Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/hRDeNKh50AtdWlQzv_8I1LVZSiE.roa
File:                     hRDeNKh50AtdWlQzv_8I1LVZSiE.roa (raw, json)
Hash identifier:          khWw0YT7uVV2Q7mn82AZrW8TRfvcbr2GglVuVS+6zm0=
Subject key identifier:   85:10:DE:34:A8:79:D0:0B:5D:5A:54:33:BF:FF:08:D4:B5:59:4A:21
Certificate issuer:       /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial:       0190CF3C6233CC0B497FF712875633A6DB0E
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/hRDeNKh50AtdWlQzv_8I1LVZSiE.roa
Signing time:             Sat 20 Jul 2024 08:22:39 +0000
ROA not before:           Sat 20 Jul 2024 08:22:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     400866
IP address blocks:        45.140.57.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Aug 2024 07:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:cf:3c:62:33:cc:0b:49:7f:f7:12:87:56:33:a6:db:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
        Validity
            Not Before: Jul 20 08:22:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8510de34a879d00b5d5a5433bfff08d4b5594a21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:ca:52:40:b9:5e:3d:29:42:3b:3b:0f:d6:ab:
                    44:35:21:4d:dd:3a:e5:5d:0f:f8:ba:9e:9b:e9:26:
                    f3:79:3d:3f:85:64:f2:ef:34:ca:9e:85:8c:78:cf:
                    52:eb:08:9b:aa:e0:a4:6d:07:24:17:98:44:01:17:
                    b5:eb:7f:77:f0:cb:43:3c:62:2e:fb:9d:91:85:f3:
                    f0:e4:fc:8a:c9:c5:2a:e2:0e:34:f1:1f:9f:cc:9c:
                    e4:a4:9f:28:48:4a:f5:30:c6:4d:f4:a2:54:90:c1:
                    58:d0:71:7c:ba:a3:03:bf:7d:81:e0:aa:17:4e:d8:
                    37:c0:fa:77:79:1a:72:a6:1d:cb:9b:62:20:58:3b:
                    ed:00:3a:f7:1f:81:ab:21:5d:39:7e:34:6d:0b:c6:
                    c5:7e:0d:99:a5:7a:2a:7a:76:07:e7:9c:22:ab:90:
                    4e:5a:a0:17:95:45:5d:3e:b5:02:53:0a:6c:ca:5b:
                    da:96:5b:b7:6a:c1:d3:5a:6a:b8:fe:52:29:82:16:
                    b0:a3:af:88:a1:0a:2a:d3:5b:1f:9d:2e:fb:f2:7c:
                    92:20:9c:70:29:d4:b1:24:1c:fb:ce:ef:78:4e:1d:
                    cb:03:d0:d2:70:7f:f2:c6:4d:3f:1f:9a:da:30:b4:
                    29:bc:e9:ad:36:bb:7d:93:41:d2:69:72:f8:5a:0a:
                    b8:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:10:DE:34:A8:79:D0:0B:5D:5A:54:33:BF:FF:08:D4:B5:59:4A:21
            X509v3 Authority Key Identifier:
                keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/hRDeNKh50AtdWlQzv_8I1LVZSiE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:26:ec:5c:c9:a7:02:9e:29:ac:0b:01:24:d2:c2:41:e8:79:
         a5:5b:22:bc:50:60:b0:e2:d3:d3:2a:5d:56:bb:68:d8:bb:aa:
         58:fe:df:ab:94:52:a2:e5:f5:f4:09:ab:21:85:85:e8:fb:45:
         20:cf:ee:19:97:3e:86:70:ec:59:60:43:60:d1:ce:49:82:57:
         0e:34:10:12:0e:ff:c7:ec:64:23:e0:c0:ad:39:6d:a0:03:0e:
         d1:08:42:26:88:59:d0:b9:98:3e:a4:b1:28:a7:1a:1f:dd:a7:
         29:27:d3:92:33:13:f8:c3:96:9e:ef:99:e3:b5:22:2b:7f:76:
         d6:22:1b:a0:7c:0a:97:41:57:57:3a:6a:fb:d5:40:0f:b6:0d:
         93:53:3a:cd:2c:70:fe:80:9a:5c:6c:2a:48:5e:20:fc:e0:a1:
         7d:ae:c5:f6:47:09:83:75:0b:d6:b3:16:0a:df:f5:f2:a3:f2:
         97:cb:e9:3a:96:3a:1e:e2:56:ac:e8:c8:0e:a1:c3:fb:f7:e7:
         6d:4c:84:f8:27:bf:07:60:b8:68:5e:5b:ee:7c:37:0d:15:65:
         42:2f:32:25:ec:31:e1:21:31:a1:f6:d4:f6:5b:8e:cc:6e:8f:
         59:3f:10:7b:bd:20:c7:72:94:89:7f:67:40:5b:e2:db:81:cc:
         3e:5a:1c:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDPPGIzzAtJf/cSh1YzptsOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwNzIwMDgyMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEwZGUzNGE4NzlkMDBiNWQ1YTU0MzNiZmZmMDhkNGI1NTk0YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cpSQLlePSlCOzsP1qtENSFN3Trl
XQ/4up6b6SbzeT0/hWTy7zTKnoWMeM9S6wibquCkbQckF5hEARe163938MtDPGIu
+52RhfPw5PyKycUq4g408R+fzJzkpJ8oSEr1MMZN9KJUkMFY0HF8uqMDv32B4KoX
Ttg3wPp3eRpyph3Lm2IgWDvtADr3H4GrIV05fjRtC8bFfg2ZpXoqenYH55wiq5BO
WqAXlUVdPrUCUwpsylvallu3asHTWmq4/lIpghawo6+IoQoq01sfnS778nySIJxw
KdSxJBz7zu94Th3LA9DScH/yxk0/H5raMLQpvOmtNrt9k0HSaXL4Wgq4XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUQ3jSoedALXVpUM7//CNS1WUohMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvaFJEZU5LaDUwQXRkV2xRenZfOEkxTFZaU2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYw5MA0G
CSqGSIb3DQEBCwUAA4IBAQCDJuxcyacCnimsCwEk0sJB6HmlWyK8UGCw4tPTKl1W
u2jYu6pY/t+rlFKi5fX0CashhYXo+0Ugz+4Zlz6GcOxZYENg0c5JglcONBASDv/H
7GQj4MCtOW2gAw7RCEImiFnQuZg+pLEopxof3acpJ9OSMxP4w5ae75njtSIrf3bW
IhugfAqXQVdXOmr71UAPtg2TUzrNLHD+gJpcbCpIXiD84KF9rsX2RwmDdQvWsxYK
3/Xyo/KXy+k6ljoe4las6MgOocP79+dtTIT4J78HYLhoXlvufDcNFWVCLzIl7DHh
ITGh9tT2W47Mbo9ZPxB7vSDHcpSJf2dAW+Lbgcw+WhwW
-----END CERTIFICATE-----
Generated at Mon Aug 19 09:21:47 2024 by rpki-client on console-ams.rpki-client.org