Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0ab2447c-9735-4548-ac30-fc578e8e36ba/be2762ef-bb07-3fc7-8a69-5eb2a6502583.roa
File:                     be2762ef-bb07-3fc7-8a69-5eb2a6502583.roa (raw, json)
Hash identifier:          2L3HcMb3ypDvtZcZWRJEImvMg5iSxIslltJY33qkw7M=
Subject key identifier:   FA:2B:A1:02:FB:A2:F3:91:4A:67:C2:E7:84:1C:3F:2B:35:B1:44:50
Certificate issuer:       /CN=0ab2447c-9735-4548-ac30-fc578e8e36ba
Certificate serial:       010D0C9F43285845D39E5FAAFA0D1CF27FA2D0C0
Authority key identifier: 50:1A:13:32:60:6C:E8:3D:0D:71:EF:D8:32:F1:6F:1E:A4:73:DB:94
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0ab2447c-9735-4548-ac30-fc578e8e36ba.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0ab2447c-9735-4548-ac30-fc578e8e36ba/be2762ef-bb07-3fc7-8a69-5eb2a6502583.roa
Signing time:             Fri 10 May 2024 13:00:36 +0000
ROA not before:           Fri 10 May 2024 13:00:36 +0000
ROA not after:            Thu 08 Aug 2024 13:00:36 +0000
asID:                     54203
IP address blocks:        173.195.0.0/20 maxlen: 20
                          108.171.112.0/20 maxlen: 20
                          199.127.248.0/21 maxlen: 21
                          173.255.160.0/21 maxlen: 21
                          98.158.112.0/20 maxlen: 20
                          216.169.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jul 2024 16:55:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:d3:9e:5f:aa:fa:0d:1c:f2:7f:a2:d0:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ab2447c-9735-4548-ac30-fc578e8e36ba
        Validity
            Not Before: May 10 13:00:36 2024 GMT
            Not After : Aug  8 13:00:36 2024 GMT
        Subject: CN=a1d5f8f1-84a6-4059-8236-a1bda9f07779
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:44:c8:d0:b6:bc:93:86:d9:b4:53:46:23:bd:
                    c7:54:f1:71:4b:10:d2:1f:5a:67:4c:9c:c2:08:0a:
                    2c:b5:e9:aa:ed:51:c0:04:a5:9b:7e:55:a4:a4:c7:
                    96:19:e5:7a:c3:d0:10:cc:49:74:2a:25:39:0d:ac:
                    75:74:4e:7f:67:aa:5c:fa:ca:57:2d:22:54:84:7b:
                    68:ce:70:2d:32:25:ed:ac:c8:99:f6:d9:57:55:fc:
                    ef:26:77:80:57:de:24:0e:eb:c0:ca:78:eb:b5:c4:
                    28:ea:7b:53:79:cc:42:89:27:c0:f1:a7:cb:5f:bc:
                    cb:3b:65:1d:48:48:64:65:9f:90:30:dc:d0:40:85:
                    bf:60:27:24:5b:4e:2d:65:09:f1:fe:d8:f3:4c:ac:
                    8b:de:e2:9e:37:21:0a:1a:4a:b5:98:e0:6d:8f:f2:
                    ae:10:82:06:ad:e7:93:c1:29:25:f3:c2:7c:70:dd:
                    56:c7:f6:25:b8:c0:1c:e8:4c:a1:a3:8c:e6:30:b8:
                    d7:c2:e4:03:3a:09:34:6e:6f:ab:dd:2b:17:c2:8e:
                    4b:be:53:9f:9b:8f:bb:d3:52:5e:66:7e:46:e4:23:
                    17:f5:e7:22:af:de:1a:09:42:43:0d:b1:24:2f:c9:
                    77:d3:fa:6c:7b:f2:aa:15:e2:c8:9e:c3:8b:28:72:
                    dd:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:2B:A1:02:FB:A2:F3:91:4A:67:C2:E7:84:1C:3F:2B:35:B1:44:50
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0ab2447c-9735-4548-ac30-fc578e8e36ba/be2762ef-bb07-3fc7-8a69-5eb2a6502583.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0ab2447c-9735-4548-ac30-fc578e8e36ba/0ab2447c-9735-4548-ac30-fc578e8e36ba.crl

            X509v3 Authority Key Identifier:
                keyid:50:1A:13:32:60:6C:E8:3D:0D:71:EF:D8:32:F1:6F:1E:A4:73:DB:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0ab2447c-9735-4548-ac30-fc578e8e36ba.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  98.158.112.0/20
                  108.171.112.0/20
                  173.195.0.0/20
                  173.255.160.0/21
                  199.127.248.0/21
                  216.169.134.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         70:dd:9b:45:89:18:62:f5:2e:6a:35:c5:bd:b2:c0:d2:ab:7d:
         72:c1:d3:92:ab:96:8a:3b:a5:22:25:dc:54:3c:0d:69:16:d5:
         29:e6:b5:be:2b:64:76:34:6e:19:2f:7e:7d:c4:34:b5:64:c5:
         35:03:ab:77:5d:c9:58:7e:4c:87:ec:72:0b:29:a9:b3:c1:4b:
         9b:96:62:1d:37:31:73:1b:2c:fa:f9:16:ae:2a:d9:8a:d9:f7:
         c8:56:95:32:2d:20:79:15:04:f2:52:3d:a3:15:17:0a:52:2c:
         a8:86:f8:e9:64:2a:75:8c:92:b5:75:c9:75:c5:31:71:ee:09:
         9e:85:a8:63:c6:55:5a:0b:76:1a:fa:c8:48:6a:c8:56:05:18:
         d7:dd:c1:40:73:7c:3e:8c:18:d7:20:22:2a:56:87:4e:00:31:
         46:d3:06:c6:3c:a3:c7:07:d9:42:67:c4:d8:c8:0f:68:b3:49:
         f2:5e:ee:bc:49:10:24:3e:f3:e6:63:f4:c3:5d:8c:14:7b:ba:
         73:85:dc:2d:1c:58:11:92:ec:93:62:3c:a0:6c:91:23:ea:c1:
         54:ce:6f:e1:af:59:08:fd:b8:05:24:5d:4e:75:ea:64:2c:14:
         87:77:4d:cb:55:09:43:c3:fc:63:8c:34:ad:70:e3:93:6c:40:
         8f:89:66:3f
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgIUAQ0Mn0MoWEXTnl+q+g0c8n+i0MAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMGFiMjQ0N2MtOTczNS00NTQ4LWFjMzAtZmM1NzhlOGUz
NmJhMB4XDTI0MDUxMDEzMDAzNloXDTI0MDgwODEzMDAzNlowLzEtMCsGA1UEAxMk
YTFkNWY4ZjEtODRhNi00MDU5LTgyMzYtYTFiZGE5ZjA3Nzc5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjETI0La8k4bZtFNGI73HVPFxSxDSH1pnTJzC
CAostemq7VHABKWbflWkpMeWGeV6w9AQzEl0KiU5Dax1dE5/Z6pc+spXLSJUhHto
znAtMiXtrMiZ9tlXVfzvJneAV94kDuvAynjrtcQo6ntTecxCiSfA8afLX7zLO2Ud
SEhkZZ+QMNzQQIW/YCckW04tZQnx/tjzTKyL3uKeNyEKGkq1mOBtj/KuEIIGreeT
wSkl88J8cN1Wx/YluMAc6Eyho4zmMLjXwuQDOgk0bm+r3SsXwo5LvlOfm4+701Je
Zn5G5CMX9ecir94aCUJDDbEkL8l30/pse/KqFeLInsOLKHLd1wIDAQABo4IDczCC
A28wHQYDVR0OBBYEFPoroQL7ovORSmfC54QcPys1sURQMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy8wYWIy
NDQ3Yy05NzM1LTQ1NDgtYWMzMC1mYzU3OGU4ZTM2YmEvYmUyNzYyZWYtYmIwNy0z
ZmM3LThhNjktNWViMmE2NTAyNTgzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvMGFiMjQ0N2MtOTczNS00NTQ4LWFj
MzAtZmM1NzhlOGUzNmJhLzBhYjI0NDdjLTk3MzUtNDU0OC1hYzMwLWZjNTc4ZThl
MzZiYS5jcmwwHwYDVR0jBBgwFoAUUBoTMmBs6D0Nce/YMvFvHqRz25QwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy8wYWIyNDQ3Yy05NzM1LTQ1NDgtYWMzMC1mYzU3
OGU4ZTM2YmEuY2VyMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEYp5wAwQE
bKtwAwQErcMAAwQDrf+gAwQDx3/4AwQA2KmGMFQGA1UdIAEB/wRKMEgwRgYIKwYB
BQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3Vy
Y2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAHDdm0WJGGL1Lmo1
xb2ywNKrfXLB05Krloo7pSIl3FQ8DWkW1Snmtb4rZHY0bhkvfn3ENLVkxTUDq3dd
yVh+TIfscgspqbPBS5uWYh03MXMbLPr5Fq4q2YrZ98hWlTItIHkVBPJSPaMVFwpS
LKiG+OlkKnWMkrV1yXXFMXHuCZ6FqGPGVVoLdhr6yEhqyFYFGNfdwUBzfD6MGNcg
IipWh04AMUbTBsY8o8cH2UJnxNjID2izSfJe7rxJECQ+8+Zj9MNdjBR7unOF3C0c
WBGS7JNiPKBskSPqwVTOb+GvWQj9uAUkXU516mQsFId3TctVCUPD/GOMNK1w45Ns
QI+JZj8=
-----END CERTIFICATE-----
Generated at Tue Jul 23 19:32:02 2024 by rpki-client on console-fra.rpki-client.org