Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J4c89SZBwFMErAtful_okYJ-1Pg.roa
File:                     J4c89SZBwFMErAtful_okYJ-1Pg.roa (raw, json)
Hash identifier:          0HCq/mi86GGkVBX+R8rCHrssamaYGXOEb2xOllRGbBM=
Subject key identifier:   27:87:3C:F5:26:41:C0:53:04:AC:0B:5F:BA:5F:E8:91:82:7E:D4:F8
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       018C123C783311E387A7AAB60FEAE11AD122
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J4c89SZBwFMErAtful_okYJ-1Pg.roa
Signing time:             Mon 27 Nov 2023 19:23:21 +0000
ROA not before:           Mon 27 Nov 2023 19:23:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8100
IP address blocks:        64.137.54.0/24 maxlen: 24
                          64.137.109.0/24 maxlen: 24
                          64.137.110.0/23 maxlen: 23
                          64.137.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:12:3c:78:33:11:e3:87:a7:aa:b6:0f:ea:e1:1a:d1:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Nov 27 19:23:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27873cf52641c05304ac0b5fba5fe891827ed4f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:9c:e8:2b:bd:16:fa:09:31:34:87:30:57:a1:
                    29:21:12:db:5b:d7:99:40:6b:89:d9:b5:12:d5:39:
                    d3:a8:74:a6:79:25:dd:cf:9d:a3:0e:cf:15:65:87:
                    fe:b2:65:52:2b:28:ad:64:2e:83:25:34:d5:82:d1:
                    4a:8b:db:70:12:de:81:90:9c:3f:09:37:5e:91:5c:
                    87:0f:cb:f0:90:11:96:6c:d2:70:c3:7f:30:02:fd:
                    89:2b:4f:56:47:e6:c3:13:bb:49:34:a3:f1:98:ca:
                    6f:69:08:76:25:37:70:c2:d4:82:e9:e4:ab:b2:d3:
                    4a:c0:ac:92:66:85:4c:86:7b:fd:67:dc:d9:54:bd:
                    ca:49:a3:d4:7f:6c:ed:16:39:8d:ca:d8:66:09:83:
                    eb:c3:90:b2:33:d4:1b:18:0c:88:a2:00:83:8b:92:
                    8e:2b:79:4c:33:a7:07:5b:57:f2:ab:ba:ca:6d:a4:
                    10:e0:8c:fc:48:c9:e7:9c:dc:be:99:35:43:c8:7e:
                    a4:46:37:06:4f:a5:15:2c:c9:f2:e2:4f:0d:5d:ef:
                    c0:93:1d:0b:63:58:52:f7:f6:ac:ef:7b:94:df:5f:
                    88:41:b1:86:c8:0f:b0:4c:14:db:01:fb:3a:87:3e:
                    0a:25:fb:03:1b:e6:c8:cb:cf:48:f9:63:65:d5:fd:
                    83:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:87:3C:F5:26:41:C0:53:04:AC:0B:5F:BA:5F:E8:91:82:7E:D4:F8
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J4c89SZBwFMErAtful_okYJ-1Pg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.9.0/24
                  64.137.54.0/24
                  64.137.109.0-64.137.111.255

    Signature Algorithm: sha256WithRSAEncryption
         37:da:d9:9c:a4:a7:5d:77:2e:a7:b7:bb:f6:4d:ba:eb:22:f3:
         b2:e2:6c:cf:63:71:bf:d5:9d:2c:6d:e8:27:6a:7e:4b:b2:71:
         34:df:7b:79:d4:4d:06:90:92:59:42:d5:a0:7c:27:3a:a8:eb:
         4a:b4:d6:67:42:94:1f:4c:0b:2b:fd:fd:9c:0a:50:33:e8:19:
         80:4a:98:5a:13:6d:8e:a6:4d:ea:fa:4b:e9:46:e3:cd:ac:59:
         e8:3d:40:cd:ac:11:1a:60:bc:da:ea:85:65:cc:58:f5:ba:18:
         f8:ad:df:b5:99:3e:80:8f:f2:1c:25:6e:97:b6:07:f7:2d:a3:
         56:1b:ee:65:4a:44:94:77:4e:f5:0b:2f:02:38:04:87:d5:e2:
         35:61:fd:6e:89:8e:d4:4b:dc:5f:fa:f0:82:98:72:ea:1d:68:
         02:4c:c1:c9:48:a4:5e:ab:c3:c8:e9:e7:6e:d2:f8:42:17:64:
         16:2c:f8:85:85:d0:fc:41:fe:b6:35:93:7f:a4:20:fb:b6:be:
         01:27:3d:64:46:6d:3d:31:e8:02:8f:ef:a0:72:39:c9:22:8f:
         33:22:78:00:1f:f5:81:af:d5:3b:3c:ed:eb:53:00:44:43:15:
         a8:00:a8:c2:3e:d0:70:8d:6e:aa:05:ea:8a:ed:1a:c0:41:4b:
         aa:7f:0a:82
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYwSPHgzEeOHp6q2D+rhGtEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMxMTI3MTkyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzg3M2NmNTI2NDFjMDUzMDRhYzBiNWZiYTVmZTg5MTgyN2VkNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJzoK70W+gkxNIcwV6EpIRLbW9eZ
QGuJ2bUS1TnTqHSmeSXdz52jDs8VZYf+smVSKyitZC6DJTTVgtFKi9twEt6BkJw/
CTdekVyHD8vwkBGWbNJww38wAv2JK09WR+bDE7tJNKPxmMpvaQh2JTdwwtSC6eSr
stNKwKySZoVMhnv9Z9zZVL3KSaPUf2ztFjmNythmCYPrw5CyM9QbGAyIogCDi5KO
K3lMM6cHW1fyq7rKbaQQ4Iz8SMnnnNy+mTVDyH6kRjcGT6UVLMny4k8NXe/Akx0L
Y1hS9/as73uU31+IQbGGyA+wTBTbAfs6hz4KJfsDG+bIy89I+WNl1f2DMwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCeHPPUmQcBTBKwLX7pf6JGCftT4MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSjRjODlTWkJ3Rk1FckF0ZnVsX29rWUotMVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAQIkJAwQA
QIk2MAwDBABAiW0DBARAiWAwDQYJKoZIhvcNAQELBQADggEBADfa2Zykp113Lqe3
u/ZNuusi87LibM9jcb/VnSxt6CdqfkuycTTfe3nUTQaQkllC1aB8Jzqo60q01mdC
lB9MCyv9/ZwKUDPoGYBKmFoTbY6mTer6S+lG482sWeg9QM2sERpgvNrqhWXMWPW6
GPit37WZPoCP8hwlbpe2B/cto1Yb7mVKRJR3TvULLwI4BIfV4jVh/W6JjtRL3F/6
8IKYcuodaAJMwclIpF6rw8jp527S+EIXZBYs+IWF0PxB/rY1k3+kIPu2vgEnPWRG
bT0x6AKP76ByOckijzMieAAf9YGv1Ts87etTAERDFagAqMI+0HCNbqoF6ortGsBB
S6p/CoI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org