Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/aMwaI6H2shPn0I7y_aoLUN4XJTU.roa
File:                     aMwaI6H2shPn0I7y_aoLUN4XJTU.roa (raw, json)
Hash identifier:          f3SjbnMhJ6JXrecqcDSiS1cJVsbIRaJm50mgMn0IsNg=
Subject key identifier:   68:CC:1A:23:A1:F6:B2:13:E7:D0:8E:F2:FD:AA:0B:50:DE:17:25:35
Certificate issuer:       /CN=25a553794223e6b4c632779b51371dc4e7d70705
Certificate serial:       018CC4247AC583A2A199B8CF25B1C0D4ADF2
Authority key identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/aMwaI6H2shPn0I7y_aoLUN4XJTU.roa
Signing time:             Mon 01 Jan 2024 08:29:34 +0000
ROA not before:           Mon 01 Jan 2024 08:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201471
IP address blocks:        176.223.250.0/23 maxlen: 23
                          176.223.248.0/23 maxlen: 24
                          84.40.0.0/20 maxlen: 24
                          84.40.32.0/21 maxlen: 24
                          2001:67c:4dc::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 27 May 2024 12:55:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:7a:c5:83:a2:a1:99:b8:cf:25:b1:c0:d4:ad:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a553794223e6b4c632779b51371dc4e7d70705
        Validity
            Not Before: Jan  1 08:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=68cc1a23a1f6b213e7d08ef2fdaa0b50de172535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c1:f7:c1:14:65:87:16:dd:53:1e:56:7b:19:
                    8e:ce:19:a9:97:d6:d7:1e:e4:ba:4b:4f:c7:d2:5d:
                    aa:39:70:05:41:52:ae:2c:21:cd:d7:3d:9d:ea:94:
                    66:5d:fb:6a:08:90:95:40:33:27:f2:ee:d7:26:ff:
                    72:a7:a8:92:a6:b8:58:0b:37:b2:8e:05:a1:54:c6:
                    83:0b:2c:3b:08:55:56:e9:57:ca:65:81:ec:00:e6:
                    af:f8:c5:2e:75:4c:91:03:3c:11:f1:83:10:e0:5c:
                    21:38:f0:d3:21:79:42:96:cf:d9:86:21:33:71:cb:
                    6c:7a:52:e2:e9:71:04:ce:69:95:3e:a4:b9:4a:93:
                    85:7c:62:53:c0:28:61:d1:d7:7b:0e:2b:78:ed:aa:
                    bb:7a:70:f0:d9:d0:b0:3a:68:4c:aa:cf:86:65:d3:
                    0d:e2:7c:d0:9f:56:bf:c9:13:d4:1d:45:8a:1a:f0:
                    01:b7:16:3f:b4:59:4a:29:41:c3:57:55:aa:cc:22:
                    27:8c:59:cd:67:a0:48:c0:19:0b:b6:19:da:f1:62:
                    cd:25:4b:79:54:02:6d:36:b9:3c:41:87:84:16:b8:
                    d9:7e:8f:f7:cd:43:6f:f0:b9:58:cb:11:0f:2d:5a:
                    5a:e6:25:8f:9f:ad:b3:aa:5b:bb:72:2d:35:91:b5:
                    c5:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:CC:1A:23:A1:F6:B2:13:E7:D0:8E:F2:FD:AA:0B:50:DE:17:25:35
            X509v3 Authority Key Identifier:
                keyid:25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/aMwaI6H2shPn0I7y_aoLUN4XJTU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.40.0.0/20
                  84.40.32.0/21
                  176.223.248.0/22
                IPv6:
                  2001:67c:4dc::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:a0:d5:9b:0a:08:5d:c3:91:9e:48:b8:12:c3:22:c4:f4:aa:
         97:35:0c:1d:59:24:52:51:dd:b6:62:b1:6e:50:d5:70:94:85:
         7e:61:f7:1e:d4:9d:e5:e5:53:64:98:42:2a:9c:0d:0b:f7:0a:
         12:0c:46:ca:6a:9e:a5:27:5a:88:91:47:55:64:07:f1:8d:10:
         25:79:e1:d0:0e:47:7f:a0:e7:5b:f4:9f:69:12:5e:cc:f8:48:
         61:13:da:7d:2d:ca:80:05:b2:1e:4a:13:48:c2:b2:7a:c8:d8:
         b1:f8:a0:da:7c:c2:70:2d:48:8d:bf:42:25:a0:3c:75:eb:38:
         25:eb:30:f8:b6:99:42:d7:af:e6:32:b4:69:76:ea:58:80:f3:
         71:64:81:7f:af:76:e3:d8:2e:e5:df:ac:25:ee:5b:5f:62:87:
         f2:39:24:49:64:a1:65:94:e9:36:ea:da:61:95:b8:1c:31:3f:
         fe:4e:a4:24:cc:d7:a1:46:06:cf:86:f7:61:a4:dc:3c:ef:47:
         00:6d:c3:74:96:87:0e:54:29:ac:b2:52:f8:e5:ca:d0:af:83:
         58:95:66:ec:04:68:23:1f:39:57:5b:e5:8a:38:a5:d2:13:03:
         79:dc:9e:9e:d8:c9:1d:61:d8:01:30:69:e8:79:14:d8:0f:b1:
         1c:15:f6:8b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEJHrFg6KhmbjPJbHA1K3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTU1Mzc5NDIyM2U2YjRjNjMyNzc5YjUxMzcxZGM0ZTdk
NzA3MDUwHhcNMjQwMTAxMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNjMWEyM2ExZjZiMjEzZTdkMDhlZjJmZGFhMGI1MGRlMTcyNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sH3wRRlhxbdUx5WexmOzhmpl9bX
HuS6S0/H0l2qOXAFQVKuLCHN1z2d6pRmXftqCJCVQDMn8u7XJv9yp6iSprhYCzey
jgWhVMaDCyw7CFVW6VfKZYHsAOav+MUudUyRAzwR8YMQ4FwhOPDTIXlCls/ZhiEz
cctselLi6XEEzmmVPqS5SpOFfGJTwChh0dd7Dit47aq7enDw2dCwOmhMqs+GZdMN
4nzQn1a/yRPUHUWKGvABtxY/tFlKKUHDV1WqzCInjFnNZ6BIwBkLthna8WLNJUt5
VAJtNrk8QYeEFrjZfo/3zUNv8LlYyxEPLVpa5iWPn62zqlu7ci01kbXFJQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGjMGiOh9rIT59CO8v2qC1DeFyU1MB8GA1UdIwQY
MBaAFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYt
MzBlOTI5ZWQxMDYzLzEvYU13YUk2SDJzaFBuMEk3eV9hb0xVTjRYSlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYtMzBlOTI5ZWQxMDYz
LzEvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEVCgAAwQD
VCggAwQCsN/4MA8EAgACMAkDBwAgAQZ8BNwwDQYJKoZIhvcNAQELBQADggEBACeg
1ZsKCF3DkZ5IuBLDIsT0qpc1DB1ZJFJR3bZisW5Q1XCUhX5h9x7UneXlU2SYQiqc
DQv3ChIMRspqnqUnWoiRR1VkB/GNECV54dAOR3+g51v0n2kSXsz4SGET2n0tyoAF
sh5KE0jCsnrI2LH4oNp8wnAtSI2/QiWgPHXrOCXrMPi2mULXr+YytGl26liA83Fk
gX+vduPYLuXfrCXuW19ih/I5JElkoWWU6Tbq2mGVuBwxP/5OpCTM16FGBs+G92Gk
3DzvRwBtw3SWhw5UKayyUvjlytCvg1iVZuwEaCMfOVdb5Yo4pdITA3ncnp7YyR1h
2AEwaeh5FNgPsRwV9os=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:53 2024 by rpki-client on console-ams.rpki-client.org