Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/AHDVXjrOg6vDQf2yj5eg0O8WRlQ.roa
File:                     AHDVXjrOg6vDQf2yj5eg0O8WRlQ.roa (raw, json)
Hash identifier:          kla5EyZCZq//b+Y3ggYLPAS7kasaHpZlDxLFWZq3fVU=
Subject key identifier:   00:70:D5:5E:3A:CE:83:AB:C3:41:FD:B2:8F:97:A0:D0:EF:16:46:54
Certificate issuer:       /CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
Certificate serial:       01857227DB325299C0777303FFE627E1C92E
Authority key identifier: B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/AHDVXjrOg6vDQf2yj5eg0O8WRlQ.roa
Signing time:             Mon 02 Jan 2023 11:04:52 +0000
ROA not before:           Mon 02 Jan 2023 11:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        132.75.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:27:db:32:52:99:c0:77:73:03:ff:e6:27:e1:c9:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
        Validity
            Not Before: Jan  2 11:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0070d55e3ace83abc341fdb28f97a0d0ef164654
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:34:4f:3a:f5:76:35:e1:3e:7c:0c:bb:0a:1b:
                    f9:75:c9:67:a2:d0:40:0e:26:b3:02:b0:94:a9:e6:
                    e9:c0:5c:be:d4:2e:df:1b:b2:ec:97:66:1f:36:04:
                    17:59:1e:33:40:f6:d9:0e:a4:3a:71:52:c7:ed:0a:
                    14:b2:ea:2b:1f:3b:be:e9:b2:0c:dc:23:32:12:72:
                    10:59:7d:81:59:83:4b:07:ec:c1:c9:0e:4d:59:6f:
                    7d:9d:a1:2c:06:b1:24:cc:68:c0:38:9c:db:04:e6:
                    ca:3c:33:fa:3c:eb:8d:56:7c:41:77:00:78:6c:f3:
                    17:18:e1:90:67:e0:ff:a0:b1:1c:51:62:db:cb:db:
                    d6:4e:61:b5:6a:3c:b2:16:9f:ff:03:47:65:d1:c3:
                    7d:c9:28:55:80:ff:1d:09:73:86:59:10:4b:11:eb:
                    ce:be:21:86:31:8f:52:d8:82:93:9e:41:77:56:a1:
                    e4:41:8f:52:69:35:19:89:f7:11:cc:0a:f1:10:34:
                    d2:97:86:f5:a9:52:f1:c8:d8:06:80:ca:a2:fd:94:
                    04:1d:f2:ef:3a:b2:81:c0:ed:8b:b2:32:b0:2e:13:
                    6f:a9:b8:dc:4f:ec:6e:af:6c:4c:15:50:32:77:db:
                    2c:1f:8b:d1:b1:46:85:ef:d4:f8:6a:cf:5d:f8:1e:
                    7d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:70:D5:5E:3A:CE:83:AB:C3:41:FD:B2:8F:97:A0:D0:EF:16:46:54
            X509v3 Authority Key Identifier:
                keyid:B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/AHDVXjrOg6vDQf2yj5eg0O8WRlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/uNJRxL_VJtoGLUzir1a25G6SURc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.75.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:ee:b1:7b:c6:fb:75:f7:0d:58:82:93:3c:d6:78:66:8e:29:
         90:5d:ab:8c:31:95:be:f4:a1:0e:0c:0b:26:b0:45:e3:53:38:
         5e:b8:51:51:e7:92:10:96:a4:7e:df:72:de:a8:9e:8b:b0:73:
         f2:bf:a2:1b:03:ea:7a:58:38:67:64:67:f7:62:2f:bf:66:01:
         00:4c:84:8c:8a:9f:26:a1:32:ca:ac:06:01:f5:82:b2:26:55:
         b4:02:47:16:d8:a2:c9:29:fb:6f:57:2b:ee:2b:db:2a:5b:a6:
         ce:fb:e4:78:a0:a1:5f:18:35:1d:e0:28:bf:d6:c0:58:09:80:
         6a:bc:22:f8:50:2b:60:d6:89:5e:4d:12:d9:2b:b3:91:96:36:
         fd:26:a0:73:7e:db:57:d8:c6:07:8c:59:a3:36:9e:9e:20:2f:
         3e:a8:fb:dd:5e:16:10:36:d9:51:a9:bc:2f:b1:d4:53:5b:ac:
         63:ac:38:a6:23:9b:a5:00:72:f3:c1:80:8d:1e:8f:59:b3:59:
         d7:2d:85:a5:ff:c9:f0:91:91:98:7f:18:73:e7:4a:34:88:47:
         f3:a0:a6:e0:a8:cf:5a:56:f5:f5:9d:f0:8e:48:1b:11:bf:02:
         e6:c4:36:d1:88:9f:e2:d6:7e:67:c4:19:90:da:00:ea:92:25:
         8d:39:a8:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ9syUpnAd3MD/+Yn4ckuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDI1MWM0YmZkNTI2ZGEwNjJkNGNlMmFmNTZiNmU0NmU5
MjUxMTcwHhcNMjMwMTAyMTEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDcwZDU1ZTNhY2U4M2FiYzM0MWZkYjI4Zjk3YTBkMGVmMTY0NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTRPOvV2NeE+fAy7Chv5dclnotBA
DiazArCUqebpwFy+1C7fG7Lsl2YfNgQXWR4zQPbZDqQ6cVLH7QoUsuorHzu+6bIM
3CMyEnIQWX2BWYNLB+zByQ5NWW99naEsBrEkzGjAOJzbBObKPDP6POuNVnxBdwB4
bPMXGOGQZ+D/oLEcUWLby9vWTmG1ajyyFp//A0dl0cN9yShVgP8dCXOGWRBLEevO
viGGMY9S2IKTnkF3VqHkQY9SaTUZifcRzArxEDTSl4b1qVLxyNgGgMqi/ZQEHfLv
OrKBwO2LsjKwLhNvqbjcT+xur2xMFVAyd9ssH4vRsUaF79T4as9d+B59QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABw1V46zoOrw0H9so+XoNDvFkZUMB8GA1UdIwQY
MBaAFLjSUcS/1SbaBi1M4q9WtuRuklEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAt
NDJiM2Q2OGI1Njc2LzEvQUhEVlhqck9nNnZEUWYyeWo1ZWcwTzhXUmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAtNDJiM2Q2OGI1Njc2
LzEvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAhEtgMA0G
CSqGSIb3DQEBCwUAA4IBAQAT7rF7xvt19w1YgpM81nhmjimQXauMMZW+9KEODAsm
sEXjUzheuFFR55IQlqR+33LeqJ6LsHPyv6IbA+p6WDhnZGf3Yi+/ZgEATISMip8m
oTLKrAYB9YKyJlW0AkcW2KLJKftvVyvuK9sqW6bO++R4oKFfGDUd4Ci/1sBYCYBq
vCL4UCtg1oleTRLZK7ORljb9JqBzfttX2MYHjFmjNp6eIC8+qPvdXhYQNtlRqbwv
sdRTW6xjrDimI5ulAHLzwYCNHo9Zs1nXLYWl/8nwkZGYfxhz50o0iEfzoKbgqM9a
VvX1nfCOSBsRvwLmxDbRiJ/i1n5nxBmQ2gDqkiWNOahw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:46 2024 by rpki-client on console-ams.rpki-client.org