Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/wCrxP1PSA0l0oHD_9cKNgydCfrU.roa
File:                     wCrxP1PSA0l0oHD_9cKNgydCfrU.roa (raw, json)
Hash identifier:          N7nhpeeHUtIncHQVJ+ac8wsFV3Oqp/Ll7e4a2yQZxRY=
Subject key identifier:   C0:2A:F1:3F:53:D2:03:49:74:A0:70:FF:F5:C2:8D:83:27:42:7E:B5
Certificate issuer:       /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial:       018BF0DE9841F64CB794586F059C0C1E38E9
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/wCrxP1PSA0l0oHD_9cKNgydCfrU.roa
Signing time:             Tue 21 Nov 2023 07:53:21 +0000
ROA not before:           Tue 21 Nov 2023 07:53:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        160.214.98.0/24 maxlen: 25
                          160.214.97.0/24 maxlen: 24
                          160.214.96.0/24 maxlen: 24
                          160.214.102.0/24 maxlen: 24
                          160.214.101.0/24 maxlen: 24
                          160.214.99.0/24 maxlen: 24
                          160.214.103.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Dec 2023 11:53:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f0:de:98:41:f6:4c:b7:94:58:6f:05:9c:0c:1e:38:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
        Validity
            Not Before: Nov 21 07:53:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c02af13f53d2034974a070fff5c28d8327427eb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:58:43:2a:e4:ad:fd:c2:1f:76:50:d7:cb:ec:
                    74:01:3f:d8:68:33:b4:fc:b5:88:fd:3a:a0:97:23:
                    ce:18:d1:e9:5d:dd:e1:aa:d0:2a:75:bd:41:eb:7d:
                    90:49:61:03:b5:3e:61:8d:6c:0f:07:18:45:9d:80:
                    82:32:39:1f:e9:19:4c:63:ab:26:28:07:c6:af:b6:
                    f9:f5:b3:3d:c2:37:84:04:f8:54:6a:91:35:c3:15:
                    85:e5:c1:18:87:3c:97:05:99:27:af:a0:d7:1b:bf:
                    4a:c2:67:f9:00:a5:ba:3e:67:7b:50:0e:ef:16:da:
                    52:10:85:2b:0f:e3:54:e2:d9:7e:07:78:cd:86:b0:
                    28:91:11:08:d4:ab:5c:fe:b0:40:10:3a:da:ae:fa:
                    af:ff:5f:b0:f6:cf:e4:b6:6e:b6:08:8c:8c:f0:63:
                    5f:24:8e:ad:87:c3:74:49:8d:9e:c4:3f:b5:de:86:
                    60:3f:d6:67:54:eb:ae:d6:85:b8:05:cf:0c:9c:a6:
                    63:49:9c:ff:4a:77:9f:01:1b:aa:62:1a:9e:d6:b0:
                    77:52:d5:1f:47:e5:d5:f2:41:2b:8f:d8:cc:e8:65:
                    69:b6:9b:bd:bd:0a:aa:15:60:9c:94:df:c1:56:68:
                    75:78:b5:0e:08:ab:13:94:1d:61:9e:bd:ba:e5:b5:
                    1b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:2A:F1:3F:53:D2:03:49:74:A0:70:FF:F5:C2:8D:83:27:42:7E:B5
            X509v3 Authority Key Identifier:
                keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/wCrxP1PSA0l0oHD_9cKNgydCfrU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.214.96.0/22
                  160.214.101.0-160.214.103.255

    Signature Algorithm: sha256WithRSAEncryption
         2a:9a:08:ea:5e:a4:05:7d:fd:6d:a1:e4:a9:90:91:59:ce:a8:
         83:4f:d4:c2:06:64:8f:b3:03:cb:52:e1:5a:5e:4c:36:bd:8b:
         24:13:f5:3a:f3:0e:bc:15:41:3f:e6:7a:c0:04:37:af:bd:e6:
         2b:d5:b6:56:1c:e9:a5:06:10:ea:29:ac:bd:33:fb:8c:fb:72:
         d6:01:f4:d4:68:3d:94:e3:f8:6d:0d:39:c4:68:5c:78:ed:c0:
         09:d5:e1:e1:b8:c7:70:ca:4b:35:34:5a:11:ef:b5:ae:1c:38:
         39:c4:5a:91:cc:b9:bf:05:94:0a:07:14:1c:60:c3:c4:6b:59:
         b9:ad:97:6f:08:4a:06:19:49:d3:b0:7f:4e:23:03:c2:e4:74:
         19:a7:a4:59:88:36:90:9c:2e:82:a2:6e:39:7a:3d:ef:28:6e:
         9b:e7:c3:e2:f7:9b:ee:4e:7d:3d:5c:ad:b7:90:4f:f5:02:91:
         30:20:73:b8:d2:89:7a:4d:51:23:a9:96:eb:2f:35:96:67:b6:
         16:2b:2e:2b:11:8c:10:25:89:3c:a2:12:e4:d4:fb:73:c9:ce:
         53:f7:8d:5f:a6:2c:d4:eb:56:3b:89:6c:08:ae:fa:b9:8d:a0:
         08:31:76:13:d2:75:3c:64:1c:d4:3a:b2:a4:9a:91:b5:0d:c6:
         c9:4d:29:63
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYvw3phB9ky3lFhvBZwMHjjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMTIxMDc1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDJhZjEzZjUzZDIwMzQ5NzRhMDcwZmZmNWMyOGQ4MzI3NDI3ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1hDKuSt/cIfdlDXy+x0AT/YaDO0
/LWI/TqglyPOGNHpXd3hqtAqdb1B632QSWEDtT5hjWwPBxhFnYCCMjkf6RlMY6sm
KAfGr7b59bM9wjeEBPhUapE1wxWF5cEYhzyXBZknr6DXG79Kwmf5AKW6Pmd7UA7v
FtpSEIUrD+NU4tl+B3jNhrAokREI1Ktc/rBAEDrarvqv/1+w9s/ktm62CIyM8GNf
JI6th8N0SY2exD+13oZgP9ZnVOuu1oW4Bc8MnKZjSZz/SnefARuqYhqe1rB3UtUf
R+XV8kErj9jM6GVptpu9vQqqFWCclN/BVmh1eLUOCKsTlB1hnr265bUbMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMAq8T9T0gNJdKBw//XCjYMnQn61MB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvd0NyeFAxUFNBMGwwb0hEXzljS05neWRDZnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCoNZgMAwD
BACg1mUDBAOg1mAwDQYJKoZIhvcNAQELBQADggEBACqaCOpepAV9/W2h5KmQkVnO
qINP1MIGZI+zA8tS4VpeTDa9iyQT9TrzDrwVQT/mesAEN6+95ivVtlYc6aUGEOop
rL0z+4z7ctYB9NRoPZTj+G0NOcRoXHjtwAnV4eG4x3DKSzU0WhHvta4cODnEWpHM
ub8FlAoHFBxgw8RrWbmtl28ISgYZSdOwf04jA8LkdBmnpFmINpCcLoKibjl6Pe8o
bpvnw+L3m+5OfT1crbeQT/UCkTAgc7jSiXpNUSOplusvNZZnthYrLisRjBAliTyi
EuTU+3PJzlP3jV+mLNTrVjuJbAiu+rmNoAgxdhPSdTxkHNQ6sqSakbUNxslNKWM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org