Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/Omw6zXiEoHtspzvGAWmsgponNiw.roa
File:                     Omw6zXiEoHtspzvGAWmsgponNiw.roa (raw, json)
Hash identifier:          aN1e+tkiWCA2if/p/bqUVO/BrgviqLfUiaMry3s0Ni4=
Subject key identifier:   3A:6C:3A:CD:78:84:A0:7B:6C:A7:3B:C6:01:69:AC:82:9A:27:36:2C
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       018CCA2BC3DE459D2504AFDFC7F5A7B4CB33
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/Omw6zXiEoHtspzvGAWmsgponNiw.roa
Signing time:             Tue 02 Jan 2024 12:35:14 +0000
ROA not before:           Tue 02 Jan 2024 12:35:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39855
IP address blocks:        45.86.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 18:25:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:c3:de:45:9d:25:04:af:df:c7:f5:a7:b4:cb:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Jan  2 12:35:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3a6c3acd7884a07b6ca73bc60169ac829a27362c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:bc:ed:8f:b2:6e:f1:95:a3:58:78:53:88:fd:
                    70:70:f0:22:65:91:8c:30:5f:b7:0a:99:4e:a4:50:
                    e9:9d:ec:6f:05:74:b3:09:82:34:fa:76:1c:29:5c:
                    1f:66:43:65:3f:06:d5:1b:fc:64:35:79:db:64:c7:
                    8c:26:8f:ac:ea:2d:0a:ef:21:dd:cf:57:4a:7a:28:
                    30:2b:a8:6e:02:bb:10:1d:a9:0b:b7:16:53:88:d9:
                    6a:a3:e4:e8:2a:7f:0a:30:1b:2d:21:eb:a4:35:7a:
                    83:0b:f5:b5:41:4b:22:01:04:f5:b9:ea:7b:64:c7:
                    90:b9:d5:3d:5f:21:ef:e1:e1:e7:89:3d:9a:91:c2:
                    1e:c8:af:d3:0d:11:8c:b5:52:80:2e:1d:22:42:60:
                    6c:00:5d:0f:1c:32:6f:b2:00:07:ed:fd:42:34:6a:
                    5b:ee:cc:f6:df:f8:f9:fe:58:19:e0:1d:1e:e0:8e:
                    c2:9c:45:2f:ed:f0:5f:3f:d9:8e:d6:2e:67:40:ac:
                    71:47:06:4f:2f:97:bb:8d:89:44:ae:12:89:8c:88:
                    33:10:b4:fa:13:de:d4:06:f9:2f:8a:fa:57:29:f0:
                    c6:d3:a5:fe:22:8e:d0:b6:00:f3:f5:33:31:43:6a:
                    4b:73:0a:7b:e5:42:79:f7:82:33:2a:ed:39:71:52:
                    da:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:6C:3A:CD:78:84:A0:7B:6C:A7:3B:C6:01:69:AC:82:9A:27:36:2C
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/Omw6zXiEoHtspzvGAWmsgponNiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:04:e2:de:82:15:3f:2e:fc:72:b1:1d:89:d8:73:9a:99:92:
         c9:07:13:c2:19:93:78:9d:33:fb:76:99:f6:c8:a5:21:34:4d:
         d5:a2:00:83:80:b0:0a:51:dc:6d:46:09:8c:80:de:d6:35:ec:
         7c:83:2d:63:57:83:6d:47:ae:41:ee:63:ff:39:7c:cc:f5:e6:
         b5:06:d1:d5:56:18:28:76:af:80:3f:4e:81:4d:ca:9f:08:c7:
         c5:8b:97:36:b9:6f:49:dd:67:5d:31:0e:87:52:a6:8a:a6:7e:
         49:17:c6:b8:bd:bf:c1:1f:73:66:95:73:99:46:7f:b2:b6:b6:
         ae:a4:a9:89:eb:c0:b6:6c:ee:87:c4:21:3e:51:11:f2:6f:fd:
         3f:47:81:ea:cc:c5:60:c0:06:6a:6f:8f:d3:3d:f3:ee:96:bb:
         28:bb:4f:de:1d:98:1c:06:97:1c:ae:8a:52:01:15:00:1c:88:
         2b:b3:d7:c3:e4:0f:81:c1:ff:d0:79:e4:53:35:42:ca:e6:02:
         04:08:e7:bb:be:15:09:1d:6b:38:9e:f6:56:08:bd:8d:03:00:
         6d:62:ea:68:1d:57:c4:b0:53:e8:36:f5:7b:35:86:fc:59:f4:
         7d:86:86:68:34:7d:0b:42:ec:40:ea:94:0f:df:9e:ee:63:68:
         3b:9c:34:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK8PeRZ0lBK/fx/WntMszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjQwMTAyMTIzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZjM2FjZDc4ODRhMDdiNmNhNzNiYzYwMTY5YWM4MjlhMjczNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLztj7Ju8ZWjWHhTiP1wcPAiZZGM
MF+3CplOpFDpnexvBXSzCYI0+nYcKVwfZkNlPwbVG/xkNXnbZMeMJo+s6i0K7yHd
z1dKeigwK6huArsQHakLtxZTiNlqo+ToKn8KMBstIeukNXqDC/W1QUsiAQT1uep7
ZMeQudU9XyHv4eHniT2akcIeyK/TDRGMtVKALh0iQmBsAF0PHDJvsgAH7f1CNGpb
7sz23/j5/lgZ4B0e4I7CnEUv7fBfP9mO1i5nQKxxRwZPL5e7jYlErhKJjIgzELT6
E97UBvkvivpXKfDG06X+Io7QtgDz9TMxQ2pLcwp75UJ594IzKu05cVLaDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpsOs14hKB7bKc7xgFprIKaJzYsMB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvT213NnpYaUVvSHRzcHp2R0FXbXNncG9uTml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZVMA0G
CSqGSIb3DQEBCwUAA4IBAQBhBOLeghU/LvxysR2J2HOamZLJBxPCGZN4nTP7dpn2
yKUhNE3VogCDgLAKUdxtRgmMgN7WNex8gy1jV4NtR65B7mP/OXzM9ea1BtHVVhgo
dq+AP06BTcqfCMfFi5c2uW9J3WddMQ6HUqaKpn5JF8a4vb/BH3NmlXOZRn+ytrau
pKmJ68C2bO6HxCE+URHyb/0/R4HqzMVgwAZqb4/TPfPulrsou0/eHZgcBpccropS
ARUAHIgrs9fD5A+Bwf/QeeRTNULK5gIECOe7vhUJHWs4nvZWCL2NAwBtYupoHVfE
sFPoNvV7NYb8WfR9hoZoNH0LQuxA6pQP357uY2g7nDRe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org