Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ecGQfHFVSXKHMvlGFrlJZk88b60.roa
File:                     ecGQfHFVSXKHMvlGFrlJZk88b60.roa (raw, json)
Hash identifier:          HrArEvPZaNb6pFsYTETWyZ1X2piaI2eK4L7vCMLE6bU=
Subject key identifier:   79:C1:90:7C:71:55:49:72:87:32:F9:46:16:B9:49:66:4F:3C:6F:AD
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       01866028964E852C6861F11E7F36138D0005
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ecGQfHFVSXKHMvlGFrlJZk88b60.roa
Signing time:             Fri 17 Feb 2023 16:15:18 +0000
ROA not before:           Fri 17 Feb 2023 16:15:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     133944
IP address blocks:        64.137.124.0/24 maxlen: 24
                          104.239.101.0/24 maxlen: 24
                          104.239.108.0/24 maxlen: 24
                          64.137.66.0/24 maxlen: 24
                          64.137.91.0/24 maxlen: 24
                          64.137.86.0/24 maxlen: 24
                          64.137.88.0/24 maxlen: 24
                          64.137.104.0/24 maxlen: 24
                          64.137.103.0/24 maxlen: 24
                          64.137.106.0/24 maxlen: 24
                          64.137.108.0/24 maxlen: 24
                          64.137.112.0/24 maxlen: 24
                          64.137.118.0/24 maxlen: 24
                          64.137.17.0/24 maxlen: 24
                          216.173.84.0/24 maxlen: 24
                          64.137.38.0/24 maxlen: 24
                          216.173.87.0/24 maxlen: 24
                          104.143.229.0/24 maxlen: 24
                          216.173.103.0/24 maxlen: 24
                          216.173.109.0/24 maxlen: 24
                          138.128.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 21:11:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:60:28:96:4e:85:2c:68:61:f1:1e:7f:36:13:8d:00:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Feb 17 16:15:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=79c1907c715549728732f94616b949664f3c6fad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:1a:92:5d:1c:30:5a:ce:80:dc:8b:d7:f9:3b:
                    3c:d8:b1:b6:1a:b9:6e:25:42:8e:f6:92:26:17:a4:
                    b5:71:8b:d3:24:d1:01:04:f7:b6:f5:9e:d6:c7:a5:
                    b8:d6:5a:86:f3:a4:b3:be:73:08:11:67:8f:d3:73:
                    ec:f1:99:7b:2b:b1:94:10:02:b6:1c:70:36:5d:d5:
                    82:e6:73:70:1b:9a:71:7b:e9:25:11:10:d7:f6:69:
                    30:67:52:d8:35:4d:da:f6:f4:bf:3d:6f:bc:00:ff:
                    0e:2d:58:25:e3:4f:ed:50:82:40:05:4f:29:eb:ab:
                    6a:67:2e:b3:83:42:ab:89:81:df:71:b3:59:e8:63:
                    2b:15:c7:b6:4e:f4:19:9b:36:7a:91:52:0d:f5:dc:
                    d0:99:0f:80:a7:9b:cc:fb:80:52:e3:2f:3f:f2:c1:
                    8e:05:12:99:7c:48:99:ae:69:43:02:13:73:fa:6a:
                    b5:79:b3:23:5b:13:5a:cf:25:95:d3:12:d9:d3:b2:
                    66:59:c4:c8:d1:84:7f:04:4d:3d:b3:f9:e5:39:76:
                    2d:a3:81:2d:73:2f:1d:5d:07:5d:1c:b1:d6:c7:a9:
                    9d:d7:6f:ac:e5:a6:74:96:9a:f5:8a:54:ee:d8:c4:
                    32:19:b4:8e:22:03:e7:16:eb:d9:64:d1:3f:74:f5:
                    a4:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:C1:90:7C:71:55:49:72:87:32:F9:46:16:B9:49:66:4F:3C:6F:AD
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ecGQfHFVSXKHMvlGFrlJZk88b60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.17.0/24
                  64.137.38.0/24
                  64.137.66.0/24
                  64.137.86.0/24
                  64.137.88.0/24
                  64.137.91.0/24
                  64.137.103.0-64.137.104.255
                  64.137.106.0/24
                  64.137.108.0/24
                  64.137.112.0/24
                  64.137.118.0/24
                  64.137.124.0/24
                  104.143.229.0/24
                  104.239.101.0/24
                  104.239.108.0/24
                  138.128.145.0/24
                  216.173.84.0/24
                  216.173.87.0/24
                  216.173.103.0/24
                  216.173.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:41:5f:36:f3:b0:9a:35:aa:fb:a3:e0:e0:19:3f:23:c0:89:
         12:62:f4:81:36:d3:75:7e:56:97:e6:a7:66:26:c4:66:e2:1f:
         e9:ef:52:d5:da:65:18:25:6c:10:fd:8b:86:14:83:52:45:ca:
         6f:a9:9b:f9:a5:62:60:80:27:22:fa:06:42:f4:b5:61:51:9f:
         f8:a9:6e:88:de:2f:db:ae:73:27:35:aa:8a:58:5c:42:8d:00:
         f0:ab:be:e3:b5:db:cc:82:45:37:b0:12:84:16:50:8c:a4:33:
         f1:4d:04:54:4e:55:54:f9:63:73:34:50:95:30:51:31:1b:0b:
         33:ee:b0:e9:87:f4:68:44:09:12:bd:2c:3c:56:09:ee:9b:7c:
         26:d1:11:d8:eb:2d:dd:94:c7:79:77:0c:28:69:f0:6e:78:a6:
         e4:5b:4b:92:93:ef:8e:a2:5c:60:42:28:54:5e:55:68:6f:a9:
         0b:01:40:fc:aa:91:bf:bb:00:ce:34:80:96:de:ee:d2:05:31:
         2b:c5:e4:dc:87:2a:00:38:8c:7e:25:03:b3:b8:53:8a:2e:46:
         a7:0f:25:b7:ee:8d:dc:65:ef:c7:03:54:5d:46:b2:d0:38:c5:
         fb:d4:35:39:fd:2b:b6:bf:33:08:46:3f:d6:4a:ba:d0:32:2c:
         fb:35:93:59
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYZgKJZOhSxoYfEefzYTjQAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMjE3MTYxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWMxOTA3YzcxNTU0OTcyODczMmY5NDYxNmI5NDk2NjRmM2M2ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxqSXRwwWs6A3IvX+Ts82LG2Grlu
JUKO9pImF6S1cYvTJNEBBPe29Z7Wx6W41lqG86SzvnMIEWeP03Ps8Zl7K7GUEAK2
HHA2XdWC5nNwG5pxe+klERDX9mkwZ1LYNU3a9vS/PW+8AP8OLVgl40/tUIJABU8p
66tqZy6zg0KriYHfcbNZ6GMrFce2TvQZmzZ6kVIN9dzQmQ+Ap5vM+4BS4y8/8sGO
BRKZfEiZrmlDAhNz+mq1ebMjWxNazyWV0xLZ07JmWcTI0YR/BE09s/nlOXYto4Et
cy8dXQddHLHWx6md12+s5aZ0lpr1ilTu2MQyGbSOIgPnFuvZZNE/dPWkUQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFHnBkHxxVUlyhzL5Rha5SWZPPG+tMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZWNHUWZIRlZTWEtITXZsR0ZybEpaazg4YjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABA
iREDBABAiSYDBABAiUIDBABAiVYDBABAiVgDBABAiVswDAMEAECJZwMEAECJaAME
AECJagMEAECJbAMEAECJcAMEAECJdgMEAECJfAMEAGiP5QMEAGjvZQMEAGjvbAME
AIqAkQMEANitVAMEANitVwMEANitZwMEANitbTANBgkqhkiG9w0BAQsFAAOCAQEA
F0FfNvOwmjWq+6Pg4Bk/I8CJEmL0gTbTdX5Wl+anZibEZuIf6e9S1dplGCVsEP2L
hhSDUkXKb6mb+aViYIAnIvoGQvS1YVGf+KluiN4v265zJzWqilhcQo0A8Ku+47Xb
zIJFN7AShBZQjKQz8U0EVE5VVPljczRQlTBRMRsLM+6w6Yf0aEQJEr0sPFYJ7pt8
JtER2Ost3ZTHeXcMKGnwbnim5FtLkpPvjqJcYEIoVF5VaG+pCwFA/KqRv7sAzjSA
lt7u0gUxK8Xk3IcqADiMfiUDs7hTii5Gpw8lt+6N3GXvxwNUXUay0DjF+9Q1Of0r
tr8zCEY/1kq60DIs+zWTWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org