Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/gXba0admLCM4nqOttpOzo-vEaiw.roa
File:                     gXba0admLCM4nqOttpOzo-vEaiw.roa (raw, json)
Hash identifier:          zOpObiSA0Uhrn8Jq7crnA6a3OeWJ5Pig8/u1sHARzwU=
Subject key identifier:   81:76:DA:D1:A7:66:2C:23:38:9E:A3:AD:B6:93:B3:A3:EB:C4:6A:2C
Certificate issuer:       /CN=ded7239db81d61f98d586383ccc125d66106cb30
Certificate serial:       01856F26D1BE486A50CB23D22831575E1FC1
Authority key identifier: DE:D7:23:9D:B8:1D:61:F9:8D:58:63:83:CC:C1:25:D6:61:06:CB:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tcjnbgdYfmNWGODzMEl1mEGyzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/gXba0admLCM4nqOttpOzo-vEaiw.roa
Signing time:             Sun 01 Jan 2023 21:04:53 +0000
ROA not before:           Sun 01 Jan 2023 21:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51827
IP address blocks:        45.151.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:26:d1:be:48:6a:50:cb:23:d2:28:31:57:5e:1f:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ded7239db81d61f98d586383ccc125d66106cb30
        Validity
            Not Before: Jan  1 21:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8176dad1a7662c23389ea3adb693b3a3ebc46a2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d0:b1:09:d6:3d:99:fc:e6:e9:d5:fb:b6:0d:
                    3f:08:77:7f:a1:89:e1:3a:ae:e0:0c:8b:55:2a:a3:
                    d6:f0:7c:9f:fd:1c:aa:47:3d:f8:1c:f7:99:45:5b:
                    82:6b:9f:94:02:ba:4b:95:49:a2:74:9d:54:33:71:
                    36:d7:47:06:6e:01:53:42:6a:b7:61:96:2a:18:a4:
                    fd:0b:d8:39:65:da:50:74:4a:6a:b3:49:61:2f:30:
                    42:2a:01:fb:a5:b1:45:9d:fd:93:c0:d0:a6:f2:54:
                    c4:92:a7:3a:68:7d:86:f6:30:59:3e:87:41:ee:ef:
                    66:2e:c4:19:82:31:15:5b:4d:02:05:c6:da:46:67:
                    66:18:bf:be:16:42:22:7d:f0:8b:b7:9c:22:14:05:
                    2a:1e:0c:d8:96:fd:10:72:71:d3:52:ee:ba:7f:15:
                    d4:e0:86:08:9e:3f:17:bf:9d:56:ad:84:55:03:8e:
                    b2:5f:80:0a:de:ba:5a:00:4e:ad:a6:24:fc:7e:60:
                    2a:4a:37:c7:b2:f5:da:98:81:84:ee:7e:69:56:8a:
                    e6:86:a5:30:c7:45:25:9b:a8:35:0d:ad:a1:2e:eb:
                    45:b9:77:18:69:f4:2f:ba:a4:bd:e7:07:e4:af:d0:
                    9e:90:b4:66:1d:69:cc:d2:1e:f9:d0:18:64:fc:45:
                    0a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:76:DA:D1:A7:66:2C:23:38:9E:A3:AD:B6:93:B3:A3:EB:C4:6A:2C
            X509v3 Authority Key Identifier:
                keyid:DE:D7:23:9D:B8:1D:61:F9:8D:58:63:83:CC:C1:25:D6:61:06:CB:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tcjnbgdYfmNWGODzMEl1mEGyzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/gXba0admLCM4nqOttpOzo-vEaiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/3tcjnbgdYfmNWGODzMEl1mEGyzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:4c:9b:65:49:8c:60:49:9c:87:e4:5e:7a:58:0f:58:03:4c:
         1a:fe:da:29:ea:9e:7f:b9:0f:79:f2:3a:d9:01:ba:44:62:72:
         bc:50:d7:a3:76:61:34:7a:4b:1a:ed:75:b9:2d:01:9a:d7:3c:
         30:65:96:3a:c6:41:58:a3:c8:e3:15:3a:03:ba:94:3b:81:67:
         aa:0e:e3:74:77:d1:e2:f2:f1:4c:32:25:85:9e:e7:ad:43:5f:
         b9:b7:56:77:1a:83:59:96:86:fa:62:0a:2b:1c:00:2f:12:80:
         99:95:03:f8:52:9f:fa:d7:d5:c8:48:ba:d5:6f:38:eb:1a:0c:
         f3:32:a7:67:76:25:ed:0e:df:2c:8a:a2:6f:a2:2d:ae:ce:39:
         30:26:dd:b7:b7:73:50:7a:fe:ad:be:a8:e9:f9:ea:ba:d4:82:
         aa:29:6a:f6:15:f1:4e:4d:b2:29:a8:90:bb:74:75:9a:52:ae:
         6c:42:f9:1e:7a:76:55:15:19:f3:cd:04:e2:2a:a7:ff:7b:52:
         cc:cb:68:94:0e:e6:5b:86:e4:00:7b:ec:11:00:47:da:d7:be:
         ff:bb:6e:75:8c:c2:db:c0:7d:53:02:a0:b7:8a:1e:7b:42:f8:
         81:07:49:a5:7f:bc:18:5d:5e:a6:3d:d5:66:5c:72:5d:cf:df:
         07:ee:66:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJtG+SGpQyyPSKDFXXh/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDcyMzlkYjgxZDYxZjk4ZDU4NjM4M2NjYzEyNWQ2NjEw
NmNiMzAwHhcNMjMwMTAxMjEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTc2ZGFkMWE3NjYyYzIzMzg5ZWEzYWRiNjkzYjNhM2ViYzQ2YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9CxCdY9mfzm6dX7tg0/CHd/oYnh
Oq7gDItVKqPW8Hyf/RyqRz34HPeZRVuCa5+UArpLlUmidJ1UM3E210cGbgFTQmq3
YZYqGKT9C9g5ZdpQdEpqs0lhLzBCKgH7pbFFnf2TwNCm8lTEkqc6aH2G9jBZPodB
7u9mLsQZgjEVW00CBcbaRmdmGL++FkIiffCLt5wiFAUqHgzYlv0QcnHTUu66fxXU
4IYInj8Xv51WrYRVA46yX4AK3rpaAE6tpiT8fmAqSjfHsvXamIGE7n5pVormhqUw
x0Ulm6g1Da2hLutFuXcYafQvuqS95wfkr9CekLRmHWnM0h750Bhk/EUKzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIF22tGnZiwjOJ6jrbaTs6PrxGosMB8GA1UdIwQY
MBaAFN7XI524HWH5jVhjg8zBJdZhBsswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Rjam5iZ2RZZm1OV0dPRHpNRWwxbUVHeXpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iNmM0MjYtNzZkNS00YTgyLTliNWYt
ODU2YjY1Yzc1YzI2LzEvZ1hiYTBhZG1MQ000bnFPdHRwT3pvLXZFYWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iNmM0MjYtNzZkNS00YTgyLTliNWYtODU2YjY1Yzc1YzI2
LzEvM3Rjam5iZ2RZZm1OV0dPRHpNRWwxbUVHeXpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZfzMA0G
CSqGSIb3DQEBCwUAA4IBAQClTJtlSYxgSZyH5F56WA9YA0wa/top6p5/uQ958jrZ
AbpEYnK8UNejdmE0eksa7XW5LQGa1zwwZZY6xkFYo8jjFToDupQ7gWeqDuN0d9Hi
8vFMMiWFnuetQ1+5t1Z3GoNZlob6YgorHAAvEoCZlQP4Up/619XISLrVbzjrGgzz
MqdndiXtDt8siqJvoi2uzjkwJt23t3NQev6tvqjp+eq61IKqKWr2FfFOTbIpqJC7
dHWaUq5sQvkeenZVFRnzzQTiKqf/e1LMy2iUDuZbhuQAe+wRAEfa177/u251jMLb
wH1TAqC3ih57QviBB0mlf7wYXV6mPdVmXHJdz98H7mbd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:58 2024 by rpki-client on console-ams.rpki-client.org