Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3_el4iuadoDRLZSk2mfqpC0mVoc.roa
File:                     3_el4iuadoDRLZSk2mfqpC0mVoc.roa (raw, json)
Hash identifier:          EWassbNPRnSScNFs5EoO9FCnKIAR8zNSmssm25KQzGg=
Subject key identifier:   DF:F7:A5:E2:2B:9A:76:80:D1:2D:94:A4:DA:67:EA:A4:2D:26:56:87
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       018E3F02B2D027279E2EC94350041BD6567D
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3_el4iuadoDRLZSk2mfqpC0mVoc.roa
Signing time:             Thu 14 Mar 2024 22:08:45 +0000
ROA not before:           Thu 14 Mar 2024 22:08:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212271
IP address blocks:        2a05:4140::/29 maxlen: 48
                          2a05:4140:3::/48 maxlen: 48
                          2a05:4140:4::/48 maxlen: 48
                          2a05:4140:5::/48 maxlen: 48
                          2a05:4140:8::/48 maxlen: 48
                          2a05:4140:9::/48 maxlen: 48
                          2a05:4140:10::/48 maxlen: 48
                          2a05:4140:15::/48 maxlen: 48
                          2a05:4140:16::/48 maxlen: 48
                          2a05:4140:29::/48 maxlen: 48
                          2a05:4140:30::/48 maxlen: 48
                          2a05:4140:31::/48 maxlen: 48
                          2a05:4140:32::/48 maxlen: 48
                          2a05:4140:33::/48 maxlen: 48
                          2a05:4140:34::/48 maxlen: 48
                          2a05:4140:35::/48 maxlen: 64
                          2a05:4140:36::/48 maxlen: 48
                          2a05:4140:37::/48 maxlen: 48
                          2a05:4140:48::/48 maxlen: 48
                          2a05:4140:100::/40 maxlen: 48
                          2a05:4140:187::/48 maxlen: 48
                          2a05:4140:190::/48 maxlen: 48
                          2a05:4140:300::/40 maxlen: 40
                          2a05:4140:400::/40 maxlen: 48
                          2a05:4143::/32 maxlen: 48
                          2a05:4144::/32 maxlen: 32
                          2a11:e100::/29 maxlen: 48
                          2a11:e102::/32 maxlen: 32
                          2a11:e103::/32 maxlen: 32
                          2a11:e107::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 11 May 2024 17:54:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:3f:02:b2:d0:27:27:9e:2e:c9:43:50:04:1b:d6:56:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Mar 14 22:08:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dff7a5e22b9a7680d12d94a4da67eaa42d265687
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:8c:01:ec:d9:df:ce:37:0d:ac:6c:b3:21:1d:
                    43:db:71:49:eb:a1:d2:29:f9:aa:f8:ea:9a:bf:47:
                    8d:59:0d:f8:3d:93:3f:7d:a1:80:3b:c9:c6:62:88:
                    b3:1b:0d:f6:19:fb:c9:45:c7:f4:00:80:05:8b:42:
                    c3:0d:fa:5d:83:eb:2b:47:d3:99:60:23:54:b5:96:
                    b8:99:0f:d9:f7:d5:1b:db:72:e9:07:1d:33:d9:83:
                    48:39:08:ba:e4:5c:1b:2f:d4:d6:09:6a:e2:16:14:
                    c9:11:8d:71:3e:76:40:7e:8a:c4:51:1a:e8:6b:a3:
                    e2:19:fb:c5:bc:9f:66:e2:e6:58:45:3f:37:c9:63:
                    79:68:cb:a3:3d:d3:20:b3:61:e6:41:f8:01:08:a8:
                    21:2a:48:33:fb:fd:f8:d0:e8:47:d3:33:ad:e9:07:
                    48:fd:5f:ec:7f:76:de:f4:4a:65:25:6d:c7:71:ff:
                    ca:f5:03:29:c8:40:72:49:2f:55:53:16:de:cd:32:
                    e4:09:be:09:ef:17:73:2c:06:d9:21:0f:9e:e7:91:
                    20:12:18:ba:2b:7e:71:98:68:28:e7:77:b6:ad:09:
                    4b:33:cb:1e:27:05:5e:60:2a:8e:f6:24:bb:7e:e9:
                    90:58:02:d8:f7:52:de:8e:b7:e3:80:f7:b3:51:7e:
                    49:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:F7:A5:E2:2B:9A:76:80:D1:2D:94:A4:DA:67:EA:A4:2D:26:56:87
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3_el4iuadoDRLZSk2mfqpC0mVoc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140::/29
                  2a11:e100::/29

    Signature Algorithm: sha256WithRSAEncryption
         56:7a:b7:e0:c9:89:69:73:36:4c:dd:a1:0d:db:07:aa:f1:6a:
         a7:ff:24:44:5e:a0:7c:d1:2e:cf:43:f8:38:78:2c:2b:08:52:
         1a:07:2e:d7:b4:ab:30:a5:fd:e6:c6:6d:4a:19:5d:95:59:ae:
         e4:ef:8a:95:8d:c8:35:b9:38:4c:9e:13:80:0b:aa:9a:3a:c0:
         5c:ee:bb:47:84:33:c2:8f:c7:14:fa:b4:2f:34:18:9e:af:1a:
         a7:4b:28:f9:58:e9:aa:c3:08:cf:03:c4:cf:2d:74:46:98:f5:
         0b:e6:e0:b5:00:cb:e6:39:85:47:69:57:8d:a6:49:83:5c:36:
         20:a6:bd:62:d3:49:6d:91:f0:13:f3:01:11:8c:77:42:b4:f1:
         cb:92:f8:b2:ac:6e:14:4e:c0:a4:43:d9:46:ce:4e:ab:8f:f2:
         3a:46:aa:e7:77:15:7b:9f:19:14:eb:55:c9:8f:81:1d:11:a6:
         24:55:9d:03:ed:d6:08:63:a6:38:46:1e:ef:5f:0e:b5:1a:6a:
         eb:64:4f:ea:c7:85:37:10:ec:07:32:81:d1:46:64:03:ef:9f:
         b6:b5:97:ab:28:0b:89:46:03:16:25:3a:eb:6c:61:bf:00:e9:
         86:73:76:63:e9:12:6c:bb:f3:0d:b8:4c:f6:5e:53:70:0a:c3:
         8e:e2:00:ad
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY4/ArLQJyeeLslDUAQb1lZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwMzE0MjIwODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmY3YTVlMjJiOWE3NjgwZDEyZDk0YTRkYTY3ZWFhNDJkMjY1Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIwB7NnfzjcNrGyzIR1D23FJ66HS
Kfmq+Oqav0eNWQ34PZM/faGAO8nGYoizGw32GfvJRcf0AIAFi0LDDfpdg+srR9OZ
YCNUtZa4mQ/Z99Ub23LpBx0z2YNIOQi65FwbL9TWCWriFhTJEY1xPnZAforEURro
a6PiGfvFvJ9m4uZYRT83yWN5aMujPdMgs2HmQfgBCKghKkgz+/340OhH0zOt6QdI
/V/sf3be9EplJW3Hcf/K9QMpyEBySS9VUxbezTLkCb4J7xdzLAbZIQ+e55EgEhi6
K35xmGgo53e2rQlLM8seJwVeYCqO9iS7fumQWALY91LejrfjgPezUX5JBQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN/3peIrmnaA0S2UpNpn6qQtJlaHMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvM19lbDRpdWFkb0RSTFpTazJtZnFwQzBtVm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgVBQAMF
AyoR4QAwDQYJKoZIhvcNAQELBQADggEBAFZ6t+DJiWlzNkzdoQ3bB6rxaqf/JERe
oHzRLs9D+Dh4LCsIUhoHLte0qzCl/ebGbUoZXZVZruTvipWNyDW5OEyeE4ALqpo6
wFzuu0eEM8KPxxT6tC80GJ6vGqdLKPlY6arDCM8DxM8tdEaY9Qvm4LUAy+Y5hUdp
V42mSYNcNiCmvWLTSW2R8BPzARGMd0K08cuS+LKsbhROwKRD2UbOTquP8jpGqud3
FXufGRTrVcmPgR0RpiRVnQPt1ghjpjhGHu9fDrUaautkT+rHhTcQ7AcygdFGZAPv
n7a1l6soC4lGAxYlOutsYb8A6YZzdmPpEmy78w24TPZeU3AKw47iAK0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:30 2024 by rpki-client on console-ams.rpki-client.org