Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/jlR8udDz51EPUT2jAksVwKkWT5I.roa
File:                     jlR8udDz51EPUT2jAksVwKkWT5I.roa (raw, json)
Hash identifier:          36yGmbv1Ukyfen3LhQMuwfkTV10MfW3b42w18WVR4aU=
Subject key identifier:   8E:54:7C:B9:D0:F3:E7:51:0F:51:3D:A3:02:4B:15:C0:A9:16:4F:92
Certificate issuer:       /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial:       0185718C177D05038FBCEE5E63D308E3A80F
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/jlR8udDz51EPUT2jAksVwKkWT5I.roa
Signing time:             Mon 02 Jan 2023 08:14:44 +0000
ROA not before:           Mon 02 Jan 2023 08:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        45.153.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:8c:17:7d:05:03:8f:bc:ee:5e:63:d3:08:e3:a8:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
        Validity
            Not Before: Jan  2 08:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e547cb9d0f3e7510f513da3024b15c0a9164f92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:94:ff:c9:e1:f3:ce:80:a0:5d:3b:5b:50:cd:
                    03:a4:a8:9c:b8:ba:04:72:00:f3:44:f1:21:b1:53:
                    b2:09:81:7b:01:00:63:b6:80:3e:1b:ba:a5:99:8b:
                    80:18:0c:c8:7b:86:30:a4:8c:18:94:04:04:de:e3:
                    a3:db:06:00:fc:c0:54:d6:de:27:20:7d:c2:0f:fa:
                    60:c7:e7:d8:6c:8f:6a:68:46:cc:0e:08:d0:e5:b5:
                    1b:26:f9:f4:aa:33:83:4e:dc:1b:55:80:f1:30:fa:
                    e7:ec:b2:8f:a7:65:a3:4c:6a:c6:7c:60:b4:b8:74:
                    52:4f:d1:aa:c5:4b:ca:2e:1b:74:95:9a:24:d0:f6:
                    e4:35:e7:9a:68:f9:76:1f:59:3a:34:9c:26:ef:46:
                    84:ba:fe:e3:31:fe:b2:f0:50:23:78:e9:0d:e0:65:
                    a9:f2:5b:d8:ad:19:06:e7:6c:57:6c:f6:7f:e5:75:
                    7c:39:52:42:b1:cc:56:4c:7b:e2:a6:5e:0e:e6:07:
                    58:6a:fd:fb:13:28:a9:06:a3:84:c8:35:5f:63:e7:
                    4a:0c:f3:24:6b:4b:57:d1:f8:49:b2:7f:1d:68:c3:
                    30:84:00:b2:6a:f5:85:22:e6:34:e9:c8:d9:df:3b:
                    f3:65:c8:6d:3d:8a:eb:1f:dd:3b:e3:c8:8c:8f:55:
                    de:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:54:7C:B9:D0:F3:E7:51:0F:51:3D:A3:02:4B:15:C0:A9:16:4F:92
            X509v3 Authority Key Identifier:
                keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/jlR8udDz51EPUT2jAksVwKkWT5I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:28:f1:12:29:b1:54:49:a7:73:ad:65:0a:66:27:4c:2d:90:
         31:fa:34:4b:29:6f:3d:ae:00:68:6d:bf:8c:37:1a:b6:89:79:
         20:ef:b5:9e:3d:52:37:8e:5d:af:26:3b:21:7b:1b:26:84:44:
         5d:1c:1e:05:18:8d:50:ac:4b:25:f3:c5:1c:76:b5:25:a6:ef:
         91:de:63:71:b2:de:a8:f4:74:92:d9:26:0a:93:b9:de:4d:4c:
         fd:57:9b:c0:8c:fe:3d:39:fe:83:d9:c3:a1:47:29:25:9a:08:
         a2:b7:e3:b5:94:c9:d7:01:df:c7:67:c3:fa:81:62:18:9c:cb:
         53:ee:85:51:77:c5:e6:3c:7d:20:2d:61:29:ee:59:0f:4d:39:
         d6:48:93:64:e3:af:be:bd:bf:13:f9:65:a2:07:96:d3:26:bb:
         48:47:aa:a5:e0:d8:6c:d4:f5:3e:ad:db:da:2b:12:13:46:23:
         96:58:7f:c1:6e:ba:87:61:05:61:32:fa:88:a2:9a:39:d6:de:
         63:89:cd:45:c3:f6:23:29:82:f5:b9:f1:cc:59:32:2c:aa:c5:
         a3:b2:1c:01:0b:e7:5c:41:e0:21:ea:d7:78:8e:c9:53:dc:44:
         b5:37:e1:e0:54:58:32:18:29:3b:96:7e:c6:77:ee:05:40:77:
         ce:ea:fe:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjBd9BQOPvO5eY9MI46gPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDk4YzJjNTRiMGNiZWExMzRlMjdhOTgxY2ZkZGU3MzIz
NmUwNTUwHhcNMjMwMTAyMDgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTU0N2NiOWQwZjNlNzUxMGY1MTNkYTMwMjRiMTVjMGE5MTY0ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpT/yeHzzoCgXTtbUM0DpKicuLoE
cgDzRPEhsVOyCYF7AQBjtoA+G7qlmYuAGAzIe4YwpIwYlAQE3uOj2wYA/MBU1t4n
IH3CD/pgx+fYbI9qaEbMDgjQ5bUbJvn0qjODTtwbVYDxMPrn7LKPp2WjTGrGfGC0
uHRST9GqxUvKLht0lZok0PbkNeeaaPl2H1k6NJwm70aEuv7jMf6y8FAjeOkN4GWp
8lvYrRkG52xXbPZ/5XV8OVJCscxWTHvipl4O5gdYav37EyipBqOEyDVfY+dKDPMk
a0tX0fhJsn8daMMwhACyavWFIuY06cjZ3zvzZchtPYrrH90748iMj1XeDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5UfLnQ8+dRD1E9owJLFcCpFk+SMB8GA1UdIwQY
MBaAFGzZjCxUsMvqE04nqYHP3ecyNuBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWIt
ZDM3ZGY2MzRhOTI5LzEvamxSOHVkRHo1MUVQVVQyakFrc1Z3S2tXVDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWItZDM3ZGY2MzRhOTI5
LzEvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZmnMA0G
CSqGSIb3DQEBCwUAA4IBAQAaKPESKbFUSadzrWUKZidMLZAx+jRLKW89rgBobb+M
Nxq2iXkg77WePVI3jl2vJjshexsmhERdHB4FGI1QrEsl88UcdrUlpu+R3mNxst6o
9HSS2SYKk7neTUz9V5vAjP49Of6D2cOhRyklmgiit+O1lMnXAd/HZ8P6gWIYnMtT
7oVRd8XmPH0gLWEp7lkPTTnWSJNk46++vb8T+WWiB5bTJrtIR6ql4Nhs1PU+rdva
KxITRiOWWH/BbrqHYQVhMvqIopo51t5jic1Fw/YjKYL1ufHMWTIsqsWjshwBC+dc
QeAh6td4jslT3ES1N+HgVFgyGCk7ln7Gd+4FQHfO6v6i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org