2i2ZDJXaWGQYLI7RAAZ/uIFbRKjW
MTMFIyTD4hezvjCXiLrOhLWfAgbC/xvMlZ+Aogm67gc4j1Uw5Tc7YOhwpkoJD92y
vYzIRIbJYFWdFQy3iVWPMdkhfCoLKEv6lO2WA4lXybTX6OQDjuht7PP38QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqRvsoniBf5kpMOtUJ0uY2habg7MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvR3BHLXlpZUlGX21Ta3c2MVFuUzVqYUZwdURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYgAMA0G
CSqGSIb3DQEBCwUAA4IBAQACTj10P+bEaUYrMWHxfg0s2+EBGjtEssQPpV1e9oCP
I173lc03GgCHO3cg5mjdjmj+YM7UpWLLIkrfHpHAI1B6UApYy6SRNcolzhZQZoju
fEooO0c+ce5N+O1f9khUHV9nScUYOYwSZtOB4sZcWEztxnJl4K3c37TRkfBH3MCt
LfMxn4fvUjSJywKEDvdIQpsgHz4/XytSZVE9PW0hSAxr/bkD01kislvuSTcKHjkH
BAEYFSM2pKeavTs1UNl5I1G/a+6T41FuLXhBEq+GWneFHokGCTABHJNht/YtUap4
5ZynhBUV3dqglk56IBQ2QBF4zV3Y4eofHsPOZGiLEAPP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org