Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/pCywXYFhKUqK9V-5aVhtqq3_lOc.roa
File:                     pCywXYFhKUqK9V-5aVhtqq3_lOc.roa (raw, json)
Hash identifier:          BAjkxhRrzyH0bCJHXsS/vJDkQ8x/yVnMAtVQKzVmruA=
Subject key identifier:   A4:2C:B0:5D:81:61:29:4A:8A:F5:5F:B9:69:58:6D:AA:AD:FF:94:E7
Certificate issuer:       /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial:       0185718C1A6603AE0B74D67B50D3BFC29A54
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/pCywXYFhKUqK9V-5aVhtqq3_lOc.roa
Signing time:             Mon 02 Jan 2023 08:14:45 +0000
ROA not before:           Mon 02 Jan 2023 08:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212669
IP address blocks:        45.153.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jul 2023 02:31:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:8c:1a:66:03:ae:0b:74:d6:7b:50:d3:bf:c2:9a:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
        Validity
            Not Before: Jan  2 08:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a42cb05d8161294a8af55fb969586daaadff94e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:63:75:8c:56:6c:28:b1:0e:d6:65:b8:98:4b:
                    c1:e3:17:96:35:1c:a3:92:c0:f7:9f:a9:eb:f0:69:
                    fa:cb:3b:92:1d:32:4b:b7:e3:c7:ce:32:08:e2:c0:
                    9e:4b:76:58:78:20:aa:70:71:09:e8:df:fe:53:7e:
                    ca:93:5a:d8:23:19:78:02:db:7e:76:8b:26:ef:12:
                    32:b8:19:ee:9b:68:43:2e:4a:0d:b3:c4:81:4a:21:
                    04:ff:9e:1c:69:3a:c5:4c:73:1f:5e:6b:83:47:ca:
                    94:fa:3c:1c:30:26:ef:22:56:cf:07:f2:5f:a4:56:
                    a7:99:2f:70:9e:4e:46:7f:56:ac:d8:c7:06:5d:02:
                    51:31:60:a6:df:ee:9a:15:0a:0b:68:38:8f:97:c2:
                    02:90:bc:c7:1d:a8:55:dd:49:93:be:75:09:c9:a0:
                    5f:00:9d:72:b4:39:95:f4:65:70:cb:26:2c:e4:bb:
                    d9:13:e2:a4:1a:97:de:a4:42:84:b2:54:eb:07:d2:
                    aa:a2:64:28:45:ee:b1:3e:5d:0b:7c:60:fe:d4:2c:
                    0f:8e:d4:07:78:44:d3:76:d0:c5:3a:f5:24:e2:54:
                    ec:89:01:e4:73:b8:e2:4f:ff:47:fa:ab:0b:83:4e:
                    0b:4a:10:0c:e2:c4:a2:c2:7b:82:7c:43:4a:34:17:
                    15:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:2C:B0:5D:81:61:29:4A:8A:F5:5F:B9:69:58:6D:AA:AD:FF:94:E7
            X509v3 Authority Key Identifier:
                keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/pCywXYFhKUqK9V-5aVhtqq3_lOc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:f4:bd:e7:fd:e3:6e:d6:68:9e:7f:df:7e:1d:2a:6c:9f:03:
         19:73:0c:6f:30:72:88:77:d6:3a:3e:3f:65:68:4e:6b:04:b2:
         78:31:7c:ba:ba:32:a2:97:8f:1c:f4:ea:ee:4f:66:e1:a4:48:
         2d:93:48:04:ef:66:e3:b1:ca:85:80:49:7d:95:be:4e:d2:df:
         34:d2:42:e8:0c:c9:7b:03:72:1a:5e:80:72:78:07:3f:8d:f6:
         cd:3b:0e:00:8b:07:e7:ad:bf:8f:48:0a:1a:25:69:45:ca:e1:
         a2:bf:df:34:2b:b5:64:c5:50:df:2a:b5:43:b1:15:17:15:f7:
         fd:e8:1e:78:46:3d:6b:96:9e:73:60:9e:b6:35:22:34:02:2b:
         ef:68:4c:aa:ac:7d:e9:98:26:b0:23:35:ae:21:91:e6:21:b8:
         43:80:13:60:e6:b7:8a:1d:fc:b7:37:02:10:f8:24:d9:c5:cf:
         d9:19:a5:46:c0:c7:88:ab:61:90:a5:f7:65:fa:5d:40:cf:aa:
         8b:63:ae:0a:3f:57:e3:76:0b:f7:89:11:b9:e6:7d:11:af:15:
         ea:c9:d5:12:56:bd:ce:31:88:f3:af:cf:a8:e4:06:7e:09:46:
         70:7c:37:5a:87:09:87:74:ac:01:fb:fa:73:6d:89:2f:d9:d2:
         6b:8d:9d:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjBpmA64LdNZ7UNO/wppUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDk4YzJjNTRiMGNiZWExMzRlMjdhOTgxY2ZkZGU3MzIz
NmUwNTUwHhcNMjMwMTAyMDgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDJjYjA1ZDgxNjEyOTRhOGFmNTVmYjk2OTU4NmRhYWFkZmY5NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWN1jFZsKLEO1mW4mEvB4xeWNRyj
ksD3n6nr8Gn6yzuSHTJLt+PHzjII4sCeS3ZYeCCqcHEJ6N/+U37Kk1rYIxl4Att+
dosm7xIyuBnum2hDLkoNs8SBSiEE/54caTrFTHMfXmuDR8qU+jwcMCbvIlbPB/Jf
pFanmS9wnk5Gf1as2McGXQJRMWCm3+6aFQoLaDiPl8ICkLzHHahV3UmTvnUJyaBf
AJ1ytDmV9GVwyyYs5LvZE+KkGpfepEKEslTrB9KqomQoRe6xPl0LfGD+1CwPjtQH
eETTdtDFOvUk4lTsiQHkc7jiT/9H+qsLg04LShAM4sSiwnuCfENKNBcVewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQssF2BYSlKivVfuWlYbaqt/5TnMB8GA1UdIwQY
MBaAFGzZjCxUsMvqE04nqYHP3ecyNuBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWIt
ZDM3ZGY2MzRhOTI5LzEvcEN5d1hZRmhLVXFLOVYtNWFWaHRxcTNfbE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWItZDM3ZGY2MzRhOTI5
LzEvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZmkMA0G
CSqGSIb3DQEBCwUAA4IBAQA39L3n/eNu1mief99+HSpsnwMZcwxvMHKId9Y6Pj9l
aE5rBLJ4MXy6ujKil48c9OruT2bhpEgtk0gE72bjscqFgEl9lb5O0t800kLoDMl7
A3IaXoByeAc/jfbNOw4Aiwfnrb+PSAoaJWlFyuGiv980K7VkxVDfKrVDsRUXFff9
6B54Rj1rlp5zYJ62NSI0AivvaEyqrH3pmCawIzWuIZHmIbhDgBNg5reKHfy3NwIQ
+CTZxc/ZGaVGwMeIq2GQpfdl+l1Az6qLY64KP1fjdgv3iRG55n0RrxXqydUSVr3O
MYjzr8+o5AZ+CUZwfDdahwmHdKwB+/pzbYkv2dJrjZ1X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org