Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/TuQXe1ZMv6PeqRXK7yyBZEMzfPQ.roa
File:                     TuQXe1ZMv6PeqRXK7yyBZEMzfPQ.roa (raw, json)
Hash identifier:          G5+rEHGf6bRt0/c9fbKoUClkgLpK2dJzaZTHmsg9hgw=
Subject key identifier:   4E:E4:17:7B:56:4C:BF:A3:DE:A9:15:CA:EF:2C:81:64:43:33:7C:F4
Certificate issuer:       /CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Certificate serial:       018B3D483DA2AC5B465418FE5E0B3CC9C967
Authority key identifier: 6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/TuQXe1ZMv6PeqRXK7yyBZEMzfPQ.roa
Signing time:             Tue 17 Oct 2023 10:57:06 +0000
ROA not before:           Tue 17 Oct 2023 10:57:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     136258
IP address blocks:        45.154.204.0/24 maxlen: 24
                          195.137.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:3d:48:3d:a2:ac:5b:46:54:18:fe:5e:0b:3c:c9:c9:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
        Validity
            Not Before: Oct 17 10:57:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ee4177b564cbfa3dea915caef2c816443337cf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:28:46:f7:d9:f9:40:f4:79:d0:7b:a2:8f:63:
                    73:ab:f3:2c:20:3f:9f:59:bc:95:a8:4d:d8:7d:aa:
                    d7:a6:3c:07:b4:e4:be:13:e2:10:61:18:f8:2f:0a:
                    80:f7:62:b0:40:9d:4d:5b:da:c3:85:78:62:c6:d8:
                    a8:f0:e3:72:0d:d9:14:59:48:b4:37:71:68:52:26:
                    18:ed:8b:ab:f8:2d:35:f6:9b:72:70:68:8e:9e:0a:
                    da:a8:1f:aa:73:d2:c0:77:61:38:ef:77:3d:a6:20:
                    5b:f7:13:09:62:c6:82:84:82:4d:c1:48:b7:16:46:
                    17:45:92:23:78:28:66:55:9b:5b:01:24:2d:e3:0f:
                    79:bd:83:78:56:88:71:22:13:44:22:cd:62:e2:9b:
                    ba:4a:4b:a7:ec:58:1f:72:39:27:14:de:39:6e:07:
                    fd:85:0c:7d:47:33:de:be:2a:86:ee:4a:e3:50:4c:
                    1b:69:8f:4a:13:ad:6e:36:5f:d2:6b:73:8a:1c:f3:
                    0d:de:9f:0a:90:a3:98:60:25:d3:8d:3a:07:75:b3:
                    e0:d7:b3:a5:24:47:f8:3f:71:85:55:1d:5b:d8:ea:
                    5b:bb:15:99:d2:6a:e7:17:82:44:98:18:9e:f2:49:
                    f3:ba:d7:aa:4b:94:13:01:44:40:7d:81:3a:4a:a6:
                    5c:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:E4:17:7B:56:4C:BF:A3:DE:A9:15:CA:EF:2C:81:64:43:33:7C:F4
            X509v3 Authority Key Identifier:
                keyid:6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/TuQXe1ZMv6PeqRXK7yyBZEMzfPQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.204.0/24
                  195.137.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:cd:9e:94:fa:44:42:20:bf:12:6d:73:8b:91:5e:28:34:b0:
         27:1b:7e:46:0e:92:76:75:40:70:ba:7c:b0:f4:f5:f6:c9:d6:
         b1:a0:f9:d9:d3:c1:d6:90:9b:fb:f1:9e:c3:ad:a7:19:cf:34:
         ce:61:54:ad:0e:84:8c:fa:5b:52:1b:14:9a:a8:8b:c3:8c:aa:
         c0:f6:e5:62:9b:32:69:00:b4:3f:28:b9:12:57:b7:91:d7:33:
         6b:c6:69:6f:95:90:4f:91:12:67:40:9b:f1:8c:c0:a3:90:de:
         94:f4:e7:94:ed:9c:86:a0:cd:7b:c1:87:a0:9c:26:8c:f6:2c:
         d7:e6:fa:9f:94:0f:ad:0c:4f:c3:0f:54:79:40:fd:bf:47:63:
         ea:32:fa:78:87:69:5e:93:d5:4d:1c:3b:0e:4c:8b:62:a3:f2:
         c5:9b:e2:67:41:b6:9d:35:50:84:4f:e3:9b:18:d0:db:3a:fb:
         58:49:06:8f:1b:da:33:4a:2c:53:4a:2e:d2:50:68:0d:e7:e5:
         8c:b8:8a:ff:8d:fc:d8:48:54:b7:dc:67:70:73:ed:ed:bf:da:
         b4:6e:cc:96:6e:00:23:09:9e:37:fc:13:7c:93:76:d2:49:30:
         e3:ec:bd:aa:ad:37:23:dc:6f:73:29:f6:35:6a:28:16:60:f0:
         e7:af:6d:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs9SD2irFtGVBj+Xgs8yclnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNzk4ZjBmZTRmNGRmZmRmZWQyYzhlNjJkMjM1NDMwZjQ5
Mzc3Y2QwHhcNMjMxMDE3MTA1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWU0MTc3YjU2NGNiZmEzZGVhOTE1Y2FlZjJjODE2NDQzMzM3Y2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzihG99n5QPR50Huij2Nzq/MsID+f
WbyVqE3YfarXpjwHtOS+E+IQYRj4LwqA92KwQJ1NW9rDhXhixtio8ONyDdkUWUi0
N3FoUiYY7Yur+C019ptycGiOngraqB+qc9LAd2E473c9piBb9xMJYsaChIJNwUi3
FkYXRZIjeChmVZtbASQt4w95vYN4VohxIhNEIs1i4pu6Skun7FgfcjknFN45bgf9
hQx9RzPeviqG7krjUEwbaY9KE61uNl/Sa3OKHPMN3p8KkKOYYCXTjToHdbPg17Ol
JEf4P3GFVR1b2OpbuxWZ0mrnF4JEmBie8knzuteqS5QTAURAfYE6SqZcmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE7kF3tWTL+j3qkVyu8sgWRDM3z0MB8GA1UdIwQY
MBaAFGp5jw/k9N/9/tLI5i0jVDD0k3fNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMt
NzdjZjgxMDQxMDgzLzEvVHVRWGUxWk12NlBlcVJYSzd5eUJaRU16ZlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMtNzdjZjgxMDQxMDgz
LzEvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZrMAwQA
w4ncMA0GCSqGSIb3DQEBCwUAA4IBAQAXzZ6U+kRCIL8SbXOLkV4oNLAnG35GDpJ2
dUBwunyw9PX2ydaxoPnZ08HWkJv78Z7DracZzzTOYVStDoSM+ltSGxSaqIvDjKrA
9uVimzJpALQ/KLkSV7eR1zNrxmlvlZBPkRJnQJvxjMCjkN6U9OeU7ZyGoM17wYeg
nCaM9izX5vqflA+tDE/DD1R5QP2/R2PqMvp4h2lek9VNHDsOTItio/LFm+JnQbad
NVCET+ObGNDbOvtYSQaPG9ozSixTSi7SUGgN5+WMuIr/jfzYSFS33Gdwc+3tv9q0
bsyWbgAjCZ43/BN8k3bSSTDj7L2qrTcj3G9zKfY1aigWYPDnr22U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:17 2024 by rpki-client on console-ams.rpki-client.org