Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/iaLvnfcSXD4u7d29m5vOOw2zdsc.roa
File:                     iaLvnfcSXD4u7d29m5vOOw2zdsc.roa (raw, json)
Hash identifier:          QVT73oTWNFW4npo53WMIUnGpHUCQDXZqyVafTkmlqVQ=
Subject key identifier:   89:A2:EF:9D:F7:12:5C:3E:2E:ED:DD:BD:9B:9B:CE:3B:0D:B3:76:C7
Certificate issuer:       /CN=5f5ed9921c63bf10db084bad332ea9ff9f8199e6
Certificate serial:       018C8D0E107D9EC7D8BB9FB319F2B05D9FE3
Authority key identifier: 5F:5E:D9:92:1C:63:BF:10:DB:08:4B:AD:33:2E:A9:FF:9F:81:99:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/iaLvnfcSXD4u7d29m5vOOw2zdsc.roa
Signing time:             Thu 21 Dec 2023 15:45:58 +0000
ROA not before:           Thu 21 Dec 2023 15:45:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        2a14:4e87:1001::/48 maxlen: 48
                          2a14:4e87:1010::/48 maxlen: 48
                          2a14:4e87:1020::/48 maxlen: 48
                          2a14:4e87:1000::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8d:0e:10:7d:9e:c7:d8:bb:9f:b3:19:f2:b0:5d:9f:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f5ed9921c63bf10db084bad332ea9ff9f8199e6
        Validity
            Not Before: Dec 21 15:45:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89a2ef9df7125c3e2eedddbd9b9bce3b0db376c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:93:82:e6:38:26:79:f2:ec:3c:50:9d:d4:ff:
                    da:9f:4d:44:44:22:83:cb:1d:1e:94:86:17:9a:96:
                    fa:13:60:9d:14:78:d6:89:47:59:c5:56:5f:63:fa:
                    2b:be:d4:a9:49:2e:91:9f:8f:61:67:87:d2:9c:57:
                    ec:d3:74:95:32:b5:76:03:ed:3b:69:0d:5c:b9:1c:
                    bb:33:1b:e1:53:f8:1f:f6:70:6f:d2:a3:a3:29:52:
                    e8:d1:58:70:26:ff:df:1a:4d:75:75:3a:76:f9:03:
                    a7:65:51:40:c1:f2:d8:da:8d:55:fd:d8:18:3d:d9:
                    a3:80:d4:9e:01:98:70:52:a5:cc:09:b9:04:ae:34:
                    04:93:ce:b7:50:28:aa:3c:54:97:3f:24:d9:3b:58:
                    ad:16:12:6a:ff:c3:46:b4:95:25:c0:c2:6f:35:71:
                    0e:0d:e8:3b:26:20:53:b7:3a:d3:c1:02:fc:f9:cf:
                    b1:4f:7b:1d:bb:48:d5:98:84:e4:0a:8b:32:d7:08:
                    b5:36:0d:51:6a:31:98:88:e4:be:0b:04:a6:d4:d2:
                    e2:90:5a:d0:5d:71:ed:a4:b4:6a:e5:4c:0c:6c:35:
                    52:36:06:3c:c1:06:ff:77:36:0f:75:48:d6:4a:55:
                    c0:92:33:91:cb:cd:70:7b:01:b3:dd:bd:7d:12:7d:
                    1f:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:A2:EF:9D:F7:12:5C:3E:2E:ED:DD:BD:9B:9B:CE:3B:0D:B3:76:C7
            X509v3 Authority Key Identifier:
                keyid:5F:5E:D9:92:1C:63:BF:10:DB:08:4B:AD:33:2E:A9:FF:9F:81:99:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/iaLvnfcSXD4u7d29m5vOOw2zdsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/X17ZkhxjvxDbCEutMy6p_5-BmeY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:4e87:1000::/47
                  2a14:4e87:1010::/48
                  2a14:4e87:1020::/48

    Signature Algorithm: sha256WithRSAEncryption
         a7:db:d5:27:05:9d:be:e4:c9:db:96:1d:a7:f0:7e:e1:5d:6b:
         f0:a2:e4:e3:5a:5a:ad:e0:86:1b:12:b4:b6:9e:85:fe:84:51:
         32:d1:66:7b:26:1f:e6:1c:c5:d3:cc:91:81:cd:d2:0f:3f:ba:
         7c:95:47:98:ee:ad:6f:2d:af:b4:39:82:2f:7e:0b:43:5b:33:
         2e:18:2a:c0:6e:47:ce:18:e6:f8:92:44:df:18:fe:d1:7b:35:
         0c:83:07:9d:14:3b:d1:9a:58:79:06:f6:51:ef:70:3d:69:83:
         39:4e:f0:b7:82:e4:1d:a2:33:5e:67:ed:b2:93:3a:7e:43:db:
         93:30:60:ee:71:29:84:c2:62:1c:ca:14:55:af:51:0b:4d:d6:
         80:9e:98:d5:6d:4b:63:e1:6e:13:dd:37:e8:38:7a:ed:1d:92:
         9c:75:c8:04:1f:a0:38:4f:c0:d0:3a:06:1d:b6:17:6a:31:ef:
         0a:45:76:c6:8f:05:0f:58:74:9b:8c:1e:c8:2e:0d:bc:c0:4f:
         de:1a:5e:9b:b4:fa:da:fd:11:62:d9:58:11:41:a2:49:cc:d8:
         4f:bd:a7:46:34:c1:99:ed:7e:d8:91:f8:0d:6b:4a:89:09:81:
         c5:f7:d5:12:2c:e5:1c:58:ee:eb:c9:4a:9c:db:17:62:a2:b5:
         c7:bc:7a:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYyNDhB9nsfYu5+zGfKwXZ/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNWVkOTkyMWM2M2JmMTBkYjA4NGJhZDMzMmVhOWZmOWY4
MTk5ZTYwHhcNMjMxMjIxMTU0NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWEyZWY5ZGY3MTI1YzNlMmVlZGRkYmQ5YjliY2UzYjBkYjM3NmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJOC5jgmefLsPFCd1P/an01ERCKD
yx0elIYXmpb6E2CdFHjWiUdZxVZfY/orvtSpSS6Rn49hZ4fSnFfs03SVMrV2A+07
aQ1cuRy7MxvhU/gf9nBv0qOjKVLo0VhwJv/fGk11dTp2+QOnZVFAwfLY2o1V/dgY
PdmjgNSeAZhwUqXMCbkErjQEk863UCiqPFSXPyTZO1itFhJq/8NGtJUlwMJvNXEO
Deg7JiBTtzrTwQL8+c+xT3sdu0jVmITkCosy1wi1Ng1RajGYiOS+CwSm1NLikFrQ
XXHtpLRq5UwMbDVSNgY8wQb/dzYPdUjWSlXAkjORy81wewGz3b19En0fzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFImi7533Elw+Lu3dvZubzjsNs3bHMB8GA1UdIwQY
MBaAFF9e2ZIcY78Q2whLrTMuqf+fgZnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDE3WmtoeGp2eERiQ0V1dE15NnBfNS1CbWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9kZjBiN2EtNjhiMy00N2Q1LWI2NzEt
ZGYyN2YxMGM3MDk3LzEvaWFMdm5mY1NYRDR1N2QyOW01dk9PdzJ6ZHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9kZjBiN2EtNjhiMy00N2Q1LWI2NzEtZGYyN2YxMGM3MDk3
LzEvWDE3WmtoeGp2eERiQ0V1dE15NnBfNS1CbWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKhROhxAA
AwcAKhROhxAQAwcAKhROhxAgMA0GCSqGSIb3DQEBCwUAA4IBAQCn29UnBZ2+5Mnb
lh2n8H7hXWvwouTjWlqt4IYbErS2noX+hFEy0WZ7Jh/mHMXTzJGBzdIPP7p8lUeY
7q1vLa+0OYIvfgtDWzMuGCrAbkfOGOb4kkTfGP7RezUMgwedFDvRmlh5BvZR73A9
aYM5TvC3guQdojNeZ+2ykzp+Q9uTMGDucSmEwmIcyhRVr1ELTdaAnpjVbUtj4W4T
3TfoOHrtHZKcdcgEH6A4T8DQOgYdthdqMe8KRXbGjwUPWHSbjB7ILg28wE/eGl6b
tPra/RFi2VgRQaJJzNhPvadGNMGZ7X7YkfgNa0qJCYHF99USLOUcWO7ryUqc2xdi
orXHvHor
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:17 2024 by rpki-client on console-ams.rpki-client.org