Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/he1QvKeJt94h8NZX-Oa3nKSz2o0.roa
File:                     he1QvKeJt94h8NZX-Oa3nKSz2o0.roa (raw, json)
Hash identifier:          g+cYKeUdSCU/325BLFNYz0lt10ue5P9jINI74EZCkKg=
Subject key identifier:   85:ED:50:BC:A7:89:B7:DE:21:F0:D6:57:F8:E6:B7:9C:A4:B3:DA:8D
Certificate issuer:       /CN=c15e7d7bb69efacb0c73902972c74d72d29bf77f
Certificate serial:       018BB98B05501F9F5DB13CCBF0ABEEC4C3A9
Authority key identifier: C1:5E:7D:7B:B6:9E:FA:CB:0C:73:90:29:72:C7:4D:72:D2:9B:F7:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wV59e7ae-ssMc5ApcsdNctKb938.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/he1QvKeJt94h8NZX-Oa3nKSz2o0.roa
Signing time:             Fri 10 Nov 2023 14:02:57 +0000
ROA not before:           Fri 10 Nov 2023 14:02:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212477
IP address blocks:        45.144.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b9:8b:05:50:1f:9f:5d:b1:3c:cb:f0:ab:ee:c4:c3:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c15e7d7bb69efacb0c73902972c74d72d29bf77f
        Validity
            Not Before: Nov 10 14:02:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85ed50bca789b7de21f0d657f8e6b79ca4b3da8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ff:77:0b:2b:a4:a9:47:93:f2:a3:0e:f7:10:
                    a9:ad:2a:a5:de:d9:86:c2:72:41:f1:d9:15:42:3f:
                    92:b4:d9:22:a3:de:fb:71:51:d0:26:ec:91:92:e5:
                    e4:ac:12:ff:b4:ad:73:0b:29:45:81:d2:46:c2:f6:
                    0c:79:e8:49:a7:9d:c5:dc:f1:33:6a:d6:13:47:7d:
                    0b:f0:b8:9e:d0:67:42:c0:8e:26:f6:0f:c1:39:3f:
                    5f:b9:bd:8e:65:2b:49:d9:17:67:4f:44:1f:33:d8:
                    58:2a:db:f3:bb:7e:ec:2f:09:49:54:f6:6f:ef:b7:
                    4f:24:be:28:2e:3e:d3:51:f8:4e:db:1f:cf:24:a1:
                    ee:28:5b:2d:e7:ad:1f:de:ba:e1:f9:5d:5d:aa:6a:
                    dd:08:ab:02:1b:ae:a3:e5:e7:9b:97:8a:63:a6:1e:
                    ae:9b:5b:77:c7:47:59:53:39:0a:81:7b:4f:33:ee:
                    d5:a9:a1:da:39:67:92:6b:b9:bf:9d:94:cd:61:f1:
                    6c:8e:98:b3:52:72:a3:bb:a9:46:bb:8f:fc:2b:8f:
                    14:4c:48:50:25:78:16:53:4b:61:fe:0c:01:52:f8:
                    c7:a6:62:56:65:fd:53:dc:93:11:e2:89:49:3f:61:
                    c6:44:4d:f6:87:f9:5a:ae:f4:1c:92:b8:7d:ac:d3:
                    43:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:ED:50:BC:A7:89:B7:DE:21:F0:D6:57:F8:E6:B7:9C:A4:B3:DA:8D
            X509v3 Authority Key Identifier:
                keyid:C1:5E:7D:7B:B6:9E:FA:CB:0C:73:90:29:72:C7:4D:72:D2:9B:F7:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wV59e7ae-ssMc5ApcsdNctKb938.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/he1QvKeJt94h8NZX-Oa3nKSz2o0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/wV59e7ae-ssMc5ApcsdNctKb938.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:ec:54:bc:cd:1c:e4:d5:2c:fc:7b:73:5f:99:c5:31:f1:24:
         fb:07:1a:f3:df:95:f0:09:1d:ce:86:ed:be:d1:98:9b:8e:f4:
         3c:5d:56:75:83:c9:4e:07:8b:4c:73:2c:5d:49:c1:a0:6a:46:
         73:37:86:96:1b:b3:dc:2e:af:97:a0:c1:b1:09:28:9c:24:ff:
         d8:50:47:e4:84:fb:ec:f4:9f:21:52:fe:a7:3c:9e:32:e6:b9:
         79:5c:28:5c:d2:e0:2c:93:46:02:98:02:01:df:6a:2a:4d:27:
         ff:e4:ca:87:1d:64:53:45:36:33:1f:12:9c:6a:81:01:67:8c:
         d4:f5:2b:63:cd:4c:25:7c:c8:d2:04:8f:a6:34:10:6b:97:73:
         7e:24:25:3e:b1:81:35:a1:c0:62:67:24:ce:74:5d:8f:cb:d6:
         30:8e:fe:d3:b5:93:40:4a:98:fb:29:d1:10:67:e4:e6:5d:4f:
         a5:74:77:7f:3a:4e:01:64:b4:8f:b6:1e:51:ff:0f:26:f7:8e:
         fc:75:ec:5e:6a:a0:89:87:13:d6:73:ea:56:6a:fd:ef:1e:d8:
         17:f6:bc:94:3c:fb:35:d6:87:cb:cf:ff:b7:8a:83:40:7f:d1:
         62:f1:76:9f:ae:98:c2:35:e5:c7:56:0b:39:1b:ae:2d:8f:5c:
         43:11:8b:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu5iwVQH59dsTzL8KvuxMOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxNWU3ZDdiYjY5ZWZhY2IwYzczOTAyOTcyYzc0ZDcyZDI5
YmY3N2YwHhcNMjMxMTEwMTQwMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWVkNTBiY2E3ODliN2RlMjFmMGQ2NTdmOGU2Yjc5Y2E0YjNkYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif93CyukqUeT8qMO9xCprSql3tmG
wnJB8dkVQj+StNkio977cVHQJuyRkuXkrBL/tK1zCylFgdJGwvYMeehJp53F3PEz
atYTR30L8Lie0GdCwI4m9g/BOT9fub2OZStJ2RdnT0QfM9hYKtvzu37sLwlJVPZv
77dPJL4oLj7TUfhO2x/PJKHuKFst560f3rrh+V1dqmrdCKsCG66j5eebl4pjph6u
m1t3x0dZUzkKgXtPM+7VqaHaOWeSa7m/nZTNYfFsjpizUnKju6lGu4/8K48UTEhQ
JXgWU0th/gwBUvjHpmJWZf1T3JMR4olJP2HGRE32h/larvQckrh9rNNDNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXtULynibfeIfDWV/jmt5yks9qNMB8GA1UdIwQY
MBaAFMFefXu2nvrLDHOQKXLHTXLSm/d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1Y1OWU3YWUtc3NNYzVBcGNzZE5jdEtiOTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9lYTQwMmEtMGZmNi00N2Q5LTljZDAt
MzQ3YTBmN2M1YjA4LzEvaGUxUXZLZUp0OTRoOE5aWC1PYTNuS1N6Mm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9lYTQwMmEtMGZmNi00N2Q5LTljZDAtMzQ3YTBmN2M1YjA4
LzEvd1Y1OWU3YWUtc3NNYzVBcGNzZE5jdEtiOTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZDEMA0G
CSqGSIb3DQEBCwUAA4IBAQAn7FS8zRzk1Sz8e3NfmcUx8ST7Bxrz35XwCR3Ohu2+
0ZibjvQ8XVZ1g8lOB4tMcyxdScGgakZzN4aWG7PcLq+XoMGxCSicJP/YUEfkhPvs
9J8hUv6nPJ4y5rl5XChc0uAsk0YCmAIB32oqTSf/5MqHHWRTRTYzHxKcaoEBZ4zU
9StjzUwlfMjSBI+mNBBrl3N+JCU+sYE1ocBiZyTOdF2Py9Ywjv7TtZNASpj7KdEQ
Z+TmXU+ldHd/Ok4BZLSPth5R/w8m9478dexeaqCJhxPWc+pWav3vHtgX9ryUPPs1
1ofLz/+3ioNAf9Fi8XafrpjCNeXHVgs5G64tj1xDEYvs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:19 2024 by rpki-client on console-ams.rpki-client.org