Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/dQosz6oXggkRPFXhZwOmI3llWN8.roa
File:                     dQosz6oXggkRPFXhZwOmI3llWN8.roa (raw, json)
Hash identifier:          T2Qy0LXObJ/ilc3Rv0vY3plxviUbB6/Fr4Dlpmy7eRQ=
Subject key identifier:   75:0A:2C:CF:AA:17:82:09:11:3C:55:E1:67:03:A6:23:79:65:58:DF
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0186B783E85EB6C7437CE9D03C1EE5DBAA3E
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/dQosz6oXggkRPFXhZwOmI3llWN8.roa
Signing time:             Mon 06 Mar 2023 15:22:00 +0000
ROA not before:           Mon 06 Mar 2023 15:22:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8220
IP address blocks:        64.137.12.0/23 maxlen: 23
                          64.137.20.0/23 maxlen: 23
                          64.137.24.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b7:83:e8:5e:b6:c7:43:7c:e9:d0:3c:1e:e5:db:aa:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Mar  6 15:22:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=750a2ccfaa178209113c55e16703a623796558df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:6e:19:4c:29:af:9a:c5:e7:fe:1a:c0:9b:27:
                    fc:07:10:f8:ac:55:5e:08:ba:3b:17:f5:8b:ff:72:
                    ff:b8:80:be:34:18:de:8f:49:aa:d0:96:82:31:2e:
                    23:f2:66:af:17:11:e1:4d:dd:4b:42:f6:25:39:0b:
                    5d:60:9d:9f:76:4b:62:b8:37:77:35:bb:2c:99:55:
                    8a:56:10:19:31:38:5f:a8:57:cb:8d:8c:4d:d5:9c:
                    6e:d1:a6:f2:1b:12:57:11:40:16:d6:d5:6d:44:f1:
                    ed:bf:55:14:1d:7f:39:90:a0:c2:80:18:e4:0c:af:
                    e8:78:a1:1f:db:97:83:bf:3d:17:0f:b0:cd:fb:47:
                    88:69:05:6d:0a:17:bc:32:b3:83:ee:ab:a6:cb:b9:
                    04:28:e0:5f:33:9f:75:80:82:e7:6e:2f:1e:a0:55:
                    64:37:a2:34:55:78:7d:71:68:9e:4c:6d:28:7a:74:
                    70:78:cb:59:83:7f:d0:69:1d:c2:76:61:5e:61:7e:
                    39:72:7b:59:42:62:39:11:f5:b7:84:94:e2:77:02:
                    fc:3d:25:93:58:5d:a8:cc:d0:7a:22:a9:fe:dc:df:
                    92:1c:19:53:e8:06:a5:f3:41:5e:c7:c2:3b:27:6d:
                    d0:7f:5d:4e:23:33:5b:92:b9:8b:b5:86:d3:b4:df:
                    48:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:0A:2C:CF:AA:17:82:09:11:3C:55:E1:67:03:A6:23:79:65:58:DF
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/dQosz6oXggkRPFXhZwOmI3llWN8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.12.0/23
                  64.137.20.0/23
                  64.137.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:5f:96:bf:28:20:6c:51:4f:5b:4a:49:3d:4c:86:49:9b:85:
         50:a7:54:b1:0a:2e:5c:74:d3:f5:1b:b2:13:41:01:af:51:d7:
         c5:f8:9f:60:2d:6c:1b:7b:d5:d3:94:ee:6b:39:b5:ad:f8:5d:
         91:21:bf:7b:a6:b6:d9:f6:d2:f6:c5:41:5e:a5:de:45:fd:49:
         9b:e2:76:87:21:a5:56:e2:5b:1b:37:c9:39:e4:bf:97:a4:70:
         7d:10:47:15:2e:b5:48:9f:12:fe:01:29:95:4a:28:dc:39:1b:
         64:80:dc:ea:cf:7a:b8:85:d4:9e:5a:66:1d:1c:f0:eb:35:4d:
         50:3c:cc:f9:31:fc:84:62:52:cf:22:4d:cb:45:d5:12:81:e8:
         87:71:96:c5:29:0e:a6:5c:b1:93:d9:09:8a:d6:5e:ef:9e:6e:
         be:3c:b8:6c:c3:f5:2a:ec:55:db:f3:95:1a:08:98:3f:db:6f:
         88:cd:81:a3:5d:d8:34:84:aa:d4:86:e3:3e:06:21:61:89:7d:
         80:f6:8a:de:9e:e1:ca:8a:b9:46:c3:d6:86:7c:92:ee:04:26:
         b2:28:11:72:fa:2b:a8:e8:12:02:15:40:6f:1b:06:f6:88:19:
         53:1d:93:6e:99:6f:4e:c7:a6:ee:44:4f:c0:02:98:c4:a1:e0:
         24:ea:b1:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYa3g+hetsdDfOnQPB7l26o+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMzA2MTUyMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBhMmNjZmFhMTc4MjA5MTEzYzU1ZTE2NzAzYTYyMzc5NjU1OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm4ZTCmvmsXn/hrAmyf8BxD4rFVe
CLo7F/WL/3L/uIC+NBjej0mq0JaCMS4j8mavFxHhTd1LQvYlOQtdYJ2fdktiuDd3
NbssmVWKVhAZMThfqFfLjYxN1Zxu0abyGxJXEUAW1tVtRPHtv1UUHX85kKDCgBjk
DK/oeKEf25eDvz0XD7DN+0eIaQVtChe8MrOD7qumy7kEKOBfM591gILnbi8eoFVk
N6I0VXh9cWieTG0oenRweMtZg3/QaR3CdmFeYX45cntZQmI5EfW3hJTidwL8PSWT
WF2ozNB6Iqn+3N+SHBlT6Aal80Fex8I7J23Qf11OIzNbkrmLtYbTtN9IRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHUKLM+qF4IJETxV4WcDpiN5ZVjfMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZFFvc3o2b1hnZ2tSUEZYaFp3T21JM2xsV044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBQIkMAwQB
QIkUAwQCQIkYMA0GCSqGSIb3DQEBCwUAA4IBAQBnX5a/KCBsUU9bSkk9TIZJm4VQ
p1SxCi5cdNP1G7ITQQGvUdfF+J9gLWwbe9XTlO5rObWt+F2RIb97prbZ9tL2xUFe
pd5F/Umb4naHIaVW4lsbN8k55L+XpHB9EEcVLrVInxL+ASmVSijcORtkgNzqz3q4
hdSeWmYdHPDrNU1QPMz5MfyEYlLPIk3LRdUSgeiHcZbFKQ6mXLGT2QmK1l7vnm6+
PLhsw/Uq7FXb85UaCJg/22+IzYGjXdg0hKrUhuM+BiFhiX2A9orenuHKirlGw9aG
fJLuBCayKBFy+iuo6BICFUBvGwb2iBlTHZNumW9Ox6buRE/AApjEoeAk6rFI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org