Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/LAm09GnL6fIsW1Z0hzjaW9pMDmA.roa
File:                     LAm09GnL6fIsW1Z0hzjaW9pMDmA.roa (raw, json)
Hash identifier:          EQ8/uFuZdjAxOS160nC0Pt6qcalBzWUGsZF4gNeJL3E=
Subject key identifier:   2C:09:B4:F4:69:CB:E9:F2:2C:5B:56:74:87:38:DA:5B:DA:4C:0E:60
Certificate issuer:       /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial:       018CC348F0B2E468E884AB559818A6F2B04F
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/LAm09GnL6fIsW1Z0hzjaW9pMDmA.roa
Signing time:             Mon 01 Jan 2024 04:29:46 +0000
ROA not before:           Mon 01 Jan 2024 04:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        145.46.168.0/24 maxlen: 24
                          145.46.170.0/24 maxlen: 24
                          145.46.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 16 Oct 2024 14:36:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:f0:b2:e4:68:e8:84:ab:55:98:18:a6:f2:b0:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
        Validity
            Not Before: Jan  1 04:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2c09b4f469cbe9f22c5b56748738da5bda4c0e60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e0:4b:ef:12:67:39:ab:49:3f:54:2d:0c:bb:
                    53:05:a2:7b:75:6f:94:93:74:3c:0f:af:f9:ad:7b:
                    5f:bb:83:5e:57:bf:3a:fc:68:d8:05:29:5b:8a:cb:
                    39:5d:99:4c:c5:b1:68:ac:65:45:bd:5a:3c:8d:f4:
                    c0:95:83:a9:f5:1e:39:0e:bf:a1:89:c1:b6:aa:5b:
                    ef:7c:20:5e:80:29:bf:b1:1b:7a:56:00:ab:67:d7:
                    98:09:19:54:7c:ed:1b:e0:bd:24:d3:ad:bc:bf:e7:
                    bf:b9:8f:cf:cd:27:aa:cd:3a:a1:03:13:90:22:76:
                    d0:d1:70:92:0c:fc:d3:9f:db:9a:77:6d:bc:2a:99:
                    2e:c0:df:18:7f:6b:bd:10:f1:a5:59:e8:a5:4b:94:
                    4c:16:8a:c0:23:75:cb:30:f0:59:28:1a:4b:95:38:
                    1c:d3:52:d6:33:85:62:fb:90:eb:3b:ab:8a:1e:f7:
                    79:16:5b:6e:04:78:36:e1:6e:6b:b3:fe:49:d9:69:
                    05:04:66:97:c4:fe:b0:90:a7:dc:43:e7:99:c8:fa:
                    1e:49:fd:26:83:2f:7d:32:d0:20:ed:c2:ae:2a:13:
                    d5:f8:29:da:ab:b3:25:f8:32:0a:28:e4:42:86:5b:
                    c4:03:7c:5b:01:40:93:30:da:12:e3:7b:79:c3:5c:
                    8f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:09:B4:F4:69:CB:E9:F2:2C:5B:56:74:87:38:DA:5B:DA:4C:0E:60
            X509v3 Authority Key Identifier:
                keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/LAm09GnL6fIsW1Z0hzjaW9pMDmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.46.168.0-145.46.170.255

    Signature Algorithm: sha256WithRSAEncryption
         7d:48:86:3c:e9:6e:51:e3:71:48:9e:ed:40:25:cb:48:da:5a:
         02:07:57:6f:1d:8d:d3:ff:e3:15:48:e0:00:24:95:3d:91:8f:
         e2:72:4c:1e:55:05:3e:a5:e5:8d:42:f6:5d:27:d1:ee:fa:c3:
         1f:89:e1:40:59:5d:90:97:af:70:e3:68:a2:3d:6d:df:25:e6:
         47:b4:41:e0:30:6c:e9:99:d1:48:cf:7a:3b:91:06:7b:df:f4:
         fb:7f:61:e3:58:62:92:47:a9:06:a7:68:b0:22:dc:93:b6:95:
         55:95:b4:63:55:56:f9:7f:69:90:12:62:4f:a7:77:dc:9d:c9:
         52:7f:1a:e8:6a:79:22:c2:bf:59:0d:03:d7:08:d1:c5:e7:73:
         08:6d:50:5f:3d:c6:1c:84:b0:08:e3:f5:52:a1:94:17:ae:02:
         ee:14:75:21:c7:c9:57:9d:4f:fd:af:80:0f:e0:a0:07:fd:ce:
         6e:25:f3:3b:34:d4:cb:d2:8d:6c:6c:69:0e:6e:70:f4:00:47:
         8f:1d:b1:93:7e:01:a2:c4:76:0a:f5:d2:f1:d6:19:10:57:24:
         29:e4:41:47:49:8e:cc:e5:84:aa:49:ab:80:0e:a4:d6:4d:3d:
         8d:ee:e9:e5:43:10:7f:a1:05:19:1a:17:6d:55:7a:9f:2d:27:
         ac:44:45:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSPCy5GjohKtVmBim8rBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA5YjRmNDY5Y2JlOWYyMmM1YjU2NzQ4NzM4ZGE1YmRhNGMwZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOBL7xJnOatJP1QtDLtTBaJ7dW+U
k3Q8D6/5rXtfu4NeV786/GjYBSlbiss5XZlMxbForGVFvVo8jfTAlYOp9R45Dr+h
icG2qlvvfCBegCm/sRt6VgCrZ9eYCRlUfO0b4L0k0628v+e/uY/PzSeqzTqhAxOQ
InbQ0XCSDPzTn9uad228KpkuwN8Yf2u9EPGlWeilS5RMForAI3XLMPBZKBpLlTgc
01LWM4Vi+5DrO6uKHvd5FltuBHg24W5rs/5J2WkFBGaXxP6wkKfcQ+eZyPoeSf0m
gy99MtAg7cKuKhPV+Cnaq7Ml+DIKKORChlvEA3xbAUCTMNoS43t5w1yPXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCwJtPRpy+nyLFtWdIc42lvaTA5gMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvTEFtMDlHbkw2ZklzVzFaMGh6amFXOXBNRG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAORLqgD
BACRLqowDQYJKoZIhvcNAQELBQADggEBAH1IhjzpblHjcUie7UAly0jaWgIHV28d
jdP/4xVI4AAklT2Rj+JyTB5VBT6l5Y1C9l0n0e76wx+J4UBZXZCXr3DjaKI9bd8l
5ke0QeAwbOmZ0UjPejuRBnvf9Pt/YeNYYpJHqQanaLAi3JO2lVWVtGNVVvl/aZAS
Yk+nd9ydyVJ/GuhqeSLCv1kNA9cI0cXncwhtUF89xhyEsAjj9VKhlBeuAu4UdSHH
yVedT/2vgA/goAf9zm4l8zs01MvSjWxsaQ5ucPQAR48dsZN+AaLEdgr10vHWGRBX
JCnkQUdJjszlhKpJq4AOpNZNPY3u6eVDEH+hBRkaF21Vep8tJ6xEReA=
-----END CERTIFICATE-----
Generated at Wed Oct 16 18:12:24 2024 by rpki-client on console-fra.rpki-client.org