Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/BLYVLyQlgP50I9IIChe9suxeLgM.roa
File:                     BLYVLyQlgP50I9IIChe9suxeLgM.roa (raw, json)
Hash identifier:          wZwZnIbGCPMY6aXWmLq11WaD0uMV93d9eBumP49G4IM=
Subject key identifier:   04:B6:15:2F:24:25:80:FE:74:23:D2:08:0A:17:BD:B2:EC:5E:2E:03
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       018C83D0760F582902F8C5E48AF0E43A1AA9
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/BLYVLyQlgP50I9IIChe9suxeLgM.roa
Signing time:             Tue 19 Dec 2023 20:42:06 +0000
ROA not before:           Tue 19 Dec 2023 20:42:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39855
IP address blocks:        45.86.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:83:d0:76:0f:58:29:02:f8:c5:e4:8a:f0:e4:3a:1a:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Dec 19 20:42:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04b6152f242580fe7423d2080a17bdb2ec5e2e03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:47:eb:10:02:32:e6:89:86:d6:35:51:01:b5:
                    b3:5b:cb:53:b3:42:1d:80:fe:6a:88:f3:74:76:ba:
                    a3:22:84:9a:16:ff:fa:a4:16:db:69:55:9b:09:6c:
                    61:53:68:78:ab:4b:0b:1a:25:ad:1f:a5:fa:12:7d:
                    6e:ba:2d:ab:cc:b3:88:ff:ab:0f:a1:06:70:a6:d1:
                    68:12:86:93:18:55:5f:38:3b:f4:ac:bb:ee:75:83:
                    7a:72:99:1d:ca:a3:4a:33:9b:fb:30:9b:d0:a6:6b:
                    5c:c5:05:9b:96:40:22:d7:6a:c1:66:99:75:b7:65:
                    25:29:2e:66:46:1d:80:db:94:e5:2a:56:28:d6:0c:
                    0a:1c:4c:f8:73:6d:92:8a:eb:26:21:69:fa:20:09:
                    b7:06:b1:6c:77:e8:5d:d6:66:91:ad:ef:ea:12:65:
                    0e:b9:cd:5b:62:af:55:54:70:23:d0:13:17:7c:66:
                    e5:71:35:c1:d1:1b:19:3b:7e:09:1c:7a:ff:51:9f:
                    e5:6e:25:ef:46:7e:a5:aa:e0:0b:3d:2a:24:d8:17:
                    77:b9:9c:dc:51:61:63:5c:ff:3c:0c:bb:9e:74:32:
                    7d:42:04:bf:76:4c:f5:66:32:63:9b:5d:ac:a9:ee:
                    74:13:b3:24:5e:95:07:2d:cf:c3:8c:66:5d:fa:80:
                    64:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:B6:15:2F:24:25:80:FE:74:23:D2:08:0A:17:BD:B2:EC:5E:2E:03
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/BLYVLyQlgP50I9IIChe9suxeLgM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:e8:1d:a6:8b:ac:56:c9:f8:a7:73:14:38:71:ef:91:db:95:
         3f:34:7a:ca:bb:65:82:8a:d0:78:03:0a:21:48:3c:04:36:f3:
         44:e4:e7:87:1a:52:6a:20:9e:86:2c:60:8a:bd:e2:78:ee:ac:
         0b:7a:a1:2c:af:c2:60:56:6b:49:fd:51:3c:46:9a:05:7c:1f:
         16:5d:85:d7:57:36:0c:5c:8b:a9:37:88:1d:a4:6e:c4:9f:95:
         5e:16:87:ff:ff:8a:df:26:32:a2:e4:85:c0:58:5e:dd:9d:96:
         8f:6f:d3:d7:5f:37:14:b1:97:ed:bc:00:57:91:d4:f6:d6:1f:
         09:e5:a9:22:34:fd:a3:15:1f:40:94:f6:8d:26:12:62:de:ae:
         4d:b6:31:17:92:6e:c8:08:de:8f:76:c0:dc:6b:6b:67:bf:6d:
         7e:d6:0f:13:f2:de:9e:08:ba:e4:41:32:d5:7a:60:68:dc:df:
         ad:68:2d:8d:55:2e:b3:f0:cb:ca:e0:a0:df:d1:9d:f4:e8:e9:
         15:0b:9b:00:ce:b0:50:07:75:00:04:42:37:82:bd:8a:e6:46:
         0f:ba:7b:f6:ac:00:75:ac:5d:12:1f:58:3d:e0:6e:e4:35:f9:
         e4:fe:19:96:83:fc:a1:ec:46:14:f0:fd:91:53:fe:d0:1c:56:
         88:ee:e5:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyD0HYPWCkC+MXkivDkOhqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjMxMjE5MjA0MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI2MTUyZjI0MjU4MGZlNzQyM2QyMDgwYTE3YmRiMmVjNWUyZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskfrEAIy5omG1jVRAbWzW8tTs0Id
gP5qiPN0drqjIoSaFv/6pBbbaVWbCWxhU2h4q0sLGiWtH6X6En1uui2rzLOI/6sP
oQZwptFoEoaTGFVfODv0rLvudYN6cpkdyqNKM5v7MJvQpmtcxQWblkAi12rBZpl1
t2UlKS5mRh2A25TlKlYo1gwKHEz4c22SiusmIWn6IAm3BrFsd+hd1maRre/qEmUO
uc1bYq9VVHAj0BMXfGblcTXB0RsZO34JHHr/UZ/lbiXvRn6lquALPSok2Bd3uZzc
UWFjXP88DLuedDJ9QgS/dkz1ZjJjm12sqe50E7MkXpUHLc/DjGZd+oBkrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAS2FS8kJYD+dCPSCAoXvbLsXi4DMB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvQkxZVkx5UWxnUDUwSTlJSUNoZTlzdXhlTGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZVMA0G
CSqGSIb3DQEBCwUAA4IBAQCP6B2mi6xWyfincxQ4ce+R25U/NHrKu2WCitB4Awoh
SDwENvNE5OeHGlJqIJ6GLGCKveJ47qwLeqEsr8JgVmtJ/VE8RpoFfB8WXYXXVzYM
XIupN4gdpG7En5VeFof//4rfJjKi5IXAWF7dnZaPb9PXXzcUsZftvABXkdT21h8J
5akiNP2jFR9AlPaNJhJi3q5NtjEXkm7ICN6PdsDca2tnv21+1g8T8t6eCLrkQTLV
emBo3N+taC2NVS6z8MvK4KDf0Z306OkVC5sAzrBQB3UABEI3gr2K5kYPunv2rAB1
rF0SH1g94G7kNfnk/hmWg/yh7EYU8P2RU/7QHFaI7uUd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org