Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/cLr3LHHhE76MnS-lXyGjZjJj-7s.roa
File:                     cLr3LHHhE76MnS-lXyGjZjJj-7s.roa (raw, json)
Hash identifier:          uKkdOGP6TlmtOmFOYh46WuRI3zGzEaBkz2o+RXqfWCo=
Subject key identifier:   70:BA:F7:2C:71:E1:13:BE:8C:9D:2F:A5:5F:21:A3:66:32:63:FB:BB
Certificate issuer:       /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial:       0189523D8A20B8DA1995429AD98D32E5BEAD
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/cLr3LHHhE76MnS-lXyGjZjJj-7s.roa
Signing time:             Fri 14 Jul 2023 02:31:51 +0000
ROA not before:           Fri 14 Jul 2023 02:31:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.153.164.0/24 maxlen: 24
                          91.235.2.0/24 maxlen: 24
                          45.140.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 20 Aug 2023 01:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:52:3d:8a:20:b8:da:19:95:42:9a:d9:8d:32:e5:be:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
        Validity
            Not Before: Jul 14 02:31:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=70baf72c71e113be8c9d2fa55f21a3663263fbbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:7f:10:c1:0f:e5:b6:82:be:d8:5d:b2:4e:bf:
                    c5:46:27:c6:ae:2a:7c:78:89:31:a9:e2:9e:3b:7c:
                    3f:23:a4:d0:ce:7a:a5:25:fc:b5:ca:1b:07:10:46:
                    fd:0c:30:1b:46:f5:a6:3f:59:33:24:63:8f:d8:92:
                    e3:74:37:ec:06:a5:63:ba:aa:08:a5:76:e9:60:3b:
                    96:4b:60:80:b1:57:96:5f:fc:90:e7:91:a6:14:79:
                    7e:45:96:9c:ec:d6:b5:72:f0:c6:c2:32:4d:b0:25:
                    3c:e5:05:36:ba:7b:d6:22:75:c8:c7:0b:3a:a6:29:
                    6f:32:36:37:13:58:00:0e:3b:59:92:37:95:33:48:
                    e0:af:0d:b6:e7:44:53:f0:5b:e0:a6:b5:58:3f:bf:
                    bd:e6:33:b8:4b:06:3b:10:00:f3:20:dd:30:06:b5:
                    e7:dd:b9:3b:d5:fa:3c:bd:7b:1a:59:ed:00:f6:54:
                    62:8e:f0:db:69:34:05:16:9a:87:12:14:09:a8:a8:
                    8f:07:b2:41:0e:a3:70:b9:20:0d:ef:99:80:50:43:
                    b3:25:15:ff:5b:d6:9c:82:da:5f:f1:6f:41:fa:d6:
                    5a:ba:37:b4:62:21:bf:b0:39:bc:b2:73:17:6f:2a:
                    29:09:60:26:21:a7:55:4f:a2:23:5c:49:50:9f:34:
                    3c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:BA:F7:2C:71:E1:13:BE:8C:9D:2F:A5:5F:21:A3:66:32:63:FB:BB
            X509v3 Authority Key Identifier:
                keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/cLr3LHHhE76MnS-lXyGjZjJj-7s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.195.0/24
                  45.153.164.0/24
                  91.235.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:47:9f:17:f9:1a:59:31:5a:53:1f:8b:dc:21:f1:ad:db:69:
         dc:86:c4:ef:f1:e8:78:dc:a6:ed:29:ba:7b:f0:51:b8:e8:08:
         58:b5:0a:03:09:b4:a3:a4:ef:1f:0c:8a:8d:2c:88:18:e6:17:
         a2:db:84:60:07:4c:14:d4:75:c3:c1:b1:8d:e3:5e:24:cb:d6:
         c7:a9:69:54:20:cf:1e:e2:86:64:b2:1f:bd:e1:93:b0:4a:7e:
         93:85:dc:fb:d6:cf:fd:97:53:46:ce:23:29:8a:79:f5:8d:61:
         e2:f4:68:69:60:99:b1:76:5c:fe:05:10:1d:e8:ed:db:48:0f:
         df:1c:97:cd:23:df:5b:83:6f:c9:b4:d2:39:46:b5:98:6d:85:
         db:db:f3:55:f0:31:f7:e9:9d:ef:fe:26:75:ca:0b:a4:38:af:
         4b:4c:7c:4b:d4:8c:37:4a:0f:d2:01:ec:c3:06:b3:cf:9b:19:
         e9:f5:61:e4:5e:0d:2b:b1:01:d5:3b:db:c0:ec:58:b7:d4:27:
         65:35:8d:2d:04:89:8b:5d:f4:79:ff:97:0d:46:49:36:7f:17:
         e0:97:16:10:be:4a:a4:e0:22:ed:24:d1:57:ee:fc:85:2d:04:
         dd:fe:b7:2c:69:f0:3a:1c:00:16:49:5e:27:a4:ac:7d:55:34:
         d7:12:0b:47
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlSPYoguNoZlUKa2Y0y5b6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDk4YzJjNTRiMGNiZWExMzRlMjdhOTgxY2ZkZGU3MzIz
NmUwNTUwHhcNMjMwNzE0MDIzMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGJhZjcyYzcxZTExM2JlOGM5ZDJmYTU1ZjIxYTM2NjMyNjNmYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg38QwQ/ltoK+2F2yTr/FRifGrip8
eIkxqeKeO3w/I6TQznqlJfy1yhsHEEb9DDAbRvWmP1kzJGOP2JLjdDfsBqVjuqoI
pXbpYDuWS2CAsVeWX/yQ55GmFHl+RZac7Na1cvDGwjJNsCU85QU2unvWInXIxws6
pilvMjY3E1gADjtZkjeVM0jgrw2250RT8FvgprVYP7+95jO4SwY7EADzIN0wBrXn
3bk71fo8vXsaWe0A9lRijvDbaTQFFpqHEhQJqKiPB7JBDqNwuSAN75mAUEOzJRX/
W9acgtpf8W9B+tZauje0YiG/sDm8snMXbyopCWAmIadVT6IjXElQnzQ8hQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHC69yxx4RO+jJ0vpV8ho2YyY/u7MB8GA1UdIwQY
MBaAFGzZjCxUsMvqE04nqYHP3ecyNuBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWIt
ZDM3ZGY2MzRhOTI5LzEvY0xyM0xISGhFNzZNblMtbFh5R2paakpqLTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWItZDM3ZGY2MzRhOTI5
LzEvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYzDAwQA
LZmkAwQAW+sCMA0GCSqGSIb3DQEBCwUAA4IBAQCjR58X+RpZMVpTH4vcIfGt22nc
hsTv8eh43KbtKbp78FG46AhYtQoDCbSjpO8fDIqNLIgY5hei24RgB0wU1HXDwbGN
414ky9bHqWlUIM8e4oZksh+94ZOwSn6Thdz71s/9l1NGziMpinn1jWHi9GhpYJmx
dlz+BRAd6O3bSA/fHJfNI99bg2/JtNI5RrWYbYXb2/NV8DH36Z3v/iZ1ygukOK9L
THxL1Iw3Sg/SAezDBrPPmxnp9WHkXg0rsQHVO9vA7Fi31CdlNY0tBImLXfR5/5cN
Rkk2fxfglxYQvkqk4CLtJNFX7vyFLQTd/rcsafA6HAAWSV4npKx9VTTXEgtH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:45 2024 by rpki-client on console-ams.rpki-client.org