Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IfsrEpbVd62KAT3gj0Av-QHDrcQ.roa
File:                     IfsrEpbVd62KAT3gj0Av-QHDrcQ.roa (raw, json)
Hash identifier:          gew3T7OZMnVrjZENrdWaOSqFUohAd/cIhaVTgUp+iKs=
Subject key identifier:   21:FB:2B:12:96:D5:77:AD:8A:01:3D:E0:8F:40:2F:F9:01:C3:AD:C4
Certificate issuer:       /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial:       0185E5599BFC3AF879A9CFA04F61DDBE9799
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IfsrEpbVd62KAT3gj0Av-QHDrcQ.roa
Signing time:             Tue 24 Jan 2023 19:55:33 +0000
ROA not before:           Tue 24 Jan 2023 19:55:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60649
IP address blocks:        150.129.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Feb 2023 17:19:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e5:59:9b:fc:3a:f8:79:a9:cf:a0:4f:61:dd:be:97:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
        Validity
            Not Before: Jan 24 19:55:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=21fb2b1296d577ad8a013de08f402ff901c3adc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:30:35:40:53:57:25:bc:98:f4:24:19:83:57:
                    57:a1:5c:2c:1b:b1:d2:3e:94:cc:ef:39:50:87:f2:
                    d7:50:d9:bd:fb:0f:e6:6d:2a:a9:c0:fc:db:e4:cd:
                    b2:a9:ef:f7:f2:3b:bb:4e:da:3f:57:8f:55:0e:f6:
                    23:43:7d:a7:ca:d2:16:3c:c3:46:ac:df:72:0b:55:
                    b9:9b:81:90:e2:15:0e:b4:dc:35:b0:2a:67:d0:84:
                    5c:68:f6:30:81:15:69:73:07:b2:c7:34:d7:e6:5d:
                    8a:8e:15:93:09:21:b4:fb:e5:2e:7f:db:44:b7:2c:
                    f1:df:23:7e:c8:0b:dc:3c:7e:ae:86:92:c9:7c:8a:
                    8a:03:0a:8d:2d:52:88:de:fe:a1:97:9d:68:75:f1:
                    30:35:f3:11:f1:29:6c:63:62:92:27:6c:40:01:4d:
                    a0:73:0d:e1:15:db:9d:4a:f2:46:d7:53:2a:26:dd:
                    5e:c9:95:d0:dd:9c:82:ba:10:af:e4:a2:27:22:69:
                    34:17:2c:7d:4f:09:2d:5b:83:be:cf:75:98:c3:fd:
                    d6:3c:d4:24:a7:da:c0:78:74:d5:8b:eb:28:dc:bc:
                    7f:7d:ed:b1:0a:44:cb:2b:c2:b1:f0:ce:2a:3b:7d:
                    6e:3a:ef:5d:61:55:04:ed:8c:88:d6:13:64:c1:b4:
                    e3:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:FB:2B:12:96:D5:77:AD:8A:01:3D:E0:8F:40:2F:F9:01:C3:AD:C4
            X509v3 Authority Key Identifier:
                keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IfsrEpbVd62KAT3gj0Av-QHDrcQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.129.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:84:80:b8:44:6d:0d:9f:e8:4e:4d:89:e2:a2:1c:79:74:e3:
         b2:5d:c3:20:87:7d:cd:03:bd:f4:2f:9b:c7:99:6e:7e:18:4b:
         30:98:53:6c:46:06:d7:91:37:87:63:a5:88:29:2c:ef:e0:31:
         cd:bf:88:6a:73:e8:33:06:ee:2f:a9:cb:07:a2:02:e5:e0:02:
         6d:37:7b:fd:da:ba:d6:ad:f1:ae:fa:9f:0e:8f:ba:af:6c:d6:
         7c:e5:70:dc:11:04:88:f7:a8:f4:21:a7:fb:b3:52:d6:75:6e:
         3f:ec:e2:5a:48:54:2a:67:4b:b9:e0:23:bb:92:80:3d:8f:17:
         bc:dc:aa:37:49:c9:06:c1:df:46:95:cb:a9:f0:d7:ce:91:4d:
         c5:06:5b:d4:27:00:6f:6a:a5:c9:23:00:dc:9d:b3:a3:27:d9:
         4d:07:39:38:0e:6b:31:65:fd:76:c4:db:97:ab:2b:aa:56:42:
         7f:85:ca:f7:9b:3e:7b:33:56:81:c8:2f:02:89:71:4c:aa:b0:
         a9:8b:e0:34:a5:52:6a:22:f3:96:09:79:ff:58:aa:78:2b:5d:
         92:13:d0:60:f4:a7:ed:cf:aa:87:1a:6c:e1:cc:3d:69:14:fd:
         f7:b1:ee:fa:59:63:45:c5:5c:a5:50:c4:db:6f:e1:9b:2a:d5:
         b4:11:31:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXlWZv8Ovh5qc+gT2HdvpeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjMwMTI0MTk1NTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZiMmIxMjk2ZDU3N2FkOGEwMTNkZTA4ZjQwMmZmOTAxYzNhZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzA1QFNXJbyY9CQZg1dXoVwsG7HS
PpTM7zlQh/LXUNm9+w/mbSqpwPzb5M2yqe/38ju7Tto/V49VDvYjQ32nytIWPMNG
rN9yC1W5m4GQ4hUOtNw1sCpn0IRcaPYwgRVpcweyxzTX5l2KjhWTCSG0++Uuf9tE
tyzx3yN+yAvcPH6uhpLJfIqKAwqNLVKI3v6hl51odfEwNfMR8SlsY2KSJ2xAAU2g
cw3hFdudSvJG11MqJt1eyZXQ3ZyCuhCv5KInImk0Fyx9TwktW4O+z3WYw/3WPNQk
p9rAeHTVi+so3Lx/fe2xCkTLK8Kx8M4qO31uOu9dYVUE7YyI1hNkwbTjewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCH7KxKW1XetigE94I9AL/kBw63EMB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvSWZzckVwYlZkNjJLQVQzZ2owQXYtUUhEcmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAloELMA0G
CSqGSIb3DQEBCwUAA4IBAQAHhIC4RG0Nn+hOTYniohx5dOOyXcMgh33NA730L5vH
mW5+GEswmFNsRgbXkTeHY6WIKSzv4DHNv4hqc+gzBu4vqcsHogLl4AJtN3v92rrW
rfGu+p8Oj7qvbNZ85XDcEQSI96j0Iaf7s1LWdW4/7OJaSFQqZ0u54CO7koA9jxe8
3Ko3SckGwd9Glcup8NfOkU3FBlvUJwBvaqXJIwDcnbOjJ9lNBzk4DmsxZf12xNuX
qyuqVkJ/hcr3mz57M1aByC8CiXFMqrCpi+A0pVJqIvOWCXn/WKp4K12SE9Bg9Kft
z6qHGmzhzD1pFP33se76WWNFxVylUMTbb+GbKtW0ETGB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:13 2024 by rpki-client on console-ams.rpki-client.org