Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/iNSK3Ssc7f-Hq-rMHvYpo4WUWHU.roa
File:                     iNSK3Ssc7f-Hq-rMHvYpo4WUWHU.roa (raw, json)
Hash identifier:          CnqZjErwuI0O7Q2Jk2X2I4bBytACOW+aaV1rIAWhqfU=
Subject key identifier:   88:D4:8A:DD:2B:1C:ED:FF:87:AB:EA:CC:1E:F6:29:A3:85:94:58:75
Certificate issuer:       /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial:       01856D53D3DAE8385152EE9BBD20742CD9C1
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/iNSK3Ssc7f-Hq-rMHvYpo4WUWHU.roa
Signing time:             Sun 01 Jan 2023 12:34:48 +0000
ROA not before:           Sun 01 Jan 2023 12:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59458
IP address blocks:        5.149.97.0/24 maxlen: 24
                          5.149.98.0/24 maxlen: 24
                          5.149.96.0/24 maxlen: 24
                          5.149.104.0/24 maxlen: 24
                          5.149.105.0/24 maxlen: 24
                          5.149.99.0/24 maxlen: 24
                          5.149.100.0/24 maxlen: 24
                          5.149.101.0/24 maxlen: 24
                          5.149.102.0/24 maxlen: 24
                          5.149.103.0/24 maxlen: 24
                          5.149.111.0/24 maxlen: 24
                          5.149.107.0/24 maxlen: 24
                          5.149.109.0/24 maxlen: 24
                          5.149.110.0/24 maxlen: 24
                          2a12:2340::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 02 Jan 2023 20:56:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:d3:da:e8:38:51:52:ee:9b:bd:20:74:2c:d9:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
        Validity
            Not Before: Jan  1 12:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88d48add2b1cedff87abeacc1ef629a385945875
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e0:0c:63:d7:b1:96:f8:a2:5a:8a:d8:d5:d5:
                    09:45:24:12:60:61:03:01:d6:e8:a1:30:65:12:ac:
                    04:a4:47:18:9f:89:33:a1:a9:83:f2:19:36:90:e1:
                    40:26:90:17:f3:c5:f9:c6:8b:49:85:8c:1e:df:b5:
                    13:c9:20:8c:11:81:04:fd:20:c8:97:a6:80:31:7c:
                    b0:9f:17:64:54:66:af:82:29:70:03:79:fe:4e:b9:
                    25:39:20:6b:60:ac:fb:32:02:d4:68:b0:07:10:22:
                    e7:11:18:53:8c:be:1d:d5:98:01:e4:12:0f:fa:7c:
                    94:b7:cc:65:d1:ff:2c:67:3b:27:4e:16:87:6d:d7:
                    a8:bf:4e:f7:ab:39:20:d6:98:6b:9e:99:78:55:ec:
                    05:a7:af:d5:a3:46:9f:90:37:54:fb:7f:b5:fd:fe:
                    f9:70:2a:a8:83:99:02:ee:a5:92:15:45:12:52:2a:
                    55:26:a0:c4:6b:70:b5:aa:bb:d5:78:25:15:94:1e:
                    6a:ca:f7:bf:de:c2:71:95:d4:91:89:de:18:7f:a3:
                    a3:13:50:0b:56:4c:c0:bc:db:87:a0:9f:b1:f7:05:
                    e0:35:86:ee:c8:ca:d6:68:a9:88:de:61:71:d3:79:
                    0d:b6:6b:c5:72:0b:d0:bc:b1:fb:92:f5:53:3e:6e:
                    01:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:D4:8A:DD:2B:1C:ED:FF:87:AB:EA:CC:1E:F6:29:A3:85:94:58:75
            X509v3 Authority Key Identifier:
                keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/iNSK3Ssc7f-Hq-rMHvYpo4WUWHU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.149.96.0-5.149.105.255
                  5.149.107.0/24
                  5.149.109.0-5.149.111.255
                IPv6:
                  2a12:2340::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:ac:fa:d4:35:c2:a3:5e:19:bc:6d:02:2c:d8:2e:dd:9c:b3:
         ab:b8:0c:aa:5d:f8:0f:c5:6e:d9:e2:73:ce:43:0c:2a:57:a0:
         9a:d0:8b:38:60:f8:dd:02:84:da:98:a9:c3:0d:08:75:a9:fa:
         a9:44:74:36:cd:eb:a7:42:04:2c:60:ea:11:70:9b:da:6d:7f:
         0c:8c:3c:56:91:14:a2:6b:5a:c4:a1:59:fb:59:0d:5c:f7:74:
         f9:1a:a9:bf:b3:c9:1d:79:6d:0f:99:54:0e:ab:f3:1a:72:68:
         b6:70:8d:7e:3d:a9:04:4e:f7:7d:98:6b:98:80:56:e4:5c:61:
         97:de:f6:22:f1:ff:9d:cc:4d:4d:45:e6:da:32:19:b2:24:a9:
         a2:48:cb:5e:56:b8:91:f0:18:45:ca:89:d2:f5:d1:20:cc:90:
         d7:5e:70:21:fb:f0:40:6b:3c:ff:f9:4c:a1:d4:5b:42:20:dc:
         ca:9c:19:ec:97:37:3c:b1:d0:32:71:48:e3:9a:a4:bc:97:e4:
         c6:0e:41:93:21:d5:d3:3e:98:1e:48:21:4b:6f:57:2c:ed:d2:
         29:42:a4:2d:97:3f:06:bf:a3:55:d6:c1:8f:7d:98:b0:9e:e9:
         1c:3a:b5:1c:c9:6a:60:3f:20:2d:67:45:d7:44:b2:fc:3c:ee:
         fa:d8:12:d2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtU9Pa6DhRUu6bvSB0LNnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwMTAxMTIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ0OGFkZDJiMWNlZGZmODdhYmVhY2MxZWY2MjlhMzg1OTQ1ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOAMY9exlviiWorY1dUJRSQSYGED
AdbooTBlEqwEpEcYn4kzoamD8hk2kOFAJpAX88X5xotJhYwe37UTySCMEYEE/SDI
l6aAMXywnxdkVGavgilwA3n+TrklOSBrYKz7MgLUaLAHECLnERhTjL4d1ZgB5BIP
+nyUt8xl0f8sZzsnThaHbdeov073qzkg1phrnpl4VewFp6/Vo0afkDdU+3+1/f75
cCqog5kC7qWSFUUSUipVJqDEa3C1qrvVeCUVlB5qyve/3sJxldSRid4Yf6OjE1AL
VkzAvNuHoJ+x9wXgNYbuyMrWaKmI3mFx03kNtmvFcgvQvLH7kvVTPm4BUwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIjUit0rHO3/h6vqzB72KaOFlFh1MB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvaU5TSzNTc2M3Zi1IcS1yTUh2WXBvNFdVV0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBAUFlWAD
BAEFlWgDBAAFlWswDAMEAAWVbQMEBAWVYDAPBAIAAjAJAwcAKhIjQAAAMA0GCSqG
SIb3DQEBCwUAA4IBAQCmrPrUNcKjXhm8bQIs2C7dnLOruAyqXfgPxW7Z4nPOQwwq
V6Ca0Is4YPjdAoTamKnDDQh1qfqpRHQ2zeunQgQsYOoRcJvabX8MjDxWkRSia1rE
oVn7WQ1c93T5Gqm/s8kdeW0PmVQOq/Macmi2cI1+PakETvd9mGuYgFbkXGGX3vYi
8f+dzE1NRebaMhmyJKmiSMteVriR8BhFyonS9dEgzJDXXnAh+/BAazz/+Uyh1FtC
INzKnBnslzc8sdAycUjjmqS8l+TGDkGTIdXTPpgeSCFLb1cs7dIpQqQtlz8Gv6NV
1sGPfZiwnukcOrUcyWpgPyAtZ0XXRLL8PO762BLS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:20 2024 by rpki-client on console-fra.rpki-client.org