Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/XRr3x33Y-Jtor3wJFPDizDf2nvQ.roa
File:                     XRr3x33Y-Jtor3wJFPDizDf2nvQ.roa (raw, json)
Hash identifier:          d59tDv+W7aM6hOBXHVfKGdMkJ/X4hhgtSTSM+WFeEBs=
Subject key identifier:   5D:1A:F7:C7:7D:D8:F8:9B:68:AF:7C:09:14:F0:E2:CC:37:F6:9E:F4
Certificate issuer:       /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial:       018E09CCCF17C4ACA2C9D2CE1C70FB4EA1E1
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/XRr3x33Y-Jtor3wJFPDizDf2nvQ.roa
Signing time:             Mon 04 Mar 2024 14:10:01 +0000
ROA not before:           Mon 04 Mar 2024 14:10:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60721
IP address blocks:        45.10.56.0/24 maxlen: 24
                          2a07:4a00::/29 maxlen: 29
                          2a0a:37c0::/29 maxlen: 29
                          2a0b:9800::/29 maxlen: 29
                          2a0b:a280::/29 maxlen: 29
                          2a0b:a300::/29 maxlen: 29
                          2a0c:7440::/29 maxlen: 29
                          2a0c:74c0::/29 maxlen: 29
                          2a0c:7540::/29 maxlen: 29
                          2a0d:2cc0::/29 maxlen: 29
                          2a0d:88c0::/29 maxlen: 29
                          2a0f:1180::/29 maxlen: 29
                          2a0f:2380::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 23 May 2024 12:26:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:09:cc:cf:17:c4:ac:a2:c9:d2:ce:1c:70:fb:4e:a1:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
        Validity
            Not Before: Mar  4 14:10:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5d1af7c77dd8f89b68af7c0914f0e2cc37f69ef4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:15:c6:ef:63:e2:8b:a4:d2:0c:ba:0a:72:ef:
                    9d:22:25:66:ae:88:43:15:d0:bd:b5:2e:f5:e2:0f:
                    e4:95:12:fc:3b:6b:a0:bd:5c:96:ee:6d:f8:92:85:
                    d0:4a:ff:38:45:a2:0e:7a:e5:79:50:fa:e4:86:70:
                    8a:29:fa:b1:1a:9a:65:9f:d6:51:8f:46:31:d1:a6:
                    73:eb:5a:0e:0d:c6:e9:21:29:b0:47:f8:0a:09:5b:
                    2d:73:70:24:34:18:13:40:97:86:80:f5:98:55:28:
                    41:a8:e7:11:aa:13:7d:74:fc:4e:4d:6d:dd:d2:0b:
                    96:c1:fa:2c:14:26:e7:5b:7d:34:ca:ad:4a:19:a3:
                    2f:a9:0d:e7:91:ad:7e:1b:cf:95:61:df:27:cc:15:
                    39:cf:da:fa:cb:9c:e4:97:c8:53:89:3c:7c:b0:61:
                    70:8a:21:93:b0:53:2d:3a:34:a2:73:af:0c:22:a7:
                    23:d1:90:4a:06:9a:a1:59:45:83:83:a2:4a:a5:a0:
                    fd:77:d6:9d:b6:24:4d:0c:7c:ac:7d:a3:94:d4:c6:
                    90:0c:fc:e4:42:b7:f1:a9:30:40:3c:d9:80:e9:0e:
                    69:72:df:c5:63:13:c9:ad:6c:c6:77:49:8c:97:1c:
                    99:89:27:ef:03:8e:a6:ee:f2:7b:46:cf:7b:ce:fd:
                    05:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:1A:F7:C7:7D:D8:F8:9B:68:AF:7C:09:14:F0:E2:CC:37:F6:9E:F4
            X509v3 Authority Key Identifier:
                keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/XRr3x33Y-Jtor3wJFPDizDf2nvQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.56.0/24
                IPv6:
                  2a07:4a00::/29
                  2a0a:37c0::/29
                  2a0b:9800::/29
                  2a0b:a280::/29
                  2a0b:a300::/29
                  2a0c:7440::/29
                  2a0c:74c0::/29
                  2a0c:7540::/29
                  2a0d:2cc0::/29
                  2a0d:88c0::/29
                  2a0f:1180::/29
                  2a0f:2380::/29

    Signature Algorithm: sha256WithRSAEncryption
         21:38:9a:24:78:0e:77:2a:08:9e:02:ed:6f:6e:19:fd:06:f8:
         ed:48:e5:f8:31:02:88:3a:f8:a3:3f:8e:a5:f7:de:fd:b5:5a:
         c5:c2:c8:96:90:02:3e:a3:c3:d0:94:a8:25:9f:c1:f5:be:d8:
         c7:68:5a:bb:96:01:f4:a2:01:e7:c8:78:b8:49:f6:1e:48:bd:
         69:cd:45:0d:23:c3:13:6c:57:7d:0c:7b:21:4c:38:56:bc:9f:
         7f:75:d5:b8:6d:5e:62:62:21:8b:e5:86:01:bf:50:ff:2d:1a:
         e6:7f:60:4a:2a:a1:be:3a:82:b7:00:c2:ae:58:71:f2:ac:29:
         5f:59:dd:8b:e3:61:00:23:4b:5e:8f:ac:ce:4f:52:c7:c6:25:
         a4:a9:1e:30:d3:1b:0f:36:02:1b:8d:ad:87:66:ea:86:79:46:
         df:17:b3:a8:b6:ae:1b:25:e7:53:89:e0:bb:94:f9:b0:23:da:
         d4:13:35:cf:fe:b9:41:f9:a2:6b:92:63:20:d4:3d:f3:e6:06:
         76:e3:df:e7:30:b4:77:41:8c:2e:60:76:c2:85:e5:14:a6:20:
         d3:54:38:f6:87:53:46:bb:d7:16:62:0a:33:c4:81:a1:23:84:
         74:4e:2e:60:65:ad:3f:6b:01:0d:e8:54:93:37:8e:67:08:96:
         2d:68:cc:73
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY4JzM8XxKyiydLOHHD7TqHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwMzA0MTQxMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFhZjdjNzdkZDhmODliNjhhZjdjMDkxNGYwZTJjYzM3ZjY5ZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhXG72Pii6TSDLoKcu+dIiVmrohD
FdC9tS714g/klRL8O2ugvVyW7m34koXQSv84RaIOeuV5UPrkhnCKKfqxGppln9ZR
j0Yx0aZz61oODcbpISmwR/gKCVstc3AkNBgTQJeGgPWYVShBqOcRqhN9dPxOTW3d
0guWwfosFCbnW300yq1KGaMvqQ3nka1+G8+VYd8nzBU5z9r6y5zkl8hTiTx8sGFw
iiGTsFMtOjSic68MIqcj0ZBKBpqhWUWDg6JKpaD9d9adtiRNDHysfaOU1MaQDPzk
QrfxqTBAPNmA6Q5pct/FYxPJrWzGd0mMlxyZiSfvA46m7vJ7Rs97zv0F7QIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFF0a98d92PibaK98CRTw4sw39p70MB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvWFJyM3gzM1ktSnRvcjN3SkZQRGl6RGYybnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajAMBAIAATAGAwQALQo4MFoE
AgACMFQDBQMqB0oAAwUDKgo3wAMFAyoLmAADBQMqC6KAAwUDKgujAAMFAyoMdEAD
BQMqDHTAAwUDKgx1QAMFAyoNLMADBQMqDYjAAwUDKg8RgAMFAyoPI4AwDQYJKoZI
hvcNAQELBQADggEBACE4miR4DncqCJ4C7W9uGf0G+O1I5fgxAog6+KM/jqX33v21
WsXCyJaQAj6jw9CUqCWfwfW+2MdoWruWAfSiAefIeLhJ9h5IvWnNRQ0jwxNsV30M
eyFMOFa8n3911bhtXmJiIYvlhgG/UP8tGuZ/YEoqob46grcAwq5YcfKsKV9Z3Yvj
YQAjS16PrM5PUsfGJaSpHjDTGw82AhuNrYdm6oZ5Rt8Xs6i2rhsl51OJ4LuU+bAj
2tQTNc/+uUH5omuSYyDUPfPmBnbj3+cwtHdBjC5gdsKF5RSmINNUOPaHU0a71xZi
CjPEgaEjhHROLmBlrT9rAQ3oVJM3jmcIli1ozHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:24 2024 by rpki-client on console-ams.rpki-client.org