Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/5yv1KJQ4nIF_IGWCB6Awjecx3zw.roa
File:                     5yv1KJQ4nIF_IGWCB6Awjecx3zw.roa (raw, json)
Hash identifier:          P7y/+qVtVz2BbuAlzrNZmbfubbN9Zd5IqXSyaHOARgI=
Subject key identifier:   E7:2B:F5:28:94:38:9C:81:7F:20:65:82:07:A0:30:8D:E7:31:DF:3C
Certificate issuer:       /CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
Certificate serial:       018CC79506BD45A5505D4AD5BB6DB0B83DB0
Authority key identifier: 7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/5yv1KJQ4nIF_IGWCB6Awjecx3zw.roa
Signing time:             Tue 02 Jan 2024 00:31:21 +0000
ROA not before:           Tue 02 Jan 2024 00:31:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9002
IP address blocks:        185.45.80.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 12:10:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:06:bd:45:a5:50:5d:4a:d5:bb:6d:b0:b8:3d:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
        Validity
            Not Before: Jan  2 00:31:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e72bf52894389c817f20658207a0308de731df3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:55:ef:97:82:68:97:3b:7d:f6:64:13:e5:e0:
                    8a:11:a5:6f:79:66:19:4b:e8:7e:66:98:8e:ef:28:
                    80:d7:9d:3b:ac:c5:f4:e5:85:ec:34:a3:a4:3a:e2:
                    3d:c1:04:07:ea:de:37:e1:cf:80:22:1e:69:e4:4f:
                    2a:75:6f:4f:44:c2:d9:a7:56:18:8a:57:0d:6d:9f:
                    6d:56:b5:1a:cf:f1:d9:d6:98:a8:4c:bc:c8:ad:7d:
                    f6:fe:db:d1:b7:e6:65:c6:7e:af:09:21:a9:8d:07:
                    ba:d5:80:49:c4:00:66:1b:17:eb:b5:3b:63:d0:f2:
                    9a:88:72:ed:8f:cb:fa:ee:68:6e:26:cc:a3:df:7a:
                    05:95:38:85:38:56:41:dc:63:82:84:51:2f:2c:1d:
                    c4:1d:cd:22:b0:10:5b:d4:1f:2d:92:6c:84:50:49:
                    3f:73:71:e3:95:0b:7b:2b:f2:c4:c6:ed:03:4a:a0:
                    6e:cd:4c:64:b2:25:a0:50:3d:94:0b:fe:29:a7:c0:
                    d2:d3:83:09:5b:e5:1f:d3:a7:04:10:7e:e0:9d:9e:
                    30:62:2d:d0:79:98:65:57:94:f0:33:a8:4c:65:2c:
                    1e:b1:08:15:e0:cb:3a:7c:f6:c5:b5:83:f9:28:8d:
                    a3:b3:27:bf:19:0e:00:57:ed:33:61:40:7d:c6:a4:
                    ea:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:2B:F5:28:94:38:9C:81:7F:20:65:82:07:A0:30:8D:E7:31:DF:3C
            X509v3 Authority Key Identifier:
                keyid:7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/5yv1KJQ4nIF_IGWCB6Awjecx3zw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.45.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:c9:05:b6:f2:7f:72:d2:4b:95:28:b8:30:24:67:86:9b:09:
         55:d2:29:22:a8:9c:1b:14:f2:96:d0:5b:96:bd:e8:d4:2b:4f:
         85:ea:58:65:49:05:03:98:04:4c:23:ed:a9:19:42:8e:16:39:
         24:54:50:ad:db:b7:e1:37:8a:19:41:ec:67:d0:ee:6d:33:d5:
         43:5b:b2:cd:14:e5:b5:97:41:34:00:df:80:9c:34:75:e6:d8:
         41:c2:e8:65:48:e5:8b:b7:d7:47:e2:1b:c7:d1:89:e8:4e:7a:
         af:be:25:41:29:39:4b:7d:ef:76:cf:27:e6:6e:6f:42:94:d9:
         f3:3d:bd:a1:48:59:3b:40:f4:a5:1f:31:86:84:cf:7f:e4:9f:
         93:8b:14:aa:93:d7:fd:ef:4f:bd:8c:86:86:0c:f1:07:e7:9d:
         36:8b:c4:47:d1:e7:34:33:2c:7e:9a:9b:e1:18:7e:aa:3e:8f:
         a1:dc:ad:07:07:26:6a:90:b2:9e:ec:76:bf:f4:cd:82:4d:71:
         0d:30:cf:a3:0e:18:2a:5a:68:ed:f5:93:a5:81:13:f4:f6:0f:
         1e:9a:23:a5:9a:21:8d:a8:61:dc:8a:f9:b0:bc:d6:a7:09:e9:
         52:f2:e7:4d:d0:7d:be:f8:46:55:e6:7e:5b:d8:20:f2:94:13:
         6b:9b:d5:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlQa9RaVQXUrVu22wuD2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNDNiMGVjNzk5NTFkNWQ1NTgwMTMzZTUzMjlhOTBmMmZl
ZTFjNWIwHhcNMjQwMTAyMDAzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzJiZjUyODk0Mzg5YzgxN2YyMDY1ODIwN2EwMzA4ZGU3MzFkZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplXvl4Jolzt99mQT5eCKEaVveWYZ
S+h+ZpiO7yiA1507rMX05YXsNKOkOuI9wQQH6t434c+AIh5p5E8qdW9PRMLZp1YY
ilcNbZ9tVrUaz/HZ1pioTLzIrX32/tvRt+Zlxn6vCSGpjQe61YBJxABmGxfrtTtj
0PKaiHLtj8v67mhuJsyj33oFlTiFOFZB3GOChFEvLB3EHc0isBBb1B8tkmyEUEk/
c3HjlQt7K/LExu0DSqBuzUxksiWgUD2UC/4pp8DS04MJW+Uf06cEEH7gnZ4wYi3Q
eZhlV5TwM6hMZSwesQgV4Ms6fPbFtYP5KI2jsye/GQ4AV+0zYUB9xqTqeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOcr9SiUOJyBfyBlggegMI3nMd88MB8GA1UdIwQY
MBaAFH1DsOx5lR1dVYATPlMpqQ8v7hxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgt
OTNhNjE5MmIxNzg1LzEvNXl2MUtKUTRuSUZfSUdXQ0I2QXdqZWN4M3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgtOTNhNjE5MmIxNzg1
LzEvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuS1QMA0G
CSqGSIb3DQEBCwUAA4IBAQBXyQW28n9y0kuVKLgwJGeGmwlV0ikiqJwbFPKW0FuW
vejUK0+F6lhlSQUDmARMI+2pGUKOFjkkVFCt27fhN4oZQexn0O5tM9VDW7LNFOW1
l0E0AN+AnDR15thBwuhlSOWLt9dH4hvH0YnoTnqvviVBKTlLfe92zyfmbm9ClNnz
Pb2hSFk7QPSlHzGGhM9/5J+TixSqk9f970+9jIaGDPEH5502i8RH0ec0Myx+mpvh
GH6qPo+h3K0HByZqkLKe7Ha/9M2CTXENMM+jDhgqWmjt9ZOlgRP09g8emiOlmiGN
qGHcivmwvNanCelS8udN0H2++EZV5n5b2CDylBNrm9Wm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:04 2024 by rpki-client on console-ams.rpki-client.org