Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/4LUxKzUgjTzqOfPW9I6G0o9-kls.roa
File:                     4LUxKzUgjTzqOfPW9I6G0o9-kls.roa (raw, json)
Hash identifier:          s7BzWsGTmLmJDFE8wacPJe9xgqR58mZc+rBawGyT7HM=
Subject key identifier:   E0:B5:31:2B:35:20:8D:3C:EA:39:F3:D6:F4:8E:86:D2:8F:7E:92:5B
Certificate issuer:       /CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Certificate serial:       018572CCBDF2BFE2E5239C417E0664AED8E0
Authority key identifier: 61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/4LUxKzUgjTzqOfPW9I6G0o9-kls.roa
Signing time:             Mon 02 Jan 2023 14:04:58 +0000
ROA not before:           Mon 02 Jan 2023 14:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        159.60.0.0/20 maxlen: 24
                          159.60.192.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:bd:f2:bf:e2:e5:23:9c:41:7e:06:64:ae:d8:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
        Validity
            Not Before: Jan  2 14:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0b5312b35208d3cea39f3d6f48e86d28f7e925b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:0d:04:a3:af:ff:7b:ba:d8:34:45:55:a6:3a:
                    bd:32:bc:32:3d:bf:95:c4:97:2d:f6:9e:81:9f:73:
                    ff:4c:4b:8c:91:61:af:f8:dc:b7:72:76:aa:48:a0:
                    c0:8a:63:68:66:f9:7d:7a:6d:2d:94:93:12:c3:1a:
                    24:3e:e3:33:9d:80:25:c1:7f:e4:88:2d:27:d4:16:
                    00:e2:44:3d:ed:0b:fc:a6:cf:6a:d9:37:41:53:ee:
                    0b:ff:0e:c3:37:ed:d0:b5:70:c9:8c:28:7c:46:ea:
                    b1:18:e6:34:0d:60:cd:54:9f:1c:f7:fb:c1:c7:23:
                    32:80:00:17:07:c8:2e:1c:f0:c2:3a:4f:65:71:31:
                    f9:be:8d:35:ef:e2:41:5b:5b:3f:6a:24:5e:0b:18:
                    f2:6c:8e:4e:0a:37:6b:19:52:bd:6d:5d:88:aa:2d:
                    0f:9e:f7:72:21:80:d6:b8:90:a1:64:c4:1e:b5:30:
                    42:72:45:53:e5:a6:e5:e6:d2:90:65:3c:1f:d3:da:
                    ab:ec:e4:84:66:dd:b7:4e:1d:a6:b7:96:fc:8f:9d:
                    86:68:97:59:df:42:ae:34:d4:5f:53:b4:39:21:83:
                    f3:3e:5d:2c:e3:41:27:28:da:19:15:fc:fd:1b:48:
                    b6:31:fe:fd:f3:69:bf:4f:52:f8:3c:11:bb:f6:96:
                    46:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:B5:31:2B:35:20:8D:3C:EA:39:F3:D6:F4:8E:86:D2:8F:7E:92:5B
            X509v3 Authority Key Identifier:
                keyid:61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/4LUxKzUgjTzqOfPW9I6G0o9-kls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.60.0.0/20
                  159.60.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         8f:24:ca:fe:b7:ca:08:0a:c2:8d:02:1c:a6:70:ea:6a:e9:8e:
         4f:ac:31:65:87:d6:d8:89:01:04:ff:4a:6b:40:ef:da:7b:1f:
         34:4f:95:38:b6:59:15:46:a1:51:8f:c9:39:89:62:99:97:4f:
         66:17:ef:43:b9:bb:7e:d9:f4:b2:b7:c9:69:de:02:c9:f0:74:
         91:8f:a0:7e:7e:0a:d4:cf:16:ab:4e:9f:1b:0c:3e:40:9f:b9:
         8f:30:76:24:9c:7d:4e:e8:0b:2a:f1:58:e6:d4:21:c1:10:cd:
         e1:fc:f8:63:98:50:b5:63:3b:fe:e7:7a:a6:d8:d8:49:68:58:
         35:5b:a3:15:77:94:25:a5:44:0a:cd:03:6f:a3:54:a4:35:51:
         5b:9c:fe:de:93:69:d9:3d:f0:ec:da:37:84:d7:d1:ff:09:ef:
         48:d5:c8:49:73:94:63:9b:53:a9:e6:94:b6:3a:a0:c6:f1:1b:
         d5:1f:2e:9a:50:0a:07:cb:0b:e4:1b:88:ab:73:9d:cb:56:a8:
         87:46:08:f1:45:98:d0:44:bf:92:1d:64:45:35:3f:22:c0:4e:
         ba:6c:9f:ea:6d:0a:3c:99:01:e3:c7:b7:f3:62:2a:06:65:7d:
         0e:56:02:6e:e3:3d:1d:a5:13:6c:d8:c3:ef:61:a3:fa:5a:61:
         fb:3d:68:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzL3yv+LlI5xBfgZkrtjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjNlMWNhYjhjYmY1YjNjNmUwZmJiZTE0OTFmNDhkYTYw
Y2FlNmMwHhcNMjMwMTAyMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGI1MzEyYjM1MjA4ZDNjZWEzOWYzZDZmNDhlODZkMjhmN2U5MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ0Eo6//e7rYNEVVpjq9MrwyPb+V
xJct9p6Bn3P/TEuMkWGv+Ny3cnaqSKDAimNoZvl9em0tlJMSwxokPuMznYAlwX/k
iC0n1BYA4kQ97Qv8ps9q2TdBU+4L/w7DN+3QtXDJjCh8RuqxGOY0DWDNVJ8c9/vB
xyMygAAXB8guHPDCOk9lcTH5vo017+JBW1s/aiReCxjybI5OCjdrGVK9bV2Iqi0P
nvdyIYDWuJChZMQetTBCckVT5abl5tKQZTwf09qr7OSEZt23Th2mt5b8j52GaJdZ
30KuNNRfU7Q5IYPzPl0s40EnKNoZFfz9G0i2Mf7982m/T1L4PBG79pZGawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOC1MSs1II086jnz1vSOhtKPfpJbMB8GA1UdIwQY
MBaAFGGz4cq4y/WzxuD7vhSR9I2mDK5sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQt
OTQ3Y2M1NGViZTAyLzEvNExVeEt6VWdqVHpxT2ZQVzlJNkcwbzkta2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQtOTQ3Y2M1NGViZTAy
LzEvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEnzwAAwQG
nzzAMA0GCSqGSIb3DQEBCwUAA4IBAQCPJMr+t8oICsKNAhymcOpq6Y5PrDFlh9bY
iQEE/0prQO/aex80T5U4tlkVRqFRj8k5iWKZl09mF+9Dubt+2fSyt8lp3gLJ8HSR
j6B+fgrUzxarTp8bDD5An7mPMHYknH1O6Asq8Vjm1CHBEM3h/PhjmFC1Yzv+53qm
2NhJaFg1W6MVd5QlpUQKzQNvo1SkNVFbnP7ek2nZPfDs2jeE19H/Ce9I1chJc5Rj
m1Op5pS2OqDG8RvVHy6aUAoHywvkG4irc53LVqiHRgjxRZjQRL+SHWRFNT8iwE66
bJ/qbQo8mQHjx7fzYioGZX0OVgJu4z0dpRNs2MPvYaP6WmH7PWjP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:22 2024 by rpki-client on console-fra.rpki-client.org