Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/k6ARXzUoyBF_evF6lcfU4Tki_Ds.roa
File:                     k6ARXzUoyBF_evF6lcfU4Tki_Ds.roa (raw, json)
Hash identifier:          4adn52R01q0M5iYjbj7vb+Xj7Pc+1Rze6H2f8hmuCCE=
Subject key identifier:   93:A0:11:5F:35:28:C8:11:7F:7A:F1:7A:95:C7:D4:E1:39:22:FC:3B
Certificate issuer:       /CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Certificate serial:       018DC1AE9B945ED978F1D7ECFCD83BB3EBB4
Authority key identifier: ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/k6ARXzUoyBF_evF6lcfU4Tki_Ds.roa
Signing time:             Mon 19 Feb 2024 14:04:22 +0000
ROA not before:           Mon 19 Feb 2024 14:04:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        45.89.128.0/22 maxlen: 22
                          2a0b:a200::/31 maxlen: 31

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 12:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c1:ae:9b:94:5e:d9:78:f1:d7:ec:fc:d8:3b:b3:eb:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
        Validity
            Not Before: Feb 19 14:04:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=93a0115f3528c8117f7af17a95c7d4e13922fc3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:f6:c5:ab:7d:36:28:44:96:ef:1c:35:5c:ae:
                    df:98:26:da:64:30:7f:93:b7:e1:7e:09:45:f4:06:
                    21:f0:c0:17:07:d2:6e:1f:00:a7:e4:7b:d1:22:7f:
                    74:c9:ba:bd:9a:18:80:0b:e7:2f:2d:91:aa:fb:9a:
                    29:b9:ac:3d:77:21:fb:7b:de:3d:f2:c4:54:54:96:
                    df:4a:4a:37:d1:b0:17:35:aa:32:2b:59:aa:f4:9c:
                    0a:73:21:82:3f:e5:e0:24:2f:1e:a6:91:43:df:d0:
                    4c:c5:ea:98:52:1d:56:70:fe:57:24:01:c9:38:b4:
                    c5:96:ae:99:cf:55:53:bf:f6:d9:3f:5e:81:e2:8d:
                    f3:da:cd:80:c7:58:bf:e4:7e:5c:57:90:b2:8d:8f:
                    bc:9f:a1:05:4c:59:3c:c3:80:fc:91:ed:4d:bc:5a:
                    eb:a6:88:9b:50:d5:af:67:55:ba:4d:13:e5:14:88:
                    97:55:60:99:de:e0:dd:bd:35:8d:63:e8:d0:32:00:
                    da:3d:e0:d8:9f:a7:0a:1b:e0:e1:ca:26:71:e4:48:
                    93:4a:f3:7e:c6:9d:25:6d:fa:c0:6f:4b:a4:5e:d6:
                    b7:e6:08:c6:d1:22:2c:eb:63:90:94:af:fa:c2:12:
                    cc:86:5c:14:d3:57:99:c2:02:02:7a:bf:38:e6:19:
                    0a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:A0:11:5F:35:28:C8:11:7F:7A:F1:7A:95:C7:D4:E1:39:22:FC:3B
            X509v3 Authority Key Identifier:
                keyid:ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/k6ARXzUoyBF_evF6lcfU4Tki_Ds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.128.0/22
                IPv6:
                  2a0b:a200::/31

    Signature Algorithm: sha256WithRSAEncryption
         48:00:6e:47:bf:d3:96:38:fb:78:0a:48:f7:06:96:0a:c0:99:
         64:06:8b:69:f3:89:22:59:b8:ee:51:17:e8:ab:a9:a2:7b:97:
         7e:e4:df:e0:5e:c2:e7:04:82:ca:05:6f:20:80:d8:70:e6:b0:
         bb:73:89:e6:56:b3:c5:b1:d7:8c:03:87:c2:7f:5a:88:71:c7:
         56:00:fa:99:63:73:f6:75:55:8b:aa:92:02:48:d1:42:91:5a:
         0e:e6:8f:cc:5c:ca:51:9d:3c:db:c1:dd:88:e3:17:ba:cd:f7:
         63:1f:23:64:e3:f0:3c:bb:59:1a:81:76:7c:f5:bb:07:1d:27:
         29:2c:fa:50:49:d1:65:71:f7:ea:1c:ac:03:c1:c6:e5:ca:20:
         47:df:36:51:2b:75:45:a8:f8:25:3c:54:76:12:54:05:07:23:
         21:1f:37:06:b2:e9:fd:4f:c0:6e:c1:23:de:bf:8c:7a:e0:a1:
         fd:98:76:c0:af:56:2b:7d:7f:1b:4d:ec:df:a5:fd:46:39:42:
         61:01:cc:f4:03:a3:a6:79:fc:dd:d5:1e:80:7e:4c:36:8e:c1:
         47:eb:31:9f:b3:d8:1c:a5:ff:71:82:86:66:df:76:68:e0:a9:
         1f:79:51:1e:8a:ef:f1:e4:6a:5e:0f:42:de:1d:fe:9a:ad:b8:
         84:38:a4:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY3BrpuUXtl48dfs/Ng7s+u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjI0YzU5MDAyN2E1YThjOWVlYjM2OTcyNmU0YTYzMGNk
ZjQxNGMwHhcNMjQwMjE5MTQwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2EwMTE1ZjM1MjhjODExN2Y3YWYxN2E5NWM3ZDRlMTM5MjJmYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvbFq302KESW7xw1XK7fmCbaZDB/
k7fhfglF9AYh8MAXB9JuHwCn5HvRIn90ybq9mhiAC+cvLZGq+5opuaw9dyH7e949
8sRUVJbfSko30bAXNaoyK1mq9JwKcyGCP+XgJC8eppFD39BMxeqYUh1WcP5XJAHJ
OLTFlq6Zz1VTv/bZP16B4o3z2s2Ax1i/5H5cV5CyjY+8n6EFTFk8w4D8ke1NvFrr
poibUNWvZ1W6TRPlFIiXVWCZ3uDdvTWNY+jQMgDaPeDYn6cKG+DhyiZx5EiTSvN+
xp0lbfrAb0ukXta35gjG0SIs62OQlK/6whLMhlwU01eZwgICer845hkKWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJOgEV81KMgRf3rxepXH1OE5Ivw7MB8GA1UdIwQY
MBaAFO1iTFkAJ6Woye6zaXJuSmMM30FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5Nzgt
YTdiZTVmYTBmZjY1LzEvazZBUlh6VW95QkZfZXZGNmxjZlU0VGtpX0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5NzgtYTdiZTVmYTBmZjY1
LzEvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVmAMA0E
AgACMAcDBQEqC6IAMA0GCSqGSIb3DQEBCwUAA4IBAQBIAG5Hv9OWOPt4Ckj3BpYK
wJlkBotp84kiWbjuURfoq6mie5d+5N/gXsLnBILKBW8ggNhw5rC7c4nmVrPFsdeM
A4fCf1qIccdWAPqZY3P2dVWLqpICSNFCkVoO5o/MXMpRnTzbwd2I4xe6zfdjHyNk
4/A8u1kagXZ89bsHHScpLPpQSdFlcffqHKwDwcblyiBH3zZRK3VFqPglPFR2ElQF
ByMhHzcGsun9T8BuwSPev4x64KH9mHbAr1YrfX8bTezfpf1GOUJhAcz0A6Omefzd
1R6Afkw2jsFH6zGfs9gcpf9xgoZm33Zo4KkfeVEeiu/x5GpeD0LeHf6arbiEOKQj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:07 2024 by rpki-client on console-fra.rpki-client.org