Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/pRANx_lxrCERVAYKSRximgho2kY.roa
File:                     pRANx_lxrCERVAYKSRximgho2kY.roa (raw, json)
Hash identifier:          3nX6svSTaeUgbnoy3DJo1gdFcHxnJYtT4xuk+yLyLkk=
Subject key identifier:   A5:10:0D:C7:F9:71:AC:21:11:54:06:0A:49:1C:62:9A:08:68:DA:46
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       018F73C0CB231F8D535821AB09D64F5301F5
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/pRANx_lxrCERVAYKSRximgho2kY.roa
Signing time:             Mon 13 May 2024 20:59:25 +0000
ROA not before:           Mon 13 May 2024 20:59:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216157
IP address blocks:        62.204.37.0/24 maxlen: 24
                          2a11:a100::/29 maxlen: 29
                          2a13:8e00::/29 maxlen: 29
                          2a13:9200::/29 maxlen: 29
                          2a13:9300::/29 maxlen: 29
                          2a13:a700::/29 maxlen: 29
                          2a13:b100::/29 maxlen: 29
                          2a13:b500::/29 maxlen: 29
                          2a13:b900::/29 maxlen: 29
                          2a13:da00::/29 maxlen: 29
                          2a13:e200::/29 maxlen: 29
                          2a13:e400::/29 maxlen: 29
                          2a13:fe00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 20 May 2024 13:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:73:c0:cb:23:1f:8d:53:58:21:ab:09:d6:4f:53:01:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: May 13 20:59:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a5100dc7f971ac211154060a491c629a0868da46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c7:0c:67:14:e3:01:8a:3b:d8:e1:9c:98:ab:
                    94:d4:94:c6:cb:d6:14:84:be:bf:47:d3:90:65:bf:
                    d4:bd:a3:24:da:cb:55:4a:3f:71:e0:17:4b:c6:9b:
                    98:80:ed:1a:a4:6b:8b:7d:67:29:c0:80:cb:dd:fb:
                    f4:ec:c3:b0:33:db:eb:53:e4:29:eb:a4:ad:52:a5:
                    a5:0b:22:5b:b5:48:16:11:5d:ef:af:a0:27:0e:ee:
                    69:0f:04:a8:ad:62:c3:08:5e:b3:57:ac:a6:04:ad:
                    f8:57:fc:28:15:fc:3d:7f:31:e8:d3:39:4f:27:3c:
                    44:ef:cd:fe:b1:ea:56:9c:e1:ec:31:58:57:8d:c7:
                    64:ca:81:bf:51:ab:11:2c:54:ea:8d:a8:76:05:61:
                    d9:cb:3c:d9:0c:1f:2b:32:47:c4:fc:81:98:de:e7:
                    be:8b:11:5c:de:98:2f:22:0e:b4:65:2c:c0:88:10:
                    a9:a6:48:5d:cc:03:6a:59:74:07:5f:7c:af:80:a9:
                    e2:f7:38:77:13:c8:68:5c:82:f5:b3:4e:15:03:e1:
                    34:89:6a:62:40:7a:a6:de:3f:28:df:fd:a5:27:1a:
                    56:54:ff:52:9f:98:e6:26:df:73:62:42:4f:51:a9:
                    cc:e3:51:55:16:8a:a7:1c:28:98:1b:99:94:9c:73:
                    c1:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:10:0D:C7:F9:71:AC:21:11:54:06:0A:49:1C:62:9A:08:68:DA:46
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/pRANx_lxrCERVAYKSRximgho2kY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.204.37.0/24
                IPv6:
                  2a11:a100::/29
                  2a13:8e00::/29
                  2a13:9200::/29
                  2a13:9300::/29
                  2a13:a700::/29
                  2a13:b100::/29
                  2a13:b500::/29
                  2a13:b900::/29
                  2a13:da00::/29
                  2a13:e200::/29
                  2a13:e400::/29
                  2a13:fe00::/29

    Signature Algorithm: sha256WithRSAEncryption
         ba:c9:ef:26:ae:fd:f6:21:7a:48:7d:60:47:78:15:ae:71:fc:
         76:b6:79:43:a1:c4:a1:57:35:b4:6d:c9:6d:d4:ff:d1:4b:38:
         a0:12:3d:76:ea:3c:43:5f:a0:67:36:3b:65:9b:3e:48:8d:31:
         59:72:f3:26:f0:0d:8e:f2:4a:91:d8:6f:f6:66:22:fe:de:cb:
         ff:e3:87:1e:5b:6b:46:a3:f5:92:ba:62:92:0d:5a:9b:97:18:
         a7:8e:74:c1:c3:d8:67:cb:ae:18:2d:43:a7:1d:ab:e1:52:f2:
         a9:59:eb:8c:22:c9:28:cd:04:b5:7d:41:8b:ae:ab:bc:1c:6e:
         f7:23:c0:a2:58:c8:76:6d:fe:51:6c:13:80:cb:99:46:6c:8c:
         2d:02:f4:bc:de:d9:ea:24:13:5f:49:84:e0:b9:c9:2a:9f:02:
         59:c9:0c:80:6c:85:a1:51:ac:93:db:0e:ea:ac:23:67:8c:5c:
         8e:b7:87:c0:fd:21:66:8e:17:71:5a:34:db:da:4c:d1:0f:c7:
         d2:67:94:cd:52:1a:93:9a:f2:8a:a5:af:13:89:fc:51:45:76:
         2e:3f:fc:10:18:26:20:72:e4:3d:73:0c:fd:73:a1:cd:ea:e9:
         37:8c:81:2f:c3:64:31:b5:f0:62:47:97:83:86:f5:aa:26:e1:
         38:22:b6:a3
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY9zwMsjH41TWCGrCdZPUwH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwNTEzMjA1OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTEwMGRjN2Y5NzFhYzIxMTE1NDA2MGE0OTFjNjI5YTA4NjhkYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvccMZxTjAYo72OGcmKuU1JTGy9YU
hL6/R9OQZb/UvaMk2stVSj9x4BdLxpuYgO0apGuLfWcpwIDL3fv07MOwM9vrU+Qp
66StUqWlCyJbtUgWEV3vr6AnDu5pDwSorWLDCF6zV6ymBK34V/woFfw9fzHo0zlP
JzxE783+sepWnOHsMVhXjcdkyoG/UasRLFTqjah2BWHZyzzZDB8rMkfE/IGY3ue+
ixFc3pgvIg60ZSzAiBCppkhdzANqWXQHX3yvgKni9zh3E8hoXIL1s04VA+E0iWpi
QHqm3j8o3/2lJxpWVP9Sn5jmJt9zYkJPUanM41FVFoqnHCiYG5mUnHPBkQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFKUQDcf5cawhEVQGCkkcYpoIaNpGMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvcFJBTnhfbHhyQ0VSVkFZS1NSeGltZ2hvMmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajAMBAIAATAGAwQAPswlMFoE
AgACMFQDBQMqEaEAAwUDKhOOAAMFAyoTkgADBQMqE5MAAwUDKhOnAAMFAyoTsQAD
BQMqE7UAAwUDKhO5AAMFAyoT2gADBQMqE+IAAwUDKhPkAAMFAyoT/gAwDQYJKoZI
hvcNAQELBQADggEBALrJ7yau/fYhekh9YEd4Fa5x/Ha2eUOhxKFXNbRtyW3U/9FL
OKASPXbqPENfoGc2O2WbPkiNMVly8ybwDY7ySpHYb/ZmIv7ey//jhx5ba0aj9ZK6
YpINWpuXGKeOdMHD2GfLrhgtQ6cdq+FS8qlZ64wiySjNBLV9QYuuq7wcbvcjwKJY
yHZt/lFsE4DLmUZsjC0C9Lze2eokE19JhOC5ySqfAlnJDIBshaFRrJPbDuqsI2eM
XI63h8D9IWaOF3FaNNvaTNEPx9JnlM1SGpOa8oqlrxOJ/FFFdi4//BAYJiBy5D1z
DP1zoc3q6TeMgS/DZDG18GJHl4OG9aom4TgitqM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:59 2024 by rpki-client on console-ams.rpki-client.org