Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/iPLtSUgfaSM407Tx515zScAL4uE.roa
File:                     iPLtSUgfaSM407Tx515zScAL4uE.roa (raw, json)
Hash identifier:          YpBc3jnvE1uuPVAUGEWR5cZOng1/Q5DxM22uU8PySgA=
Subject key identifier:   88:F2:ED:49:48:1F:69:23:38:D3:B4:F1:E7:5E:73:49:C0:0B:E2:E1
Certificate issuer:       /CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Certificate serial:       018573716F25DC17A6991F5537F005F56413
Authority key identifier: 99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/iPLtSUgfaSM407Tx515zScAL4uE.roa
Signing time:             Mon 02 Jan 2023 17:04:51 +0000
ROA not before:           Mon 02 Jan 2023 17:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12349
IP address blocks:        164.59.128.0/23 maxlen: 24
                          164.59.130.0/24 maxlen: 24
                          164.59.136.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 May 2023 11:16:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:71:6f:25:dc:17:a6:99:1f:55:37:f0:05:f5:64:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d3a2d6fad651678e96d24e24d19d71fe380409
        Validity
            Not Before: Jan  2 17:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88f2ed49481f692338d3b4f1e75e7349c00be2e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:76:dc:2e:d5:4f:80:00:78:a6:47:c5:d1:10:
                    32:b9:52:c3:10:85:4c:78:cd:c9:08:00:fc:cf:03:
                    07:fe:5c:0a:92:7d:f8:30:60:68:bc:4c:f6:5f:f7:
                    5d:b0:a8:cf:b7:54:50:bc:92:c3:7d:6d:68:bd:9f:
                    e9:b3:31:97:7a:ee:64:73:22:d6:fc:ea:ec:d3:40:
                    a4:1d:28:26:1d:75:41:f4:f9:d2:e6:dd:81:5a:9e:
                    b9:5a:4a:59:cf:e6:2a:57:de:40:d9:5a:be:9e:3a:
                    1a:e9:5a:77:77:53:2d:55:87:0e:42:fd:58:4a:bf:
                    ec:29:6f:13:4d:cf:a3:2b:e8:9e:78:bf:65:40:aa:
                    d3:8c:bf:52:03:6b:5b:ab:bd:5d:26:4e:9f:b9:09:
                    d8:84:ac:31:bc:29:2f:58:72:10:80:3e:6a:23:ee:
                    db:a7:5c:cc:b1:8c:a7:dd:c9:db:02:e0:92:0b:b7:
                    16:25:98:dd:12:d7:4a:bf:b3:3b:8a:39:03:62:e9:
                    14:a6:68:be:ef:09:d8:c6:42:36:f1:73:cb:63:00:
                    ce:47:6c:0b:31:31:a4:2b:3c:bc:78:40:08:41:f6:
                    84:4f:25:cf:7a:70:e5:fe:12:e2:fa:a7:6d:6f:ba:
                    45:61:8e:19:6d:51:85:00:c1:83:9b:aa:3c:12:61:
                    d8:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:F2:ED:49:48:1F:69:23:38:D3:B4:F1:E7:5E:73:49:C0:0B:E2:E1
            X509v3 Authority Key Identifier:
                keyid:99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/iPLtSUgfaSM407Tx515zScAL4uE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.59.128.0-164.59.130.255
                  164.59.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         db:9b:6c:a0:64:76:cd:6c:11:16:05:99:db:c0:24:a2:d7:6d:
         14:91:ec:d8:e6:2a:25:86:5b:03:08:bf:64:7a:9e:f1:1f:6e:
         db:f8:5a:74:2b:29:84:5c:e2:89:60:2f:cd:7f:38:cf:ac:64:
         fe:93:61:88:13:99:df:fd:37:7e:fb:81:4d:81:5f:73:f9:9d:
         ea:7a:df:d9:fa:74:ec:a9:68:a1:f0:1f:d5:f5:95:ba:9c:82:
         a9:aa:e3:73:63:e5:e8:2b:b2:3a:5b:24:ef:b6:72:b5:ab:15:
         4c:bc:6a:01:78:12:37:14:2f:ae:f5:fc:5b:df:2f:84:20:86:
         18:b9:cd:df:02:da:cb:e2:3a:bd:30:ae:e6:7b:24:58:bd:cf:
         ff:3d:7b:a7:37:8b:a1:0c:ea:be:bc:e8:4e:7c:0d:bf:e7:1e:
         4b:72:fd:4f:88:44:09:7b:e2:af:3b:fb:dc:7c:9f:af:1e:9e:
         f8:0b:a0:45:1c:35:25:e9:7b:c3:17:30:2e:4f:20:92:51:2c:
         96:ee:85:81:6c:c3:ad:d4:55:b8:9c:ba:1e:c4:42:73:43:50:
         5a:58:30:3f:da:cf:0e:5e:b2:89:f3:58:9f:8f:49:c5:ea:93:
         93:fe:c2:b7:00:d6:56:69:61:85:d0:ef:05:8f:50:45:93:6f:
         d2:46:6d:96
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVzcW8l3BemmR9VN/AF9WQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDNhMmQ2ZmFkNjUxNjc4ZTk2ZDI0ZTI0ZDE5ZDcxZmUz
ODA0MDkwHhcNMjMwMTAyMTcwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGYyZWQ0OTQ4MWY2OTIzMzhkM2I0ZjFlNzVlNzM0OWMwMGJlMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXbcLtVPgAB4pkfF0RAyuVLDEIVM
eM3JCAD8zwMH/lwKkn34MGBovEz2X/ddsKjPt1RQvJLDfW1ovZ/pszGXeu5kcyLW
/Ors00CkHSgmHXVB9PnS5t2BWp65WkpZz+YqV95A2Vq+njoa6Vp3d1MtVYcOQv1Y
Sr/sKW8TTc+jK+ieeL9lQKrTjL9SA2tbq71dJk6fuQnYhKwxvCkvWHIQgD5qI+7b
p1zMsYyn3cnbAuCSC7cWJZjdEtdKv7M7ijkDYukUpmi+7wnYxkI28XPLYwDOR2wL
MTGkKzy8eEAIQfaETyXPenDl/hLi+qdtb7pFYY4ZbVGFAMGDm6o8EmHYLwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIjy7UlIH2kjONO08edec0nAC+LhMB8GA1UdIwQY
MBaAFJnTotb61lFnjpbSTiTRnXH+OAQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUt
NDhkNzM4YzU5NDdkLzEvaVBMdFNVZ2ZhU000MDdUeDUxNXpTY0FMNHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUtNDhkNzM4YzU5NDdk
LzEvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAekO4AD
BACkO4IDBAOkO4gwDQYJKoZIhvcNAQELBQADggEBANubbKBkds1sERYFmdvAJKLX
bRSR7NjmKiWGWwMIv2R6nvEfbtv4WnQrKYRc4olgL81/OM+sZP6TYYgTmd/9N377
gU2BX3P5nep639n6dOypaKHwH9X1lbqcgqmq43Nj5egrsjpbJO+2crWrFUy8agF4
EjcUL671/FvfL4Qghhi5zd8C2sviOr0wruZ7JFi9z/89e6c3i6EM6r686E58Db/n
Hkty/U+IRAl74q87+9x8n68envgLoEUcNSXpe8MXMC5PIJJRLJbuhYFsw63UVbic
uh7EQnNDUFpYMD/azw5esonzWJ+PScXqk5P+wrcA1lZpYYXQ7wWPUEWTb9JGbZY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:40 2024 by rpki-client on console-fra.rpki-client.org