Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/aQDd6_KVtsgSVmxD5oK25G_dQiM.roa
File:                     aQDd6_KVtsgSVmxD5oK25G_dQiM.roa (raw, json)
Hash identifier:          SeAN6DhRQcTjhtGKnl7PdkmX6RMexxdoToDLTLkT3HE=
Subject key identifier:   69:00:DD:EB:F2:95:B6:C8:12:56:6C:43:E6:82:B6:E4:6F:DD:42:23
Certificate issuer:       /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial:       018AEF5E76DB0A7A2E6E3E8F75D827511AAE
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/aQDd6_KVtsgSVmxD5oK25G_dQiM.roa
Signing time:             Mon 02 Oct 2023 07:50:59 +0000
ROA not before:           Mon 02 Oct 2023 07:50:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43578
IP address blocks:        160.214.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ef:5e:76:db:0a:7a:2e:6e:3e:8f:75:d8:27:51:1a:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
        Validity
            Not Before: Oct  2 07:50:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6900ddebf295b6c812566c43e682b6e46fdd4223
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:96:93:94:e7:a7:52:4f:2c:2e:49:a6:12:9d:
                    2e:f0:9a:1c:16:e8:9a:35:91:c6:40:53:fc:c2:ec:
                    26:ea:fa:29:f7:c8:9e:47:cc:97:9b:40:ba:f8:5c:
                    44:30:17:d7:c9:2e:89:2b:4b:24:4c:26:18:a6:96:
                    ad:86:1b:4e:a9:5a:58:0e:89:23:df:9d:ee:b8:0a:
                    05:73:e6:31:f5:20:2e:c5:20:63:88:5c:1d:eb:b6:
                    ba:a1:a3:20:02:11:fc:5c:46:85:43:a1:2d:bf:ed:
                    66:30:93:92:78:6f:73:ea:03:50:ae:ba:6c:70:4c:
                    78:4c:85:4f:13:e6:d8:7c:45:09:53:a2:2e:65:5e:
                    87:ca:28:44:04:54:0b:fb:ab:45:f3:2b:11:41:2d:
                    d3:b0:cb:77:18:30:33:08:a5:42:b7:27:a0:8d:0e:
                    84:fb:1b:cf:dc:61:39:15:39:9c:db:62:cd:09:ed:
                    5f:ab:13:94:50:d9:0c:79:0d:09:36:e9:83:5c:5d:
                    17:a4:e1:18:58:85:4c:85:1a:e3:19:88:cc:e4:3f:
                    4b:bd:70:3d:77:3b:8a:a6:0b:f7:d5:3d:62:bc:30:
                    1b:95:8f:6e:4c:fd:ae:0f:f8:cd:c7:90:80:b3:fd:
                    5b:ba:ce:aa:5a:60:83:dd:d4:7d:d2:ef:c0:c8:3e:
                    04:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:00:DD:EB:F2:95:B6:C8:12:56:6C:43:E6:82:B6:E4:6F:DD:42:23
            X509v3 Authority Key Identifier:
                keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/aQDd6_KVtsgSVmxD5oK25G_dQiM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.214.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:bc:ce:46:0f:e5:d2:21:61:66:ca:0f:89:02:4e:e4:05:b9:
         04:09:d5:93:6f:47:10:b2:70:7b:4d:f4:85:dd:37:b6:6b:c7:
         98:c5:f2:75:1f:b9:70:dd:ff:71:6e:8c:0f:e1:c4:84:fd:89:
         db:b4:5f:ce:5f:85:4a:25:a8:cb:b6:f7:94:06:6f:fb:8f:06:
         88:14:ae:8d:06:86:ac:0e:5e:b0:f0:40:97:c8:99:13:bf:d7:
         ff:28:72:0f:0b:1e:41:83:a9:a5:d3:44:fe:44:dd:d3:ec:6b:
         4c:ff:c9:08:05:91:e0:15:03:f9:37:ca:a7:22:f0:93:5f:d8:
         6c:84:75:6d:3f:99:52:87:a9:59:07:28:74:ea:aa:84:df:3f:
         b8:fb:28:f7:00:70:7d:b6:e6:71:0f:11:72:07:48:54:18:0e:
         ac:17:fb:f9:54:3a:90:96:1b:8e:0d:e2:13:96:72:25:9d:6a:
         ef:8e:d8:8b:3d:48:31:09:b1:34:5c:c1:91:e1:86:71:74:a3:
         03:92:13:93:3a:10:c1:d8:37:8d:74:12:7b:0f:a7:e2:65:eb:
         2e:87:1a:0a:56:4e:49:e6:25:3d:31:e2:90:95:12:64:98:65:
         ba:f5:88:b1:db:3f:cf:67:b8:cf:47:87:2c:f4:25:9f:88:01:
         34:4d:62:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrvXnbbCnoubj6PddgnURquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMDAyMDc1MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAwZGRlYmYyOTViNmM4MTI1NjZjNDNlNjgyYjZlNDZmZGQ0MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpaTlOenUk8sLkmmEp0u8JocFuia
NZHGQFP8wuwm6vop98ieR8yXm0C6+FxEMBfXyS6JK0skTCYYppathhtOqVpYDokj
353uuAoFc+Yx9SAuxSBjiFwd67a6oaMgAhH8XEaFQ6Etv+1mMJOSeG9z6gNQrrps
cEx4TIVPE+bYfEUJU6IuZV6HyihEBFQL+6tF8ysRQS3TsMt3GDAzCKVCtyegjQ6E
+xvP3GE5FTmc22LNCe1fqxOUUNkMeQ0JNumDXF0XpOEYWIVMhRrjGYjM5D9LvXA9
dzuKpgv31T1ivDAblY9uTP2uD/jNx5CAs/1bus6qWmCD3dR90u/AyD4EdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkA3evylbbIElZsQ+aCtuRv3UIjMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvYVFEZDZfS1Z0c2dTVm14RDVvSzI1R19kUWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoNZ/MA0G
CSqGSIb3DQEBCwUAA4IBAQAtvM5GD+XSIWFmyg+JAk7kBbkECdWTb0cQsnB7TfSF
3Te2a8eYxfJ1H7lw3f9xbowP4cSE/YnbtF/OX4VKJajLtveUBm/7jwaIFK6NBoas
Dl6w8ECXyJkTv9f/KHIPCx5Bg6ml00T+RN3T7GtM/8kIBZHgFQP5N8qnIvCTX9hs
hHVtP5lSh6lZByh06qqE3z+4+yj3AHB9tuZxDxFyB0hUGA6sF/v5VDqQlhuODeIT
lnIlnWrvjtiLPUgxCbE0XMGR4YZxdKMDkhOTOhDB2DeNdBJ7D6fiZesuhxoKVk5J
5iU9MeKQlRJkmGW69Yix2z/PZ7jPR4cs9CWfiAE0TWLZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org