Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/PhBtzJnJbvSj95paPUvJGkJqEgE.roa
File:                     PhBtzJnJbvSj95paPUvJGkJqEgE.roa (raw, json)
Hash identifier:          SRTcm3Rki36q0PIwh2iuYhs7G606iOAFwqP7OsummAk=
Subject key identifier:   3E:10:6D:CC:99:C9:6E:F4:A3:F7:9A:5A:3D:4B:C9:1A:42:6A:12:01
Certificate issuer:       /CN=10071dab168e8e53e3cd7df5db8e0f04242e9086
Certificate serial:       01856BE58ACA268BE7D11E5F1660B7DBCD15
Authority key identifier: 10:07:1D:AB:16:8E:8E:53:E3:CD:7D:F5:DB:8E:0F:04:24:2E:90:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/PhBtzJnJbvSj95paPUvJGkJqEgE.roa
Signing time:             Sun 01 Jan 2023 05:54:43 +0000
ROA not before:           Sun 01 Jan 2023 05:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60776
IP address blocks:        45.155.84.0/22 maxlen: 22
                          2a0f:f100::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:e5:8a:ca:26:8b:e7:d1:1e:5f:16:60:b7:db:cd:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10071dab168e8e53e3cd7df5db8e0f04242e9086
        Validity
            Not Before: Jan  1 05:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3e106dcc99c96ef4a3f79a5a3d4bc91a426a1201
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c0:43:86:a5:a2:3c:9f:95:8a:3d:36:a2:80:
                    4d:36:2a:8d:05:08:79:2e:5f:75:b7:95:bf:5a:93:
                    c4:e8:e9:18:77:f2:f4:3c:d0:e1:bc:3f:7f:6b:a0:
                    ce:1d:df:b0:c8:82:38:78:08:f3:61:e8:b4:c1:83:
                    0d:74:ac:b8:30:93:ea:e2:22:22:40:68:21:67:ab:
                    e1:55:18:31:7c:85:4d:53:8f:7b:f1:4a:19:d6:c3:
                    f9:f1:bb:17:57:37:30:d0:52:54:1f:fa:6a:4a:01:
                    53:43:cc:de:15:79:58:70:73:0b:b1:ed:3b:50:4b:
                    60:4e:8b:a6:2e:b1:cd:23:19:93:4a:fe:9d:c3:21:
                    02:78:ce:52:cb:7c:e6:a4:f5:50:9a:b3:49:da:3b:
                    2c:d9:e0:71:d0:21:c4:ec:b5:a8:64:7e:fa:78:be:
                    53:2e:c1:01:bd:62:26:4d:e6:79:2f:cb:bb:5c:54:
                    b9:45:c9:1b:52:3a:05:d3:e2:4a:c7:50:c7:1a:18:
                    7a:f0:e3:38:08:d7:99:63:1a:c0:fa:3a:0b:ee:9d:
                    e8:ca:a3:e8:c9:9a:a1:4e:59:8d:48:93:26:03:97:
                    38:91:0b:23:ca:5b:25:f3:77:1b:06:34:88:0a:d4:
                    a9:1b:f9:47:9e:a0:74:74:d7:b0:26:4e:91:b5:4e:
                    fc:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:10:6D:CC:99:C9:6E:F4:A3:F7:9A:5A:3D:4B:C9:1A:42:6A:12:01
            X509v3 Authority Key Identifier:
                keyid:10:07:1D:AB:16:8E:8E:53:E3:CD:7D:F5:DB:8E:0F:04:24:2E:90:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/PhBtzJnJbvSj95paPUvJGkJqEgE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/EAcdqxaOjlPjzX31244PBCQukIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.84.0/22
                IPv6:
                  2a0f:f100::/29

    Signature Algorithm: sha256WithRSAEncryption
         18:39:a1:82:a8:c6:aa:56:bf:b4:eb:4a:c5:bd:c2:a3:08:a8:
         b2:6e:50:fc:23:55:61:33:da:19:b7:0d:fb:a7:aa:39:8f:b6:
         b7:f6:15:a1:94:07:cb:51:de:77:b9:c2:1f:76:f7:d9:1f:e5:
         e6:c2:7b:e3:63:a3:0c:72:1d:33:41:92:e1:df:fc:30:65:56:
         92:91:f5:c5:ac:2d:d9:30:a2:8e:c1:66:16:43:1c:a6:82:73:
         1d:04:9e:8c:0e:06:ec:2f:55:6a:51:7e:80:e5:a4:d6:5f:3a:
         69:a4:51:d0:98:f0:a0:fb:9b:0f:e4:85:86:5c:f5:a7:42:95:
         5f:43:0a:e6:f7:b1:39:49:f8:44:df:d9:4d:0a:62:ac:6e:38:
         3a:df:2d:37:be:83:13:01:7e:23:f1:cd:4e:99:0f:61:62:10:
         48:5a:e6:a0:4b:c4:ad:2b:d5:7e:cf:67:39:42:13:3b:4f:5c:
         95:b3:95:04:81:50:31:86:11:6c:db:78:04:23:21:c0:21:f4:
         55:34:d4:f1:63:3e:62:2f:7d:bd:ec:c2:be:b5:f5:01:2c:9d:
         78:2d:e2:ed:6a:d1:0c:34:eb:75:c2:e9:82:11:4b:40:d7:64:
         c0:99:5c:32:c4:ab:6c:36:1b:55:b3:25:35:7d:8c:97:c8:1f:
         e1:cb:88:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr5YrKJovn0R5fFmC3280VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDcxZGFiMTY4ZThlNTNlM2NkN2RmNWRiOGUwZjA0MjQy
ZTkwODYwHhcNMjMwMTAxMDU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTEwNmRjYzk5Yzk2ZWY0YTNmNzlhNWEzZDRiYzkxYTQyNmExMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8BDhqWiPJ+Vij02ooBNNiqNBQh5
Ll91t5W/WpPE6OkYd/L0PNDhvD9/a6DOHd+wyII4eAjzYei0wYMNdKy4MJPq4iIi
QGghZ6vhVRgxfIVNU4978UoZ1sP58bsXVzcw0FJUH/pqSgFTQ8zeFXlYcHMLse07
UEtgToumLrHNIxmTSv6dwyECeM5Sy3zmpPVQmrNJ2jss2eBx0CHE7LWoZH76eL5T
LsEBvWImTeZ5L8u7XFS5RckbUjoF0+JKx1DHGhh68OM4CNeZYxrA+joL7p3oyqPo
yZqhTlmNSJMmA5c4kQsjylsl83cbBjSICtSpG/lHnqB0dNewJk6RtU78+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD4QbcyZyW70o/eaWj1LyRpCahIBMB8GA1UdIwQY
MBaAFBAHHasWjo5T48199duODwQkLpCGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFjZHF4YU9qbFBqelgzMTI0NFBCQ1F1a0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jYmU2YjctNWUxMy00MDk0LWI5Nzkt
MmZlNDEyZTNlYWI0LzEvUGhCdHpKbkpidlNqOTVwYVBVdkpHa0pxRWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jYmU2YjctNWUxMy00MDk0LWI5NzktMmZlNDEyZTNlYWI0
LzEvRUFjZHF4YU9qbFBqelgzMTI0NFBCQ1F1a0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZtUMA0E
AgACMAcDBQMqD/EAMA0GCSqGSIb3DQEBCwUAA4IBAQAYOaGCqMaqVr+060rFvcKj
CKiyblD8I1VhM9oZtw37p6o5j7a39hWhlAfLUd53ucIfdvfZH+XmwnvjY6MMch0z
QZLh3/wwZVaSkfXFrC3ZMKKOwWYWQxymgnMdBJ6MDgbsL1VqUX6A5aTWXzpppFHQ
mPCg+5sP5IWGXPWnQpVfQwrm97E5SfhE39lNCmKsbjg63y03voMTAX4j8c1OmQ9h
YhBIWuagS8StK9V+z2c5QhM7T1yVs5UEgVAxhhFs23gEIyHAIfRVNNTxYz5iL329
7MK+tfUBLJ14LeLtatEMNOt1wumCEUtA12TAmVwyxKtsNhtVsyU1fYyXyB/hy4jz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:22 2024 by rpki-client on console-fra.rpki-client.org