Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/lLP7dW0zg7rI_bDpCFsaNCOeD-E.roa
File:                     lLP7dW0zg7rI_bDpCFsaNCOeD-E.roa (raw, json)
Hash identifier:          afSBoggsS14wmiOpRY8N4Os4cbxc4PEI8LERHGP0ofo=
Subject key identifier:   94:B3:FB:75:6D:33:83:BA:C8:FD:B0:E9:08:5B:1A:34:23:9E:0F:E1
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0186C1812BB15D7D124AD8ECB59B99762063
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/lLP7dW0zg7rI_bDpCFsaNCOeD-E.roa
Signing time:             Wed 08 Mar 2023 13:55:13 +0000
ROA not before:           Wed 08 Mar 2023 13:55:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205964
IP address blocks:        104.239.0.0/23 maxlen: 23
                          104.239.4.0/23 maxlen: 23
                          104.239.2.0/23 maxlen: 23
                          104.239.6.0/23 maxlen: 23
                          104.143.252.0/22 maxlen: 22
                          64.137.70.0/23 maxlen: 23
                          64.137.105.0/24 maxlen: 24
                          64.137.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 17:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c1:81:2b:b1:5d:7d:12:4a:d8:ec:b5:9b:99:76:20:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Mar  8 13:55:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=94b3fb756d3383bac8fdb0e9085b1a34239e0fe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:6d:45:a0:21:8a:16:79:c6:dd:f2:5f:f7:c5:
                    03:00:d0:7e:90:b9:19:89:f9:6b:02:8b:d1:30:f5:
                    c1:29:b3:70:6a:63:eb:c1:4a:7c:e0:38:ae:46:17:
                    22:a5:65:01:ab:40:ea:4d:15:9a:ed:dc:bc:39:53:
                    fd:c2:0d:b2:c9:09:d7:31:fc:11:1f:66:70:7e:90:
                    a9:fc:17:da:60:dc:c1:65:b3:dd:cf:7b:f7:79:ca:
                    b7:10:21:2c:15:a7:81:4f:00:55:50:fa:16:5e:9f:
                    fd:02:f6:58:b7:2c:18:d4:24:e8:d8:bc:ea:0f:44:
                    44:53:1b:d2:b4:c1:c3:3f:b4:7f:55:a9:d5:58:ab:
                    e5:61:0d:34:39:b0:65:ad:9a:18:47:fc:5a:1c:b4:
                    26:c6:2d:33:35:8c:22:97:90:17:d2:81:8a:cc:f0:
                    60:28:09:db:65:ef:9b:c9:b6:68:01:07:c5:5a:3e:
                    a3:9d:ef:b0:12:9f:bc:05:0c:86:79:59:f2:e2:de:
                    b7:4d:45:ed:07:82:7d:10:1b:0b:f8:1a:a8:4d:33:
                    e5:51:31:eb:a4:1d:19:93:ff:f0:2d:36:3b:91:2c:
                    e6:40:cf:86:e8:dd:55:d8:c3:6d:a1:d1:1b:ec:e7:
                    fd:2d:0b:72:d3:26:d4:cb:92:3b:45:6b:a8:9f:43:
                    84:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:B3:FB:75:6D:33:83:BA:C8:FD:B0:E9:08:5B:1A:34:23:9E:0F:E1
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/lLP7dW0zg7rI_bDpCFsaNCOeD-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.137.70.0/23
                  64.137.105.0/24
                  64.137.107.0/24
                  104.143.252.0/22
                  104.239.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         78:89:bb:13:ee:2b:e7:53:98:80:47:f0:86:6e:d5:2a:af:8b:
         90:63:77:50:57:23:56:9e:33:af:c1:ee:01:c0:96:a5:27:f7:
         94:4c:50:68:9a:43:af:fa:f1:9a:68:36:a4:fc:24:6d:fa:0c:
         6b:b9:82:1a:9f:5b:21:6d:52:e2:70:29:2e:71:42:95:fa:16:
         1d:07:bf:24:88:ed:8b:2c:2b:0b:be:4f:e2:3c:77:d5:8e:a8:
         21:22:56:6f:3c:b8:ca:5f:61:04:f1:ff:d7:95:a2:14:10:fb:
         ba:8b:54:bc:d2:af:07:a0:73:92:c0:a9:68:60:4c:8e:98:44:
         59:1a:39:27:05:ae:b5:8a:90:3a:da:1d:f6:0d:ec:81:45:a0:
         fd:4b:fe:61:72:5c:40:c3:a4:71:10:f8:c7:eb:ee:9f:58:9d:
         a1:b3:dc:1e:6a:a4:ad:49:38:25:1a:0f:db:55:98:08:75:2f:
         f5:f9:62:87:33:46:e9:57:95:6f:67:98:69:84:ae:9e:52:1c:
         26:8d:f5:ad:6c:9a:d2:cd:72:07:49:78:ee:00:0c:87:94:c4:
         f8:cb:d1:b7:53:6f:1a:dd:dc:c9:7c:2a:f4:de:ed:8c:30:fa:
         56:e1:2a:82:2b:19:53:c7:30:17:c1:14:58:2f:2a:7f:65:73:
         3e:74:4d:17
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYbBgSuxXX0SStjstZuZdiBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMzA4MTM1NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGIzZmI3NTZkMzM4M2JhYzhmZGIwZTkwODViMWEzNDIzOWUwZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3m1FoCGKFnnG3fJf98UDANB+kLkZ
iflrAovRMPXBKbNwamPrwUp84DiuRhcipWUBq0DqTRWa7dy8OVP9wg2yyQnXMfwR
H2ZwfpCp/BfaYNzBZbPdz3v3ecq3ECEsFaeBTwBVUPoWXp/9AvZYtywY1CTo2Lzq
D0REUxvStMHDP7R/VanVWKvlYQ00ObBlrZoYR/xaHLQmxi0zNYwil5AX0oGKzPBg
KAnbZe+bybZoAQfFWj6jne+wEp+8BQyGeVny4t63TUXtB4J9EBsL+BqoTTPlUTHr
pB0Zk//wLTY7kSzmQM+G6N1V2MNtodEb7Of9LQty0ybUy5I7RWuon0OE4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJSz+3VtM4O6yP2w6QhbGjQjng/hMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvbExQN2RXMHpnN3JJX2JEcENGc2FOQ09lRC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBQIlGAwQA
QIlpAwQAQIlrAwQCaI/8AwQDaO8AMA0GCSqGSIb3DQEBCwUAA4IBAQB4ibsT7ivn
U5iAR/CGbtUqr4uQY3dQVyNWnjOvwe4BwJalJ/eUTFBomkOv+vGaaDak/CRt+gxr
uYIan1shbVLicCkucUKV+hYdB78kiO2LLCsLvk/iPHfVjqghIlZvPLjKX2EE8f/X
laIUEPu6i1S80q8HoHOSwKloYEyOmERZGjknBa61ipA62h32DeyBRaD9S/5hclxA
w6RxEPjH6+6fWJ2hs9weaqStSTglGg/bVZgIdS/1+WKHM0bpV5VvZ5hphK6eUhwm
jfWtbJrSzXIHSXjuAAyHlMT4y9G3U28a3dzJfCr03u2MMPpW4SqCKxlTxzAXwRRY
Lyp/ZXM+dE0X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org