Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/WeKlP-shy7CTY8Luu1YnpkvOlsI.roa
File:                     WeKlP-shy7CTY8Luu1YnpkvOlsI.roa (raw, json)
Hash identifier:          qvIfF9/aaAVjuLDQ0i3idy5TLDRgOUrLoobg22yN4Sw=
Subject key identifier:   59:E2:A5:3F:EB:21:CB:B0:93:63:C2:EE:BB:56:27:A6:4B:CE:96:C2
Certificate issuer:       /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial:       018CC8DF0B071C1A3AEF332E458867850C13
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/WeKlP-shy7CTY8Luu1YnpkvOlsI.roa
Signing time:             Tue 02 Jan 2024 06:31:49 +0000
ROA not before:           Tue 02 Jan 2024 06:31:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6424
IP address blocks:        103.229.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Feb 2024 13:36:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:0b:07:1c:1a:3a:ef:33:2e:45:88:67:85:0c:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
        Validity
            Not Before: Jan  2 06:31:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=59e2a53feb21cbb09363c2eebb5627a64bce96c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:4f:30:46:ab:4e:cc:c7:ca:da:b3:51:a4:63:
                    c6:11:70:2c:a0:d7:62:47:dd:42:46:00:40:5a:12:
                    93:5a:14:c2:14:f3:9e:95:f6:a3:94:4f:27:6a:a6:
                    15:48:27:04:ac:b7:b6:2c:94:aa:76:d5:50:f0:19:
                    31:3b:b5:44:ff:42:51:2a:90:46:3e:0a:2b:da:15:
                    b3:96:73:a5:3a:6c:ac:69:4a:2d:81:d7:ed:08:fb:
                    82:3f:03:94:e7:fc:c0:28:37:b1:92:52:4c:92:9d:
                    bf:9f:9e:95:98:0b:64:5e:46:af:5f:77:90:f3:98:
                    07:df:7d:a6:b5:58:3c:c9:03:b2:61:10:13:41:19:
                    a5:6f:61:32:99:43:8f:6d:9c:bf:67:b3:34:92:10:
                    7c:63:30:d2:87:a4:13:c3:ff:1e:7e:ee:64:7e:15:
                    31:e6:4b:ae:42:47:08:43:a1:b7:28:1d:ef:0b:79:
                    56:44:00:f0:9c:fe:82:03:d9:da:8b:f6:b6:0e:9d:
                    4a:64:91:1d:5f:7f:9c:fa:90:93:9b:57:2e:45:0e:
                    94:dd:ee:1a:47:88:e7:09:a6:b0:4c:3e:92:29:76:
                    79:b1:c0:e8:48:f4:d0:ad:7d:d7:33:72:d4:d5:72:
                    e1:c7:25:78:c2:f1:40:9a:cf:ad:d3:37:71:82:bb:
                    ea:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:E2:A5:3F:EB:21:CB:B0:93:63:C2:EE:BB:56:27:A6:4B:CE:96:C2
            X509v3 Authority Key Identifier:
                keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/WeKlP-shy7CTY8Luu1YnpkvOlsI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.229.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:ee:6b:ae:52:e9:62:c9:aa:ca:00:34:37:56:1b:93:f9:98:
         43:8a:21:22:82:df:7c:63:c1:35:01:27:45:e9:ba:70:16:c5:
         9b:4c:ff:f5:f2:3a:7b:2b:02:bc:10:29:67:97:d3:f2:7b:46:
         23:d9:a3:d6:a1:78:68:05:57:5e:ad:42:ac:5c:9b:83:e9:21:
         c8:1c:2c:b7:04:0b:ce:52:6f:a3:f5:29:56:c2:3c:37:a4:98:
         10:27:ab:c8:d7:5d:99:8b:1b:39:c7:6d:a5:25:a9:66:cb:42:
         40:5b:4b:59:96:c3:bd:e1:7a:a8:0a:98:49:ac:0c:f5:37:4c:
         48:42:4c:5d:cb:cc:4a:27:49:94:9c:06:fd:c8:f9:89:40:98:
         35:29:f4:de:d3:a2:ea:91:86:13:2a:df:ca:45:07:c1:23:58:
         47:37:37:89:f5:3e:8e:33:92:f0:55:9c:c2:de:f6:04:c5:78:
         7b:b3:cc:b3:72:f7:52:cf:ff:08:33:d0:af:1d:f6:b2:84:00:
         a6:74:1a:db:da:bf:59:7e:a0:77:f0:d3:5a:23:ad:ec:f4:07:
         a1:1c:1a:0a:dc:10:79:0f:13:26:68:92:ba:49:74:8e:62:da:
         ae:d2:b7:37:52:db:3e:50:d9:20:03:f0:4f:a5:cc:b3:cb:89:
         76:de:40:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3wsHHBo67zMuRYhnhQwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjQwMTAyMDYzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWUyYTUzZmViMjFjYmIwOTM2M2MyZWViYjU2MjdhNjRiY2U5NmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk8wRqtOzMfK2rNRpGPGEXAsoNdi
R91CRgBAWhKTWhTCFPOelfajlE8naqYVSCcErLe2LJSqdtVQ8BkxO7VE/0JRKpBG
Pgor2hWzlnOlOmysaUotgdftCPuCPwOU5/zAKDexklJMkp2/n56VmAtkXkavX3eQ
85gH332mtVg8yQOyYRATQRmlb2EymUOPbZy/Z7M0khB8YzDSh6QTw/8efu5kfhUx
5kuuQkcIQ6G3KB3vC3lWRADwnP6CA9nai/a2Dp1KZJEdX3+c+pCTm1cuRQ6U3e4a
R4jnCaawTD6SKXZ5scDoSPTQrX3XM3LU1XLhxyV4wvFAms+t0zdxgrvqjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFnipT/rIcuwk2PC7rtWJ6ZLzpbCMB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvV2VLbFAtc2h5N0NUWThMdXUxWW5wa3ZPbHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+VRMA0G
CSqGSIb3DQEBCwUAA4IBAQAk7muuUuliyarKADQ3VhuT+ZhDiiEigt98Y8E1ASdF
6bpwFsWbTP/18jp7KwK8EClnl9Pye0Yj2aPWoXhoBVderUKsXJuD6SHIHCy3BAvO
Um+j9SlWwjw3pJgQJ6vI112Zixs5x22lJalmy0JAW0tZlsO94XqoCphJrAz1N0xI
Qkxdy8xKJ0mUnAb9yPmJQJg1KfTe06LqkYYTKt/KRQfBI1hHNzeJ9T6OM5LwVZzC
3vYExXh7s8yzcvdSz/8IM9CvHfayhACmdBrb2r9ZfqB38NNaI63s9AehHBoK3BB5
DxMmaJK6SXSOYtqu0rc3Uts+UNkgA/BPpcyzy4l23kBg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org