Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/S2HVNWj1W6qU-fA3aWm61GLBPqA.roa
File:                     S2HVNWj1W6qU-fA3aWm61GLBPqA.roa (raw, json)
Hash identifier:          0OBttxtPrfC2MgoHSSFvrlyMtelwJ8f5qZV4/q2gnTk=
Subject key identifier:   4B:61:D5:35:68:F5:5B:AA:94:F9:F0:37:69:69:BA:D4:62:C1:3E:A0
Certificate issuer:       /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial:       0186A6EBDD2B91B139EC3884976EE5B39E6F
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/S2HVNWj1W6qU-fA3aWm61GLBPqA.roa
Signing time:             Fri 03 Mar 2023 10:02:00 +0000
ROA not before:           Fri 03 Mar 2023 10:02:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202421
IP address blocks:        103.229.169.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a6:eb:dd:2b:91:b1:39:ec:38:84:97:6e:e5:b3:9e:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
        Validity
            Not Before: Mar  3 10:02:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b61d53568f55baa94f9f0376969bad462c13ea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b6:cc:1d:5f:4d:ce:80:f3:eb:1f:5e:50:79:
                    b8:d9:02:e4:d3:93:ef:e3:8e:b3:6c:10:50:66:4f:
                    1f:31:a7:77:89:34:5f:b4:84:da:65:28:52:1a:40:
                    83:04:a6:bc:a3:f9:84:74:f9:7e:68:6a:bd:9f:4e:
                    74:14:ce:ec:23:1f:33:24:a1:60:9f:8f:cf:05:76:
                    0b:87:78:fa:f0:62:af:c4:e7:2e:75:b2:51:65:e3:
                    e2:e6:80:96:e3:43:d9:7b:81:44:ab:01:01:a5:72:
                    58:f2:f2:e5:42:df:df:93:91:3b:7e:c9:80:d0:11:
                    f0:e7:5a:11:78:d7:93:0c:05:c5:e3:62:16:91:78:
                    c2:5f:e6:50:82:65:a3:fd:38:0d:10:cf:bf:22:fb:
                    21:c4:88:fe:ef:1e:a8:c1:76:d9:f3:5e:bc:d3:b3:
                    40:eb:0b:90:34:ee:57:5f:1d:1b:71:8d:3f:2f:64:
                    35:99:4d:11:3e:80:c6:36:c1:87:86:ce:1a:98:4b:
                    c2:71:63:89:79:ed:e1:0d:8a:f0:57:bf:74:c4:0c:
                    91:60:ba:58:b6:d1:48:fc:c3:8a:dd:d1:c8:03:dc:
                    2b:9e:f9:6d:75:4e:b7:0d:59:dd:46:96:25:fe:a7:
                    92:96:9f:20:51:69:14:0b:c9:a5:ff:1c:ad:b4:43:
                    50:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:61:D5:35:68:F5:5B:AA:94:F9:F0:37:69:69:BA:D4:62:C1:3E:A0
            X509v3 Authority Key Identifier:
                keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/S2HVNWj1W6qU-fA3aWm61GLBPqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.229.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:02:1d:28:49:e4:3f:32:21:00:de:a1:64:fb:65:0c:22:d9:
         61:f0:fd:09:cd:f2:e5:8c:66:a2:2f:f5:35:2e:0b:9a:cc:59:
         41:cf:54:eb:6e:04:a3:90:5e:df:6f:e1:66:5d:e0:e4:58:a0:
         9b:92:c6:67:f3:69:49:80:00:74:44:45:db:3b:e2:ad:5a:ab:
         03:25:98:56:92:03:bd:0b:d6:39:69:3f:ff:4a:d2:8f:a6:f2:
         33:32:bf:62:5c:5c:b7:02:88:dd:03:92:ea:20:83:41:cb:0c:
         ad:20:90:cc:2c:04:6d:ce:12:ba:b1:5f:3d:4b:7f:0c:a6:0d:
         de:4d:c3:11:18:a0:db:9f:67:f2:46:2e:ef:40:13:fb:c5:cf:
         9d:11:fd:57:55:ae:1c:59:df:80:04:c6:89:9d:fa:68:b9:bc:
         28:96:67:0a:46:a5:ab:d8:e4:15:7d:e7:4e:7b:3e:e4:8f:60:
         66:69:7e:58:3d:95:7f:68:f0:04:23:35:e5:54:73:95:5a:d4:
         7b:17:e8:9e:51:21:db:37:0b:4c:00:92:0b:9a:f1:97:8b:70:
         ef:e2:b3:8a:ae:f5:c8:2e:85:70:76:5e:df:8e:59:66:1c:7f:
         5b:af:2f:01:b3:41:4a:f9:e2:a6:28:02:68:90:87:48:8a:90:
         e5:d9:29:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYam690rkbE57DiEl27ls55vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjMwMzAzMTAwMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjYxZDUzNTY4ZjU1YmFhOTRmOWYwMzc2OTY5YmFkNDYyYzEzZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrbMHV9NzoDz6x9eUHm42QLk05Pv
446zbBBQZk8fMad3iTRftITaZShSGkCDBKa8o/mEdPl+aGq9n050FM7sIx8zJKFg
n4/PBXYLh3j68GKvxOcudbJRZePi5oCW40PZe4FEqwEBpXJY8vLlQt/fk5E7fsmA
0BHw51oReNeTDAXF42IWkXjCX+ZQgmWj/TgNEM+/IvshxIj+7x6owXbZ816807NA
6wuQNO5XXx0bcY0/L2Q1mU0RPoDGNsGHhs4amEvCcWOJee3hDYrwV790xAyRYLpY
ttFI/MOK3dHIA9wrnvltdU63DVndRpYl/qeSlp8gUWkUC8ml/xyttENQeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEth1TVo9VuqlPnwN2lputRiwT6gMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvUzJIVk5XajFXNnFVLWZBM2FXbTYxR0xCUHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+WpMA0G
CSqGSIb3DQEBCwUAA4IBAQAdAh0oSeQ/MiEA3qFk+2UMItlh8P0JzfLljGaiL/U1
LguazFlBz1TrbgSjkF7fb+FmXeDkWKCbksZn82lJgAB0REXbO+KtWqsDJZhWkgO9
C9Y5aT//StKPpvIzMr9iXFy3AojdA5LqIINBywytIJDMLARtzhK6sV89S38Mpg3e
TcMRGKDbn2fyRi7vQBP7xc+dEf1XVa4cWd+ABMaJnfpoubwolmcKRqWr2OQVfedO
ez7kj2BmaX5YPZV/aPAEIzXlVHOVWtR7F+ieUSHbNwtMAJILmvGXi3Dv4rOKrvXI
LoVwdl7fjllmHH9bry8Bs0FK+eKmKAJokIdIipDl2SkO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:14 2024 by rpki-client on console-fra.rpki-client.org