Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/7j5O2pD29wD0V2tYfaayQVDbfd8.roa
File:                     7j5O2pD29wD0V2tYfaayQVDbfd8.roa (raw, json)
Hash identifier:          Ohy3jCfJHZce1Z3M6X5QAfq/fhs5kQhdFw8GeoPgSDs=
Subject key identifier:   EE:3E:4E:DA:90:F6:F7:00:F4:57:6B:58:7D:A6:B2:41:50:DB:7D:DF
Certificate issuer:       /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial:       018BD7F99ABD4A129BF81DFE469057ED9BB7
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/7j5O2pD29wD0V2tYfaayQVDbfd8.roa
Signing time:             Thu 16 Nov 2023 11:52:21 +0000
ROA not before:           Thu 16 Nov 2023 11:52:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43581
IP address blocks:        46.253.143.0/24 maxlen: 24
                          91.211.115.0/24 maxlen: 24
                          193.17.92.0/24 maxlen: 24
                          2a13:a502::/32 maxlen: 32
                          2a13:a500::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d7:f9:9a:bd:4a:12:9b:f8:1d:fe:46:90:57:ed:9b:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
        Validity
            Not Before: Nov 16 11:52:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee3e4eda90f6f700f4576b587da6b24150db7ddf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:6b:42:cb:63:23:30:74:f6:31:b5:d1:10:41:
                    6d:d6:3d:a8:7c:fd:26:80:5b:90:ee:82:0a:5e:b3:
                    39:e3:fb:c0:22:e1:ac:f9:b8:bc:8f:00:67:90:2f:
                    3d:ef:ae:47:16:f4:5f:9f:5d:f0:e7:22:12:a6:e9:
                    9f:75:dd:c9:4f:53:9a:ac:8b:19:cf:61:c8:3e:bc:
                    33:0b:2d:bc:6b:84:af:29:41:bf:62:51:89:7d:cc:
                    7d:12:ca:cb:ed:f9:96:f9:96:a6:b4:c5:b1:27:10:
                    66:76:74:49:c3:94:24:98:53:28:a4:93:3b:e9:e7:
                    7b:1f:a7:04:cf:46:b1:c9:2f:37:bb:6a:47:27:07:
                    b3:82:5f:67:56:d9:0a:ba:f3:2b:00:cc:b2:a7:23:
                    31:02:55:9a:b8:29:5a:4b:4a:a0:cf:6e:6c:ad:f1:
                    f0:50:9b:fa:c1:76:9d:b8:e1:db:c7:98:32:5b:0a:
                    b7:af:ae:e2:eb:ee:ef:ba:34:3e:cb:53:1e:82:ce:
                    31:3e:a9:5e:3b:0b:fd:0c:8f:c4:7c:b5:f2:3b:e3:
                    8e:35:da:e6:22:69:d3:65:86:b3:d3:30:a8:ac:01:
                    db:50:c6:7d:0e:4c:52:7a:0c:d3:41:0b:f2:b3:bd:
                    a7:f3:89:ce:20:08:6a:b0:73:17:96:30:bc:08:3a:
                    f9:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:3E:4E:DA:90:F6:F7:00:F4:57:6B:58:7D:A6:B2:41:50:DB:7D:DF
            X509v3 Authority Key Identifier:
                keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/7j5O2pD29wD0V2tYfaayQVDbfd8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.253.143.0/24
                  91.211.115.0/24
                  193.17.92.0/24
                IPv6:
                  2a13:a500::/32
                  2a13:a502::/32

    Signature Algorithm: sha256WithRSAEncryption
         0e:c5:6f:71:87:38:72:06:42:e7:76:c3:ee:6b:18:72:4d:90:
         29:d4:6e:16:19:a9:34:77:9b:42:50:fa:89:b6:05:f8:53:a7:
         fb:a6:2f:64:71:c5:4a:69:2b:7a:fb:f8:ad:97:44:ea:d6:45:
         ef:7b:a9:e8:27:fb:c8:56:d4:9e:fb:f9:fc:0b:08:f5:4c:7d:
         aa:37:47:00:cc:21:78:2a:23:5a:89:76:50:18:9b:6e:ba:b3:
         e8:a2:cc:d7:28:c5:ec:60:73:06:a9:69:c2:44:37:c8:fc:1c:
         97:2a:a8:e1:68:1c:bc:a1:b3:30:f1:71:f1:d8:95:92:24:11:
         bf:4b:30:3c:85:e4:ec:e0:86:a0:bc:2a:57:52:46:f6:69:90:
         d5:78:4c:cf:4f:db:34:60:fa:64:dc:33:d7:92:c3:6c:68:b3:
         62:f2:1e:66:75:9c:80:2b:01:b3:5d:68:3a:07:8f:ee:ed:d4:
         e3:4c:83:6b:07:dd:51:a2:99:7a:aa:96:46:f0:31:29:d9:8a:
         df:67:1e:d1:15:de:9c:bd:63:89:b1:05:81:0d:5e:f1:88:99:
         33:36:04:cf:d3:68:c7:58:20:3b:14:c4:1b:db:88:29:80:01:
         cf:d0:59:0d:3d:30:ee:d6:bd:56:82:39:38:ac:ad:81:04:81:
         e6:b4:35:5f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYvX+Zq9ShKb+B3+RpBX7Zu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjMxMTE2MTE1MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTNlNGVkYTkwZjZmNzAwZjQ1NzZiNTg3ZGE2YjI0MTUwZGI3ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GtCy2MjMHT2MbXREEFt1j2ofP0m
gFuQ7oIKXrM54/vAIuGs+bi8jwBnkC89765HFvRfn13w5yISpumfdd3JT1OarIsZ
z2HIPrwzCy28a4SvKUG/YlGJfcx9EsrL7fmW+ZamtMWxJxBmdnRJw5QkmFMopJM7
6ed7H6cEz0axyS83u2pHJwezgl9nVtkKuvMrAMyypyMxAlWauClaS0qgz25srfHw
UJv6wXaduOHbx5gyWwq3r67i6+7vujQ+y1Megs4xPqleOwv9DI/EfLXyO+OONdrm
ImnTZYaz0zCorAHbUMZ9DkxSegzTQQvys72n84nOIAhqsHMXljC8CDr5YwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFO4+TtqQ9vcA9FdrWH2mskFQ233fMB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvN2o1TzJwRDI5d0QwVjJ0WWZhYXlRVkRiZmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALv2PAwQA
W9NzAwQAwRFcMBQEAgACMA4DBQAqE6UAAwUAKhOlAjANBgkqhkiG9w0BAQsFAAOC
AQEADsVvcYc4cgZC53bD7msYck2QKdRuFhmpNHebQlD6ibYF+FOn+6YvZHHFSmkr
evv4rZdE6tZF73up6Cf7yFbUnvv5/AsI9Ux9qjdHAMwheCojWol2UBibbrqz6KLM
1yjF7GBzBqlpwkQ3yPwclyqo4WgcvKGzMPFx8diVkiQRv0swPIXk7OCGoLwqV1JG
9mmQ1XhMz0/bNGD6ZNwz15LDbGizYvIeZnWcgCsBs11oOgeP7u3U40yDawfdUaKZ
eqqWRvAxKdmK32ce0RXenL1jibEFgQ1e8YiZMzYEz9Nox1ggOxTEG9uIKYABz9BZ
DT0w7ta9VoI5OKytgQSB5rQ1Xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:28 2024 by rpki-client on console-ams.rpki-client.org