Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/zLbAH6w6TL6J311gC5FYlM-QUIM.roa
File:                     zLbAH6w6TL6J311gC5FYlM-QUIM.roa (raw, json)
Hash identifier:          ut4nRM9DCgxPuJGv3WWdtgb9k+xJWBkIA/yHgzjHvnA=
Subject key identifier:   CC:B6:C0:1F:AC:3A:4C:BE:89:DF:5D:60:0B:91:58:94:CF:90:50:83
Certificate issuer:       /CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Certificate serial:       018726BD5ACA7C1DAB432479B5DDE3900186
Authority key identifier: C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/zLbAH6w6TL6J311gC5FYlM-QUIM.roa
Signing time:             Tue 28 Mar 2023 05:42:36 +0000
ROA not before:           Tue 28 Mar 2023 05:42:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49810
IP address blocks:        45.84.147.0/24 maxlen: 24
                          2a04:d202::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:26:bd:5a:ca:7c:1d:ab:43:24:79:b5:dd:e3:90:01:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
        Validity
            Not Before: Mar 28 05:42:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ccb6c01fac3a4cbe89df5d600b915894cf905083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:42:fd:1f:01:ac:1f:a5:a6:f1:f0:0b:79:eb:
                    c8:68:fc:5b:10:91:53:ed:f4:b4:1e:ca:5c:70:34:
                    82:d1:b0:54:d9:fb:0e:38:c5:c7:c0:04:e7:da:b0:
                    21:40:e8:c3:71:02:5f:22:a4:b2:e3:13:14:8e:ad:
                    9e:49:f9:d3:bd:a5:75:f9:18:82:c8:4a:b4:d9:e1:
                    5e:e8:b1:19:92:83:44:27:75:0e:d1:2c:b2:db:18:
                    88:05:57:44:0e:0c:40:a0:1c:13:43:0d:cf:66:0c:
                    b3:9c:a3:3f:80:f5:7d:50:a4:3a:3b:79:e2:52:98:
                    99:f4:9f:ff:46:b6:4d:cf:c6:4c:b5:45:e5:8d:19:
                    31:72:c1:01:52:bd:ae:85:8c:de:7d:8e:b5:2b:97:
                    18:6a:9f:5c:ae:c6:7c:40:99:c9:e6:fd:1d:56:49:
                    5a:43:af:a0:d2:96:68:95:f6:4f:4b:0b:eb:87:a1:
                    13:ea:70:bf:60:94:9b:57:aa:8d:0f:c5:b3:bd:3c:
                    4d:bc:6c:d4:51:01:3a:88:34:d9:61:38:d8:64:f0:
                    c2:6d:5c:74:50:a6:34:ea:dd:fe:54:d6:c3:2d:6b:
                    c7:9f:2f:39:24:40:63:f8:3d:dd:3e:39:f5:f8:d6:
                    ad:48:67:7f:12:c4:89:d3:24:c5:62:16:b8:7f:36:
                    d4:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:B6:C0:1F:AC:3A:4C:BE:89:DF:5D:60:0B:91:58:94:CF:90:50:83
            X509v3 Authority Key Identifier:
                keyid:C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/zLbAH6w6TL6J311gC5FYlM-QUIM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.147.0/24
                IPv6:
                  2a04:d202::/32

    Signature Algorithm: sha256WithRSAEncryption
         aa:b0:59:ab:60:f5:9b:a6:21:b0:20:68:b3:33:b3:e4:98:8d:
         1a:1f:bb:cb:0e:70:47:a9:0c:33:16:31:21:ec:d4:c6:ee:dc:
         9c:c6:d5:14:98:cb:15:48:b1:58:5b:36:08:e2:33:59:45:d6:
         7e:39:ab:de:e2:08:fe:c7:2d:fb:15:d5:f0:ad:c6:7b:6f:2b:
         6a:90:17:81:2e:cb:65:20:96:87:26:b7:0e:5b:68:4d:ca:a3:
         0a:b4:f4:24:99:d0:68:92:26:40:97:e8:02:3f:05:b8:03:cd:
         7a:30:70:a5:98:b3:02:db:73:4f:62:5a:72:3a:ec:b3:b5:20:
         c6:cd:0b:33:34:65:df:33:67:f6:d2:fb:ca:a4:53:34:1c:e1:
         64:92:9c:c6:7b:31:7a:4b:ef:ee:69:87:c6:3f:0d:b1:cd:41:
         63:ce:54:3f:d4:a8:5b:90:e9:c2:25:b2:1e:f0:b7:2c:f5:0b:
         93:c6:ae:7c:83:a6:2d:4b:c5:95:18:91:25:44:bc:95:4b:4d:
         6a:04:ea:46:ec:12:00:c5:3a:7a:57:c6:25:87:59:f0:96:2b:
         1a:82:62:29:8b:54:3b:3c:72:9b:a2:c4:86:fc:f0:98:c9:58:
         fd:09:3f:59:d6:28:61:90:40:dd:f8:d9:38:e4:49:26:67:27:
         44:3c:5a:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcmvVrKfB2rQyR5td3jkAGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDgyY2NmMGM4ZGVhN2Q3ZjZhZDcyZThlNjI0NjJkN2Jl
MjBkNTYwHhcNMjMwMzI4MDU0MjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2I2YzAxZmFjM2E0Y2JlODlkZjVkNjAwYjkxNTg5NGNmOTA1MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkL9HwGsH6Wm8fALeevIaPxbEJFT
7fS0HspccDSC0bBU2fsOOMXHwATn2rAhQOjDcQJfIqSy4xMUjq2eSfnTvaV1+RiC
yEq02eFe6LEZkoNEJ3UO0Syy2xiIBVdEDgxAoBwTQw3PZgyznKM/gPV9UKQ6O3ni
UpiZ9J//RrZNz8ZMtUXljRkxcsEBUr2uhYzefY61K5cYap9crsZ8QJnJ5v0dVkla
Q6+g0pZolfZPSwvrh6ET6nC/YJSbV6qND8WzvTxNvGzUUQE6iDTZYTjYZPDCbVx0
UKY06t3+VNbDLWvHny85JEBj+D3dPjn1+NatSGd/EsSJ0yTFYha4fzbUZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMy2wB+sOky+id9dYAuRWJTPkFCDMB8GA1UdIwQY
MBaAFMLYLM8Mjep9f2rXLo5iRi174g1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUt
NDMxMThlNDk2ZDQwLzEvekxiQUg2dzZUTDZKMzExZ0M1RllsTS1RVUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUtNDMxMThlNDk2ZDQw
LzEvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVSTMA0E
AgACMAcDBQAqBNICMA0GCSqGSIb3DQEBCwUAA4IBAQCqsFmrYPWbpiGwIGizM7Pk
mI0aH7vLDnBHqQwzFjEh7NTG7tycxtUUmMsVSLFYWzYI4jNZRdZ+Oave4gj+xy37
FdXwrcZ7bytqkBeBLstlIJaHJrcOW2hNyqMKtPQkmdBokiZAl+gCPwW4A816MHCl
mLMC23NPYlpyOuyztSDGzQszNGXfM2f20vvKpFM0HOFkkpzGezF6S+/uaYfGPw2x
zUFjzlQ/1KhbkOnCJbIe8Lcs9QuTxq58g6YtS8WVGJElRLyVS01qBOpG7BIAxTp6
V8Ylh1nwlisagmIpi1Q7PHKbosSG/PCYyVj9CT9Z1ihhkEDd+Nk45EkmZydEPFo+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:43 2024 by rpki-client on console-ams.rpki-client.org