Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/XMeuuFOUz9diPa69-resJF9ojwc.roa
File:                     XMeuuFOUz9diPa69-resJF9ojwc.roa (raw, json)
Hash identifier:          zi3/kP9lGq4g5hiQeBQtnFNFDZ3xQsu03CbvIdedz70=
Subject key identifier:   5C:C7:AE:B8:53:94:CF:D7:62:3D:AE:BD:FA:B7:AC:24:5F:68:8F:07
Certificate issuer:       /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial:       0185973DAACF598AF71F01519C61A5C0634B
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/XMeuuFOUz9diPa69-resJF9ojwc.roa
Signing time:             Mon 09 Jan 2023 15:54:39 +0000
ROA not before:           Mon 09 Jan 2023 15:54:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6720
IP address blocks:        217.149.224.0/20 maxlen: 20
                          141.203.0.0/16 maxlen: 16
                          2a00:1ba0:2::/48 maxlen: 48
                          2a00:1ba0:3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:97:3d:aa:cf:59:8a:f7:1f:01:51:9c:61:a5:c0:63:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
        Validity
            Not Before: Jan  9 15:54:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5cc7aeb85394cfd7623daebdfab7ac245f688f07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:3e:33:f1:6d:ce:b1:e8:83:68:41:cd:3a:8d:
                    72:3f:13:d9:74:1a:21:c7:2d:c7:27:e4:17:a9:1d:
                    b9:54:0b:9d:41:c5:b2:52:a3:18:52:4b:64:ba:a0:
                    2a:85:e1:14:51:10:78:23:47:d4:e2:07:36:fb:d1:
                    3c:0b:46:dc:ce:47:a1:f7:53:e6:ae:e1:4a:af:a5:
                    69:7d:3c:7d:42:ad:b1:3a:8a:18:3d:3e:ca:4a:50:
                    96:b5:69:29:0d:36:4c:cf:90:db:e4:42:d5:47:0f:
                    8e:b5:e9:88:6e:a9:2a:2e:c8:ea:47:62:71:3d:ab:
                    eb:e7:00:be:d2:8f:ce:22:6d:8c:24:03:4f:4b:1d:
                    8c:39:fa:e9:38:94:5c:4b:1a:cb:76:06:ff:8e:58:
                    da:a1:23:fa:8e:28:aa:8c:34:68:80:60:48:c9:31:
                    4c:bf:77:82:d0:09:f1:b9:5c:df:c4:8e:a0:85:ab:
                    71:bb:c2:3b:5b:40:38:be:3a:58:13:40:27:0c:66:
                    8a:9a:34:7d:62:4e:9c:e1:da:45:ba:95:a7:25:c2:
                    60:d4:04:b1:03:66:21:c2:c7:96:29:9c:c6:1d:ca:
                    35:66:ba:1b:42:38:af:4a:d5:d0:69:99:a9:8b:f4:
                    f4:73:5e:ed:bc:49:20:bc:13:c1:95:57:a7:2f:eb:
                    7a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:C7:AE:B8:53:94:CF:D7:62:3D:AE:BD:FA:B7:AC:24:5F:68:8F:07
            X509v3 Authority Key Identifier:
                keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/XMeuuFOUz9diPa69-resJF9ojwc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.203.0.0/16
                  217.149.224.0/20
                IPv6:
                  2a00:1ba0:2::/47

    Signature Algorithm: sha256WithRSAEncryption
         8a:76:7d:79:9d:b7:ac:91:1c:26:1a:c9:af:7a:30:92:bc:1b:
         62:56:59:c4:82:cc:ce:ad:88:b8:9f:4d:1b:68:b7:9f:7c:13:
         0d:62:58:1b:97:67:7f:91:5c:9c:ba:0e:82:aa:50:79:a8:e0:
         b2:3c:f3:51:51:b0:97:24:ba:1e:a7:24:bf:18:c8:10:2e:3f:
         77:e8:ea:02:34:da:64:28:bc:da:1e:24:87:b9:5c:cc:da:5b:
         5e:4f:47:54:be:55:dc:7c:9a:f4:cd:7a:58:09:3c:15:b9:a8:
         7c:da:a6:9f:f9:45:a5:1c:4f:94:30:b9:6f:ab:06:0b:0f:0d:
         cf:46:74:00:ce:e2:61:72:dd:a2:87:4a:d5:fb:bf:93:b8:5d:
         3f:9c:4b:e3:f9:77:27:8f:ac:a1:13:4a:44:41:2e:c0:97:60:
         01:c8:0e:6b:74:58:fa:a6:33:88:6b:eb:b1:eb:15:1e:75:f0:
         aa:92:c8:29:a2:bd:9a:24:73:23:13:ac:84:8f:c2:77:82:ba:
         ce:b1:3f:17:47:cc:e5:fb:d4:04:3a:90:7b:49:db:d2:60:d8:
         2a:1b:ae:83:c2:b1:cd:16:b4:e9:1f:57:f9:71:ee:5f:87:ee:
         3a:50:4d:51:fc:1b:06:59:19:dd:16:34:fc:45:16:dd:21:0f:
         37:6a:a2:bb
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYWXParPWYr3HwFRnGGlwGNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjMwMTA5MTU1NDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M3YWViODUzOTRjZmQ3NjIzZGFlYmRmYWI3YWMyNDVmNjg4ZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT4z8W3OseiDaEHNOo1yPxPZdBoh
xy3HJ+QXqR25VAudQcWyUqMYUktkuqAqheEUURB4I0fU4gc2+9E8C0bczkeh91Pm
ruFKr6VpfTx9Qq2xOooYPT7KSlCWtWkpDTZMz5Db5ELVRw+OtemIbqkqLsjqR2Jx
Pavr5wC+0o/OIm2MJANPSx2MOfrpOJRcSxrLdgb/jljaoSP6jiiqjDRogGBIyTFM
v3eC0AnxuVzfxI6ghatxu8I7W0A4vjpYE0AnDGaKmjR9Yk6c4dpFupWnJcJg1ASx
A2YhwseWKZzGHco1ZrobQjivStXQaZmpi/T0c17tvEkgvBPBlVenL+t6DQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFzHrrhTlM/XYj2uvfq3rCRfaI8HMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvWE1ldXVGT1V6OWRpUGE2OS1yZXNKRjlvandjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDARBAIAATALAwMAjcsDBATZ
leAwDwQCAAIwCQMHASoAG6AAAjANBgkqhkiG9w0BAQsFAAOCAQEAinZ9eZ23rJEc
JhrJr3owkrwbYlZZxILMzq2IuJ9NG2i3n3wTDWJYG5dnf5FcnLoOgqpQeajgsjzz
UVGwlyS6HqckvxjIEC4/d+jqAjTaZCi82h4kh7lczNpbXk9HVL5V3Hya9M16WAk8
FbmofNqmn/lFpRxPlDC5b6sGCw8Nz0Z0AM7iYXLdoodK1fu/k7hdP5xL4/l3J4+s
oRNKREEuwJdgAcgOa3RY+qYziGvrsesVHnXwqpLIKaK9miRzIxOshI/Cd4K6zrE/
F0fM5fvUBDqQe0nb0mDYKhuug8KxzRa06R9X+XHuX4fuOlBNUfwbBlkZ3RY0/EUW
3SEPN2qiuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:04 2024 by rpki-client on console-ams.rpki-client.org