Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/vDsbx4fkOE700wusaeKeZ1HK26M.roa
File:                     vDsbx4fkOE700wusaeKeZ1HK26M.roa (raw, json)
Hash identifier:          gG9U7giSamymcCVahf9c+Ten8KoxAJA87cVguy0sxkY=
Subject key identifier:   BC:3B:1B:C7:87:E4:38:4E:F4:D3:0B:AC:69:E2:9E:67:51:CA:DB:A3
Certificate issuer:       /CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
Certificate serial:       018CC795091715A205661DF7A851C20B76B7
Authority key identifier: 7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/vDsbx4fkOE700wusaeKeZ1HK26M.roa
Signing time:             Tue 02 Jan 2024 00:31:22 +0000
ROA not before:           Tue 02 Jan 2024 00:31:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29470
IP address blocks:        185.45.80.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 12:10:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:09:17:15:a2:05:66:1d:f7:a8:51:c2:0b:76:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
        Validity
            Not Before: Jan  2 00:31:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bc3b1bc787e4384ef4d30bac69e29e6751cadba3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:07:48:75:35:3f:56:fd:86:8e:48:0c:73:e3:
                    f4:50:6f:b2:38:54:3f:b5:ba:c1:3e:4a:7e:d9:a6:
                    a7:75:97:df:9f:85:02:c4:f2:20:6e:5c:dd:8d:40:
                    a3:bd:0b:3c:30:c5:07:f0:66:fd:95:f3:cd:bc:b7:
                    1f:36:94:bf:fd:d0:8a:9f:0b:6c:c1:c0:84:71:02:
                    d3:4e:fb:ad:96:8b:97:7e:e5:41:ba:d3:72:b9:74:
                    0a:1d:ce:14:61:24:a3:dc:28:73:81:be:c0:a2:55:
                    c5:85:01:f5:e7:99:e3:62:6d:91:2b:a0:a9:00:10:
                    35:f4:21:d8:82:91:8c:f9:64:65:81:6c:ef:e5:e8:
                    f8:de:de:61:32:c2:f3:44:31:f8:ae:8e:4d:6a:30:
                    87:e0:d1:82:ae:f4:3c:9e:ff:a7:ba:41:f5:0f:bb:
                    01:67:60:82:98:44:51:c3:2d:13:85:b1:5a:e5:9a:
                    02:2f:0b:40:9f:7c:27:7e:e1:ce:07:23:56:4a:21:
                    09:7c:c1:b9:f6:54:cc:0e:e6:c5:d9:08:a6:89:e5:
                    9b:74:a5:39:48:b7:a3:2e:8d:c8:b7:b0:44:42:20:
                    9e:11:11:e2:80:84:b0:aa:c7:f0:5b:6c:26:8f:1f:
                    b3:ac:7f:1a:c6:d7:29:72:50:e2:49:ce:3c:5f:ad:
                    e8:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:3B:1B:C7:87:E4:38:4E:F4:D3:0B:AC:69:E2:9E:67:51:CA:DB:A3
            X509v3 Authority Key Identifier:
                keyid:7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/vDsbx4fkOE700wusaeKeZ1HK26M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.45.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:3a:b4:c6:38:f6:ee:8b:56:85:19:70:5a:72:ef:95:98:72:
         ce:27:12:58:13:43:a7:08:04:27:d6:f1:30:74:75:d3:90:f0:
         6e:7b:07:e1:8b:a3:9c:6d:73:77:75:7e:e2:83:0b:bd:b8:67:
         ce:3a:54:50:38:a2:e5:6c:7e:eb:9c:54:c3:ae:4c:83:13:78:
         cc:12:ce:f5:fc:57:98:a4:2e:d0:14:41:b3:05:1f:0d:dc:ca:
         49:63:78:cd:cb:53:df:80:c5:c8:9c:2e:36:6d:5c:9a:65:35:
         f5:5b:8b:95:91:cc:8f:ac:cd:8f:5c:37:51:d3:c0:4a:ee:4b:
         79:55:aa:90:7a:9a:80:07:83:5b:6a:65:ec:09:df:63:f3:50:
         55:fd:2c:86:e3:b7:0e:ee:4b:d0:f0:5f:4b:d5:6f:9d:64:d5:
         8b:cf:8a:ba:80:91:e6:3c:fd:d1:cd:20:9e:98:ac:f8:f6:16:
         ce:00:83:32:69:a8:14:8c:02:34:ed:f5:11:ac:58:95:7a:2d:
         27:9c:4b:5e:07:5c:d5:ff:e1:a4:a6:3a:3e:db:75:c5:11:76:
         8f:dc:4d:e4:25:f7:f4:0a:63:05:53:b4:f1:05:cf:46:14:98:
         68:45:d3:01:7e:d4:da:f7:0e:fb:aa:3e:7d:f6:79:e2:4a:20:
         ca:e9:9a:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlQkXFaIFZh33qFHCC3a3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNDNiMGVjNzk5NTFkNWQ1NTgwMTMzZTUzMjlhOTBmMmZl
ZTFjNWIwHhcNMjQwMTAyMDAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNiMWJjNzg3ZTQzODRlZjRkMzBiYWM2OWUyOWU2NzUxY2FkYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwdIdTU/Vv2GjkgMc+P0UG+yOFQ/
tbrBPkp+2aandZffn4UCxPIgblzdjUCjvQs8MMUH8Gb9lfPNvLcfNpS//dCKnwts
wcCEcQLTTvutlouXfuVButNyuXQKHc4UYSSj3Chzgb7AolXFhQH155njYm2RK6Cp
ABA19CHYgpGM+WRlgWzv5ej43t5hMsLzRDH4ro5NajCH4NGCrvQ8nv+nukH1D7sB
Z2CCmERRwy0ThbFa5ZoCLwtAn3wnfuHOByNWSiEJfMG59lTMDubF2QimieWbdKU5
SLejLo3It7BEQiCeERHigISwqsfwW2wmjx+zrH8axtcpclDiSc48X63o7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLw7G8eH5DhO9NMLrGninmdRytujMB8GA1UdIwQY
MBaAFH1DsOx5lR1dVYATPlMpqQ8v7hxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgt
OTNhNjE5MmIxNzg1LzEvdkRzYng0ZmtPRTcwMHd1c2FlS2VaMUhLMjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgtOTNhNjE5MmIxNzg1
LzEvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuS1QMA0G
CSqGSIb3DQEBCwUAA4IBAQByOrTGOPbui1aFGXBacu+VmHLOJxJYE0OnCAQn1vEw
dHXTkPBuewfhi6OcbXN3dX7igwu9uGfOOlRQOKLlbH7rnFTDrkyDE3jMEs71/FeY
pC7QFEGzBR8N3MpJY3jNy1PfgMXInC42bVyaZTX1W4uVkcyPrM2PXDdR08BK7kt5
VaqQepqAB4NbamXsCd9j81BV/SyG47cO7kvQ8F9L1W+dZNWLz4q6gJHmPP3RzSCe
mKz49hbOAIMyaagUjAI07fURrFiVei0nnEteB1zV/+Gkpjo+23XFEXaP3E3kJff0
CmMFU7TxBc9GFJhoRdMBftTa9w77qj599nniSiDK6Zof
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:04 2024 by rpki-client on console-ams.rpki-client.org