Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/px-7q-132KtBZc8_NBgSxBCwUqM.roa
File:                     px-7q-132KtBZc8_NBgSxBCwUqM.roa (raw, json)
Hash identifier:          /9Cg2YII3PpWHdCtUqXxUxLBipClNDubBac9mUOwj5A=
Subject key identifier:   A7:1F:BB:AB:ED:77:D8:AB:41:65:CF:3F:34:18:12:C4:10:B0:52:A3
Certificate issuer:       /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial:       018A8FCCACD58AC936391A2B479F45DF50B1
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/px-7q-132KtBZc8_NBgSxBCwUqM.roa
Signing time:             Wed 13 Sep 2023 18:27:50 +0000
ROA not before:           Wed 13 Sep 2023 18:27:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25031
IP address blocks:        160.61.211.0/24 maxlen: 24
                          160.61.208.0/24 maxlen: 24
                          160.61.168.0/23 maxlen: 23
                          160.61.170.0/23 maxlen: 23
                          160.62.3.0/24 maxlen: 24
                          160.62.4.0/24 maxlen: 24
                          160.62.0.0/24 maxlen: 24
                          160.62.0.0/23 maxlen: 23
                          160.62.2.0/24 maxlen: 24
                          160.62.1.0/24 maxlen: 24
                          160.62.5.0/24 maxlen: 24
                          160.62.7.0/24 maxlen: 24
                          160.62.6.0/24 maxlen: 24
                          160.62.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8f:cc:ac:d5:8a:c9:36:39:1a:2b:47:9f:45:df:50:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
        Validity
            Not Before: Sep 13 18:27:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a71fbbabed77d8ab4165cf3f341812c410b052a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c3:5f:9c:f4:03:11:92:9a:f7:89:aa:49:eb:
                    58:47:d6:03:a0:5b:9a:dd:04:2d:20:86:bf:4f:b0:
                    91:ef:ec:36:98:5f:c4:a3:07:86:6f:79:dc:05:71:
                    36:51:bc:2c:f5:32:db:09:2a:ef:73:e4:5d:c7:ff:
                    c9:f9:5f:59:77:26:4c:77:e8:47:77:d8:2d:46:9a:
                    64:24:f5:0d:b8:af:58:35:be:48:b8:aa:e3:52:4d:
                    f8:9d:d6:7c:00:b7:03:f8:39:cb:44:c4:9b:a4:9e:
                    33:ea:fe:ac:74:b8:db:72:80:7b:25:56:d4:bc:54:
                    00:2f:f7:d5:4a:e7:47:e6:b3:55:21:ea:f8:ee:19:
                    66:43:e6:a8:36:5f:36:cb:71:85:b8:a2:0e:e1:c1:
                    6a:dd:91:c2:6e:4d:cd:12:db:3d:22:67:3b:b4:7f:
                    7c:8b:d0:3a:05:b7:10:7b:81:e7:bc:d4:83:41:0e:
                    1d:60:73:41:5f:df:26:b4:04:e5:39:f7:59:9f:fd:
                    35:64:91:45:d9:1e:3f:cd:d0:14:b6:10:b7:b6:3c:
                    a3:47:bb:4e:37:73:3f:4e:72:43:dd:49:0f:22:8e:
                    e8:bc:0c:ea:4f:8a:5c:4c:20:38:f6:93:74:2b:0e:
                    68:bd:2b:21:a9:96:4a:a7:42:d3:47:51:78:75:e5:
                    73:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:1F:BB:AB:ED:77:D8:AB:41:65:CF:3F:34:18:12:C4:10:B0:52:A3
            X509v3 Authority Key Identifier:
                keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/px-7q-132KtBZc8_NBgSxBCwUqM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.61.168.0/22
                  160.61.208.0/24
                  160.61.211.0/24
                  160.62.0.0/21
                  160.62.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:56:12:00:3c:58:44:5e:bc:79:d3:0f:1c:1f:ae:19:3f:9e:
         1f:47:ea:c3:31:06:95:34:bf:86:8f:3e:a8:8f:0b:41:70:58:
         b6:7d:62:0b:fc:b9:aa:8d:52:68:a5:62:c8:c2:91:2a:46:c8:
         e3:bc:ae:1f:7e:9d:f2:ef:75:e7:41:d5:f9:5d:eb:d3:ed:da:
         83:10:a6:17:cb:60:db:57:20:44:00:9a:90:db:d3:0b:b7:08:
         27:a1:42:e5:03:16:d3:b4:6f:2a:9c:dc:ae:e0:51:de:2d:e8:
         84:cb:af:5b:e5:7a:07:b3:bc:1e:c0:d2:c1:39:24:bf:bc:d9:
         1e:33:68:e0:2f:be:be:8d:e6:35:56:56:8f:b4:ba:4a:26:54:
         78:a9:8a:9f:38:81:27:f7:6d:98:7d:bc:2b:88:1c:c2:35:e8:
         d4:2d:af:4c:ff:da:d4:5b:ef:db:b8:b4:a6:6d:0f:8a:d3:b1:
         97:6c:1f:a9:aa:e7:6f:d6:02:75:ae:46:32:8d:77:bc:24:d7:
         04:ca:db:cc:98:be:65:e8:4d:29:99:ac:4c:d0:35:30:85:fd:
         31:dd:07:69:50:7f:75:c6:9a:6c:8b:dd:b1:4a:26:37:2c:6a:
         12:aa:b0:d9:f3:7f:ae:ce:26:00:76:16:4c:6e:53:66:78:13:
         48:b0:92:f6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqPzKzVisk2ORorR59F31CxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjMwOTEzMTgyNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzFmYmJhYmVkNzdkOGFiNDE2NWNmM2YzNDE4MTJjNDEwYjA1MmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8NfnPQDEZKa94mqSetYR9YDoFua
3QQtIIa/T7CR7+w2mF/EoweGb3ncBXE2Ubws9TLbCSrvc+Rdx//J+V9ZdyZMd+hH
d9gtRppkJPUNuK9YNb5IuKrjUk34ndZ8ALcD+DnLRMSbpJ4z6v6sdLjbcoB7JVbU
vFQAL/fVSudH5rNVIer47hlmQ+aoNl82y3GFuKIO4cFq3ZHCbk3NEts9Imc7tH98
i9A6BbcQe4HnvNSDQQ4dYHNBX98mtATlOfdZn/01ZJFF2R4/zdAUthC3tjyjR7tO
N3M/TnJD3UkPIo7ovAzqT4pcTCA49pN0Kw5ovSshqZZKp0LTR1F4deVz6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKcfu6vtd9irQWXPPzQYEsQQsFKjMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvcHgtN3EtMTMyS3RCWmM4X05CZ1N4QkN3VXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCoD2oAwQA
oD3QAwQAoD3TAwQDoD4AAwQAoD4WMA0GCSqGSIb3DQEBCwUAA4IBAQBlVhIAPFhE
Xrx50w8cH64ZP54fR+rDMQaVNL+Gjz6ojwtBcFi2fWIL/LmqjVJopWLIwpEqRsjj
vK4ffp3y73XnQdX5XevT7dqDEKYXy2DbVyBEAJqQ29MLtwgnoULlAxbTtG8qnNyu
4FHeLeiEy69b5XoHs7wewNLBOSS/vNkeM2jgL76+jeY1VlaPtLpKJlR4qYqfOIEn
922YfbwriBzCNejULa9M/9rUW+/buLSmbQ+K07GXbB+pqudv1gJ1rkYyjXe8JNcE
ytvMmL5l6E0pmaxM0DUwhf0x3QdpUH91xppsi92xSiY3LGoSqrDZ83+uziYAdhZM
blNmeBNIsJL2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:14 2024 by rpki-client on console-ams.rpki-client.org