Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/phJSWNx_2Y1xhC-FuiU8p5DjBRg.roa
File:                     phJSWNx_2Y1xhC-FuiU8p5DjBRg.roa (raw, json)
Hash identifier:          ZojZeyjo/Bj4yDdzeyqsUz+g0yOeyIiRiu5OIM0ysgc=
Subject key identifier:   A6:12:52:58:DC:7F:D9:8D:71:84:2F:85:BA:25:3C:A7:90:E3:05:18
Certificate issuer:       /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial:       0192930BB8620A8685E007DBD07D043FA6F9
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/phJSWNx_2Y1xhC-FuiU8p5DjBRg.roa
Signing time:             Wed 16 Oct 2024 01:57:51 +0000
ROA not before:           Wed 16 Oct 2024 01:57:51 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58280
IP address blocks:        45.129.224.0/22 maxlen: 22
                          45.129.224.0/23 maxlen: 23
                          2a0e:5040::/29 maxlen: 29
                          2a0f:fd00::/29 maxlen: 48
                          2a0f:fd03::/32 maxlen: 32
Validation:               Failed, certificate revoked on Wed 16 Oct 2024 03:12:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:93:0b:b8:62:0a:86:85:e0:07:db:d0:7d:04:3f:a6:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
        Validity
            Not Before: Oct 16 01:57:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a6125258dc7fd98d71842f85ba253ca790e30518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:34:18:7f:d8:66:f2:25:65:9b:d8:78:81:fd:
                    48:a3:48:7e:93:12:16:28:57:bc:14:7a:54:2c:0f:
                    c7:90:8f:f2:17:53:d2:c8:a7:30:f7:28:af:a1:f6:
                    1e:8a:07:3c:08:4c:59:f6:99:c3:93:4c:d2:0c:9e:
                    8c:0d:00:4b:6b:a3:31:90:97:b1:48:23:70:dc:06:
                    39:bb:7d:c1:a2:df:f3:72:df:1a:1a:62:fe:d9:1f:
                    c6:f9:66:85:02:64:c7:a7:d8:e4:4b:34:f0:46:64:
                    24:2c:74:98:c7:1f:3d:59:78:e9:0e:54:21:d1:62:
                    7e:18:8d:72:c5:08:2e:52:10:e6:39:42:a6:93:7d:
                    74:63:3e:3b:82:08:35:fb:b5:15:fa:37:c3:fa:2a:
                    9b:ce:3e:20:7b:54:9d:49:44:f3:7b:89:0e:a0:44:
                    ce:30:c9:ae:34:92:69:86:2e:06:fb:fd:e4:23:c0:
                    8a:46:43:61:6d:b9:3f:d5:20:f6:be:de:4a:93:1f:
                    0f:bb:43:4c:a3:a2:58:0a:74:75:c7:36:78:8c:47:
                    a9:a4:00:de:f4:44:67:42:3a:64:3c:d1:d7:d6:42:
                    f3:ed:4b:67:85:43:0f:79:9e:74:d2:4e:65:b8:0c:
                    ad:fd:77:c6:fe:cf:a3:49:5c:8d:7b:d7:d4:57:a4:
                    00:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:12:52:58:DC:7F:D9:8D:71:84:2F:85:BA:25:3C:A7:90:E3:05:18
            X509v3 Authority Key Identifier:
                keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/phJSWNx_2Y1xhC-FuiU8p5DjBRg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.129.224.0/22
                IPv6:
                  2a0e:5040::/29
                  2a0f:fd00::/29

    Signature Algorithm: sha256WithRSAEncryption
         43:32:33:bc:ab:cd:98:f3:99:0a:fb:58:6a:4d:d6:df:93:f7:
         ae:df:b1:80:c9:81:fb:67:49:17:d1:c6:4d:4a:00:6d:10:c6:
         07:8f:39:af:9d:0a:3b:84:56:fd:99:f4:16:f1:26:29:c1:dd:
         de:87:f0:c1:70:7e:fd:ef:82:2f:9e:2b:a1:13:82:79:5c:81:
         9d:ad:e8:7a:7a:27:73:27:eb:71:57:a6:11:43:14:ae:ff:71:
         6e:b6:a3:1d:e8:e0:cb:81:dd:49:1b:1b:64:cf:65:c7:f4:c4:
         8a:b8:23:b7:94:fb:88:c0:b4:d5:af:fb:df:87:8a:23:c9:42:
         45:0e:3f:71:2b:10:ce:3e:bd:95:72:05:96:bc:79:44:c4:c4:
         14:22:31:34:31:a1:e2:37:c9:6f:96:1c:d3:ae:e0:17:26:2e:
         bc:82:fb:0e:f4:e8:0e:75:e5:71:58:e3:4f:b0:ae:ac:76:45:
         2a:69:86:ce:f2:a1:bf:e9:e7:78:f7:cd:5c:6b:92:fe:da:cf:
         a8:93:4a:ff:e7:38:dd:a0:09:f6:45:30:b0:80:49:18:66:87:
         62:a2:f1:7f:f0:da:52:cd:e8:91:d6:14:9a:7b:17:e0:c7:26:
         16:1c:5b:89:e0:90:8d:0a:94:44:78:71:d0:74:dd:2c:86:0d:
         d0:18:ce:3e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKTC7hiCoaF4Afb0H0EP6b5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjQxMDE2MDE1NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjEyNTI1OGRjN2ZkOThkNzE4NDJmODViYTI1M2NhNzkwZTMwNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zQYf9hm8iVlm9h4gf1Io0h+kxIW
KFe8FHpULA/HkI/yF1PSyKcw9yivofYeigc8CExZ9pnDk0zSDJ6MDQBLa6MxkJex
SCNw3AY5u33Bot/zct8aGmL+2R/G+WaFAmTHp9jkSzTwRmQkLHSYxx89WXjpDlQh
0WJ+GI1yxQguUhDmOUKmk310Yz47ggg1+7UV+jfD+iqbzj4ge1SdSUTze4kOoETO
MMmuNJJphi4G+/3kI8CKRkNhbbk/1SD2vt5Kkx8Pu0NMo6JYCnR1xzZ4jEeppADe
9ERnQjpkPNHX1kLz7UtnhUMPeZ500k5luAyt/XfG/s+jSVyNe9fUV6QA/wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKYSUljcf9mNcYQvhbolPKeQ4wUYMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvcGhKU1dOeF8yWTF4aEMtRnVpVThwNURqQlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYHgMBQE
AgACMA4DBQMqDlBAAwUDKg/9ADANBgkqhkiG9w0BAQsFAAOCAQEAQzIzvKvNmPOZ
CvtYak3W35P3rt+xgMmB+2dJF9HGTUoAbRDGB485r50KO4RW/Zn0FvEmKcHd3ofw
wXB+/e+CL54roROCeVyBna3oenoncyfrcVemEUMUrv9xbrajHejgy4HdSRsbZM9l
x/TEirgjt5T7iMC01a/734eKI8lCRQ4/cSsQzj69lXIFlrx5RMTEFCIxNDGh4jfJ
b5Yc067gFyYuvIL7DvToDnXlcVjjT7CurHZFKmmGzvKhv+nnePfNXGuS/trPqJNK
/+c43aAJ9kUwsIBJGGaHYqLxf/DaUs3okdYUmnsX4McmFhxbieCQjQqURHhx0HTd
LIYN0BjOPg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:40:11 2025 by rpki-client