Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/Xpzc1JE-rV8gRGTR8PP0i7VIOlU.roa
File:                     Xpzc1JE-rV8gRGTR8PP0i7VIOlU.roa (raw, json)
Hash identifier:          qXOmGFYORexpNTggL5097Qnq0dhEN5Px4kZq99ee/cU=
Subject key identifier:   5E:9C:DC:D4:91:3E:AD:5F:20:44:64:D1:F0:F3:F4:8B:B5:48:3A:55
Certificate issuer:       /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial:       01856FD52938D5E5F4B0D43C580BC4A897E3
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/Xpzc1JE-rV8gRGTR8PP0i7VIOlU.roa
Signing time:             Mon 02 Jan 2023 00:15:18 +0000
ROA not before:           Mon 02 Jan 2023 00:15:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     149794
IP address blocks:        2.57.57.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 10:28:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:29:38:d5:e5:f4:b0:d4:3c:58:0b:c4:a8:97:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
        Validity
            Not Before: Jan  2 00:15:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e9cdcd4913ead5f204464d1f0f3f48bb5483a55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b7:26:2b:fd:9a:6f:5a:9d:41:55:45:eb:f7:
                    f0:14:00:8d:38:d9:4e:1b:5c:88:90:28:11:68:6f:
                    95:07:40:c0:ba:e9:11:11:68:02:3d:c2:4f:84:04:
                    d3:39:fe:07:e0:e7:d6:1e:aa:9e:dd:2c:a9:e5:25:
                    5e:aa:73:8f:f7:ca:68:8f:44:00:0e:a6:ba:a5:d7:
                    97:c8:03:37:7e:35:59:9e:21:8a:e5:81:97:0c:3f:
                    d6:45:ac:22:79:16:c3:49:c9:77:fc:ba:9d:02:ee:
                    bc:64:bd:de:51:f1:4c:3a:ec:81:4a:9c:01:d9:47:
                    65:e1:70:82:01:b0:15:0d:69:df:03:f3:7c:7c:1b:
                    1d:ce:22:c7:20:3f:38:12:71:63:4b:67:96:b0:fb:
                    d2:22:dc:6f:6d:c4:cc:87:7c:db:8e:f1:e9:37:19:
                    42:b0:3e:62:05:f0:4e:ae:6a:e0:85:43:6f:b1:ff:
                    7b:7b:b6:74:13:37:e3:69:36:9a:d1:5c:ba:8b:cb:
                    1c:35:92:01:62:16:87:ef:50:b7:17:69:08:d2:a6:
                    19:75:0d:84:18:bf:d5:cb:1a:05:c3:55:eb:20:ed:
                    83:ad:cb:ed:99:23:a3:f2:f1:8a:5d:80:51:4f:f6:
                    93:3e:cb:da:77:00:93:0b:97:7c:f6:93:4a:eb:ba:
                    56:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:9C:DC:D4:91:3E:AD:5F:20:44:64:D1:F0:F3:F4:8B:B5:48:3A:55
            X509v3 Authority Key Identifier:
                keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/Xpzc1JE-rV8gRGTR8PP0i7VIOlU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:70:f3:d9:cb:01:87:8a:67:bd:d6:c3:24:da:34:5a:fc:38:
         81:6f:4a:38:95:15:1e:c2:45:4d:b3:69:a7:9f:a4:08:3e:8f:
         87:d4:82:b8:12:a4:97:0e:28:05:a4:24:dd:6a:7e:53:79:4b:
         eb:d5:e8:7a:dd:e8:7d:22:7e:47:71:94:14:17:fc:e4:ce:a5:
         73:3e:2d:73:99:8e:b7:86:f5:3c:3a:d5:9c:9e:43:cd:13:30:
         6a:c7:27:8e:35:4c:87:8a:6e:45:c1:81:cd:75:15:2f:e4:c1:
         1a:c4:7f:f4:51:04:92:fe:8f:d2:af:88:5d:c3:66:cd:95:63:
         91:89:17:15:8c:64:40:a4:f9:95:24:00:d1:f1:bc:a2:44:d3:
         9e:43:44:d2:11:eb:e8:f2:9d:0b:a8:01:61:10:97:b8:8c:10:
         9d:1a:60:49:42:34:a4:1e:c1:50:03:1d:75:89:30:97:b4:bd:
         d5:71:c9:4e:77:07:5e:29:22:20:3e:ae:62:12:06:16:88:6a:
         67:e0:d5:bd:3e:72:f8:3b:00:c6:6f:21:e4:cf:bf:35:af:42:
         d8:8e:8e:ba:b5:af:95:d8:a6:59:db:4c:b6:b7:fd:0a:c1:0b:
         6a:c4:3d:67:75:0f:a6:11:b9:f9:ed:d9:b9:8a:95:41:63:b9:
         97:57:48:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Sk41eX0sNQ8WAvEqJfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTljZGNkNDkxM2VhZDVmMjA0NDY0ZDFmMGYzZjQ4YmI1NDgzYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7cmK/2ab1qdQVVF6/fwFACNONlO
G1yIkCgRaG+VB0DAuukREWgCPcJPhATTOf4H4OfWHqqe3Syp5SVeqnOP98poj0QA
Dqa6pdeXyAM3fjVZniGK5YGXDD/WRawieRbDScl3/LqdAu68ZL3eUfFMOuyBSpwB
2Udl4XCCAbAVDWnfA/N8fBsdziLHID84EnFjS2eWsPvSItxvbcTMh3zbjvHpNxlC
sD5iBfBOrmrghUNvsf97e7Z0EzfjaTaa0Vy6i8scNZIBYhaH71C3F2kI0qYZdQ2E
GL/VyxoFw1XrIO2DrcvtmSOj8vGKXYBRT/aTPsvadwCTC5d89pNK67pWVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6c3NSRPq1fIERk0fDz9Iu1SDpVMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvWHB6YzFKRS1yVjhnUkdUUjhQUDBpN1ZJT2xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjk5MA0G
CSqGSIb3DQEBCwUAA4IBAQCacPPZywGHime91sMk2jRa/DiBb0o4lRUewkVNs2mn
n6QIPo+H1IK4EqSXDigFpCTdan5TeUvr1eh63eh9In5HcZQUF/zkzqVzPi1zmY63
hvU8OtWcnkPNEzBqxyeONUyHim5FwYHNdRUv5MEaxH/0UQSS/o/Sr4hdw2bNlWOR
iRcVjGRApPmVJADR8byiRNOeQ0TSEevo8p0LqAFhEJe4jBCdGmBJQjSkHsFQAx11
iTCXtL3VcclOdwdeKSIgPq5iEgYWiGpn4NW9PnL4OwDGbyHkz781r0LYjo66ta+V
2KZZ20y2t/0KwQtqxD1ndQ+mEbn57dm5ipVBY7mXV0jT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org