Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/544c39-0ef7-41ab-b156-5626b54d1a21/1/LFfBfNmQjeSHQ0HyASoGbYLNRhA.roa
File:                     LFfBfNmQjeSHQ0HyASoGbYLNRhA.roa (raw, json)
Hash identifier:          epmva0bvuCY6ucRhucN+id8M2BE+ZMKn0cTzLM3mhbk=
Subject key identifier:   2C:57:C1:7C:D9:90:8D:E4:87:43:41:F2:01:2A:06:6D:82:CD:46:10
Certificate issuer:       /CN=67f51a25d2f3922524a6a69b1d7d61cd3cc2a8da
Certificate serial:       018571B0EBBB6FF74983856B18114000F207
Authority key identifier: 67:F5:1A:25:D2:F3:92:25:24:A6:A6:9B:1D:7D:61:CD:3C:C2:A8:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z_UaJdLzkiUkpqabHX1hzTzCqNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/544c39-0ef7-41ab-b156-5626b54d1a21/1/LFfBfNmQjeSHQ0HyASoGbYLNRhA.roa
Signing time:             Mon 02 Jan 2023 08:54:58 +0000
ROA not before:           Mon 02 Jan 2023 08:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     553
IP address blocks:        141.62.0.0/16 maxlen: 17

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b0:eb:bb:6f:f7:49:83:85:6b:18:11:40:00:f2:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67f51a25d2f3922524a6a69b1d7d61cd3cc2a8da
        Validity
            Not Before: Jan  2 08:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c57c17cd9908de4874341f2012a066d82cd4610
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5e:4b:f7:4c:95:47:46:c8:30:4f:57:b4:5d:
                    4c:a5:37:b7:ac:ef:5a:9e:3c:6a:90:18:5d:e3:ba:
                    a8:52:4d:f9:25:21:9a:d3:55:6f:ef:b5:3d:86:ca:
                    bf:c9:12:56:d2:38:29:29:26:44:9c:63:ca:b6:8d:
                    5b:aa:8c:df:aa:ff:49:e9:7f:ba:4c:44:ee:2d:80:
                    cb:16:71:34:a5:3a:71:4b:12:03:1e:99:72:ba:01:
                    0d:25:d6:3f:39:0a:4b:63:89:bc:c0:0b:d5:b1:88:
                    dd:ea:97:56:86:df:ae:57:b0:e6:a6:81:06:bf:9a:
                    e7:f4:79:99:d7:3f:c9:95:b9:26:ac:be:13:f8:f4:
                    05:6e:99:63:46:6d:2c:7e:62:f0:3c:09:0e:dd:e3:
                    4f:5b:ac:13:ba:8b:ab:93:e3:b4:e2:8d:b7:2e:ab:
                    cd:ff:a8:82:93:c0:59:23:42:58:7f:3d:52:4e:30:
                    66:d5:65:81:b7:27:68:85:8e:6d:23:da:0f:06:d3:
                    2a:14:35:d5:cf:73:9b:5b:69:72:17:8c:69:73:ff:
                    ee:80:09:ef:59:8e:90:d8:a1:ba:a3:7e:2e:67:4b:
                    47:cc:3d:77:00:df:e7:9a:05:0b:c2:d8:3a:78:97:
                    2d:06:80:a7:54:67:c9:66:15:71:64:84:8a:62:ae:
                    32:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:57:C1:7C:D9:90:8D:E4:87:43:41:F2:01:2A:06:6D:82:CD:46:10
            X509v3 Authority Key Identifier:
                keyid:67:F5:1A:25:D2:F3:92:25:24:A6:A6:9B:1D:7D:61:CD:3C:C2:A8:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_UaJdLzkiUkpqabHX1hzTzCqNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/544c39-0ef7-41ab-b156-5626b54d1a21/1/LFfBfNmQjeSHQ0HyASoGbYLNRhA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/544c39-0ef7-41ab-b156-5626b54d1a21/1/Z_UaJdLzkiUkpqabHX1hzTzCqNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.62.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ba:fd:06:5b:e9:d3:68:c7:fb:80:91:e6:8a:34:83:3b:b6:f7:
         db:aa:6f:bc:34:71:01:30:59:70:9d:18:ac:86:63:28:fa:fa:
         33:f0:0f:84:72:61:ad:f3:e6:61:c2:a1:78:bb:fe:3e:a8:6e:
         47:12:0a:5c:4c:16:a9:e5:7f:97:b0:10:06:d5:ae:59:fd:17:
         50:bb:82:e8:33:3d:25:65:c9:ec:7a:2a:35:7c:1e:96:3b:d9:
         15:d4:07:8b:1e:1c:f4:00:54:bd:a0:2b:da:5a:53:be:a9:29:
         a5:50:3d:13:9a:cc:1b:c9:45:0e:41:c6:2b:43:7b:38:09:6c:
         ac:e3:6b:61:e6:f7:29:42:75:f4:ac:d2:4e:8e:ef:4a:b6:09:
         08:73:00:c5:8f:48:0f:bc:de:e3:13:f4:13:b2:87:98:f8:ba:
         bd:23:e2:65:89:b8:39:1e:c4:c3:b2:5e:72:de:6f:61:f2:f5:
         ba:77:14:d9:2f:f9:88:aa:31:c1:2c:2f:ce:17:3c:ba:37:56:
         ed:46:85:00:06:96:85:3d:3b:eb:5a:0a:0e:66:65:0a:d8:30:
         10:52:9b:2a:af:61:04:60:46:ac:30:9f:f0:66:02:85:e2:92:
         a4:1d:c2:4b:b9:47:b1:45:f5:97:a6:38:5f:c2:35:13:57:57:
         42:d1:46:13
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVxsOu7b/dJg4VrGBFAAPIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjUxYTI1ZDJmMzkyMjUyNGE2YTY5YjFkN2Q2MWNkM2Nj
MmE4ZGEwHhcNMjMwMTAyMDg1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzU3YzE3Y2Q5OTA4ZGU0ODc0MzQxZjIwMTJhMDY2ZDgyY2Q0NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp15L90yVR0bIME9XtF1MpTe3rO9a
njxqkBhd47qoUk35JSGa01Vv77U9hsq/yRJW0jgpKSZEnGPKto1bqozfqv9J6X+6
TETuLYDLFnE0pTpxSxIDHplyugENJdY/OQpLY4m8wAvVsYjd6pdWht+uV7DmpoEG
v5rn9HmZ1z/JlbkmrL4T+PQFbpljRm0sfmLwPAkO3eNPW6wTuourk+O04o23LqvN
/6iCk8BZI0JYfz1STjBm1WWBtydohY5tI9oPBtMqFDXVz3ObW2lyF4xpc//ugAnv
WY6Q2KG6o34uZ0tHzD13AN/nmgULwtg6eJctBoCnVGfJZhVxZISKYq4yAQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFCxXwXzZkI3kh0NB8gEqBm2CzUYQMB8GA1UdIwQY
MBaAFGf1GiXS85IlJKammx19Yc08wqjaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9VYUpkTHpraVVrcHFhYkhYMWh6VHpDcU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81NDRjMzktMGVmNy00MWFiLWIxNTYt
NTYyNmI1NGQxYTIxLzEvTEZmQmZObVFqZVNIUTBIeUFTb0diWUxOUmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy81NDRjMzktMGVmNy00MWFiLWIxNTYtNTYyNmI1NGQxYTIx
LzEvWl9VYUpkTHpraVVrcHFhYkhYMWh6VHpDcU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjT4wDQYJ
KoZIhvcNAQELBQADggEBALr9Blvp02jH+4CR5oo0gzu299uqb7w0cQEwWXCdGKyG
Yyj6+jPwD4RyYa3z5mHCoXi7/j6obkcSClxMFqnlf5ewEAbVrln9F1C7gugzPSVl
yex6KjV8HpY72RXUB4seHPQAVL2gK9paU76pKaVQPROazBvJRQ5BxitDezgJbKzj
a2Hm9ylCdfSs0k6O70q2CQhzAMWPSA+83uMT9BOyh5j4ur0j4mWJuDkexMOyXnLe
b2Hy9bp3FNkv+YiqMcEsL84XPLo3Vu1GhQAGloU9O+taCg5mZQrYMBBSmyqvYQRg
Rqwwn/BmAoXikqQdwku5R7FF9ZemOF/CNRNXV0LRRhM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:15 2024 by rpki-client on console-fra.rpki-client.org