Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/nIWn1xSZTrsxi0c3B7MP5DPNkdw.roa
File:                     nIWn1xSZTrsxi0c3B7MP5DPNkdw.roa (raw, json)
Hash identifier:          6JIuDFkc3TQEVF+JLO99EZK0bl76//oDXKXgVG3DZaU=
Subject key identifier:   9C:85:A7:D7:14:99:4E:BB:31:8B:47:37:07:B3:0F:E4:33:CD:91:DC
Certificate issuer:       /CN=af09503fcac01769515a19f2dc2657d92fd350df
Certificate serial:       01857079AF6C9033C3DD47550A1EFBA81785
Authority key identifier: AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/nIWn1xSZTrsxi0c3B7MP5DPNkdw.roa
Signing time:             Mon 02 Jan 2023 03:15:00 +0000
ROA not before:           Mon 02 Jan 2023 03:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     553
IP address blocks:        141.10.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:af:6c:90:33:c3:dd:47:55:0a:1e:fb:a8:17:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af09503fcac01769515a19f2dc2657d92fd350df
        Validity
            Not Before: Jan  2 03:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c85a7d714994ebb318b473707b30fe433cd91dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:aa:4a:f2:48:11:19:0b:22:73:89:b5:de:4e:
                    3a:e8:ff:4f:23:60:21:54:78:00:5c:05:d3:2c:b0:
                    d5:88:d4:c0:e3:7c:19:e3:67:19:e2:a7:48:1f:8d:
                    8b:30:36:3a:49:35:05:19:7f:06:cd:cb:b3:f5:67:
                    57:e6:a0:b2:1a:b6:b5:a0:f8:e3:95:8b:ef:56:7a:
                    ab:3f:b1:c7:22:d8:58:41:c0:d4:cf:dc:c6:6a:fd:
                    a3:c9:8d:b5:2a:71:b8:24:ee:c3:44:8b:93:44:ad:
                    bd:a1:76:b6:8d:70:1c:21:a9:5f:fd:19:4a:47:08:
                    73:62:9f:09:2b:e7:54:88:5f:e2:8b:b9:7a:9f:ee:
                    8b:31:d4:71:93:75:83:72:27:50:80:7c:d1:0c:b4:
                    3e:13:85:30:37:ec:1f:07:3d:2c:63:a3:65:4e:c9:
                    7c:c5:08:15:ef:e5:a8:20:16:5f:14:8a:e9:0b:ee:
                    f4:6b:df:7f:02:0a:0c:48:3e:95:c6:fe:a5:c3:8e:
                    dd:c7:b6:83:f0:50:73:3a:eb:58:ae:82:6c:64:7c:
                    86:eb:3b:43:c9:79:df:c9:06:3a:b3:24:bc:28:62:
                    42:9d:16:e3:be:51:cb:cc:5b:54:17:30:17:96:8d:
                    91:4d:08:f9:d9:1f:ea:38:ed:f5:2f:cb:10:e2:c3:
                    1e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:85:A7:D7:14:99:4E:BB:31:8B:47:37:07:B3:0F:E4:33:CD:91:DC
            X509v3 Authority Key Identifier:
                keyid:AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/nIWn1xSZTrsxi0c3B7MP5DPNkdw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.10.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0c:ea:ae:2e:36:cb:a9:ee:53:07:ea:51:ea:af:2a:36:45:4d:
         c4:c2:40:77:25:ed:29:2c:4f:de:4f:a6:b6:98:3f:28:f0:7d:
         89:cc:18:3c:ed:f9:59:86:72:9a:56:a9:be:cd:f8:d1:75:2d:
         fb:d6:7f:91:e5:e8:39:d8:53:f0:c2:70:4f:dd:a1:5c:e5:0d:
         8e:43:44:8c:65:e3:87:05:99:80:d6:26:da:2b:5a:1e:df:3c:
         a7:88:24:ba:06:04:6d:6f:ab:9d:86:61:9e:a7:15:57:c0:a3:
         aa:43:80:36:7c:88:59:46:be:ce:2b:33:66:84:b8:41:f6:94:
         86:28:8e:4e:0d:6c:0e:01:bd:e1:e7:52:58:eb:2f:6c:3e:be:
         a1:1e:84:9c:4b:fb:c1:d4:c9:7e:76:5b:cb:2a:33:ef:f1:61:
         ca:3d:3d:5a:75:c2:7c:f1:9e:40:7f:86:96:6c:ad:f5:34:c5:
         26:4c:55:18:c4:e4:ba:e5:f2:3f:5d:f1:66:95:26:7e:cb:20:
         2a:71:6d:10:ba:d5:77:66:1c:45:d4:fc:e8:61:bc:9b:82:08:
         95:5e:fc:7e:cf:71:c6:a7:ad:95:ac:da:5d:ed:66:47:3b:2a:
         b6:6d:d1:06:c0:3f:4b:52:16:3c:73:96:4e:56:f6:db:a9:a5:
         8b:1c:10:66
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVwea9skDPD3UdVCh77qBeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMDk1MDNmY2FjMDE3Njk1MTVhMTlmMmRjMjY1N2Q5MmZk
MzUwZGYwHhcNMjMwMTAyMDMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg1YTdkNzE0OTk0ZWJiMzE4YjQ3MzcwN2IzMGZlNDMzY2Q5MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxapK8kgRGQsic4m13k466P9PI2Ah
VHgAXAXTLLDViNTA43wZ42cZ4qdIH42LMDY6STUFGX8Gzcuz9WdX5qCyGra1oPjj
lYvvVnqrP7HHIthYQcDUz9zGav2jyY21KnG4JO7DRIuTRK29oXa2jXAcIalf/RlK
RwhzYp8JK+dUiF/ii7l6n+6LMdRxk3WDcidQgHzRDLQ+E4UwN+wfBz0sY6NlTsl8
xQgV7+WoIBZfFIrpC+70a99/AgoMSD6Vxv6lw47dx7aD8FBzOutYroJsZHyG6ztD
yXnfyQY6syS8KGJCnRbjvlHLzFtUFzAXlo2RTQj52R/qOO31L8sQ4sMeuwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJyFp9cUmU67MYtHNwezD+QzzZHcMB8GA1UdIwQY
MBaAFK8JUD/KwBdpUVoZ8twmV9kv01DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAt
MTc1MDJkM2RmOTVmLzEvbklXbjF4U1pUcnN4aTBjM0I3TVA1RFBOa2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAtMTc1MDJkM2RmOTVm
LzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjQowDQYJ
KoZIhvcNAQELBQADggEBAAzqri42y6nuUwfqUeqvKjZFTcTCQHcl7SksT95PpraY
PyjwfYnMGDzt+VmGcppWqb7N+NF1LfvWf5Hl6DnYU/DCcE/doVzlDY5DRIxl44cF
mYDWJtorWh7fPKeIJLoGBG1vq52GYZ6nFVfAo6pDgDZ8iFlGvs4rM2aEuEH2lIYo
jk4NbA4BveHnUljrL2w+vqEehJxL+8HUyX52W8sqM+/xYco9PVp1wnzxnkB/hpZs
rfU0xSZMVRjE5Lrl8j9d8WaVJn7LICpxbRC61XdmHEXU/OhhvJuCCJVe/H7Pccan
rZWs2l3tZkc7KrZt0QbAP0tSFjxzlk5W9tuppYscEGY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:13 2024 by rpki-client on console-fra.rpki-client.org