Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/IlHi6KXNYeRSHZzHgTuUs5I75Rc.roa
File:                     IlHi6KXNYeRSHZzHgTuUs5I75Rc.roa (raw, json)
Hash identifier:          F7c7Qjmnlx44KMfyDQ6/zWGj4HC/+1blrLIAJSIvpHk=
Subject key identifier:   22:51:E2:E8:A5:CD:61:E4:52:1D:9C:C7:81:3B:94:B3:92:3B:E5:17
Certificate issuer:       /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial:       018CC64A08F1EF51A3CEAA1E15BED2F88618
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/IlHi6KXNYeRSHZzHgTuUs5I75Rc.roa
Signing time:             Mon 01 Jan 2024 18:29:49 +0000
ROA not before:           Mon 01 Jan 2024 18:29:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60721
IP address blocks:        31.133.82.0/24 maxlen: 24
                          31.133.83.0/24 maxlen: 24
                          31.133.80.0/24 maxlen: 24
                          31.133.81.0/24 maxlen: 24
                          176.103.224.0/24 maxlen: 24
                          176.103.225.0/24 maxlen: 24
                          176.103.226.0/24 maxlen: 24
                          31.133.88.0/24 maxlen: 24
                          31.133.89.0/24 maxlen: 24
                          31.133.90.0/24 maxlen: 24
                          31.133.91.0/24 maxlen: 24
                          176.103.227.0/24 maxlen: 24
                          176.103.232.0/24 maxlen: 24
                          176.103.233.0/24 maxlen: 24
                          176.103.234.0/24 maxlen: 24
                          176.103.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 11:19:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:08:f1:ef:51:a3:ce:aa:1e:15:be:d2:f8:86:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
        Validity
            Not Before: Jan  1 18:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2251e2e8a5cd61e4521d9cc7813b94b3923be517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:bc:5f:1c:f4:f0:c1:21:8d:2a:a5:71:90:23:
                    f6:cb:17:88:f4:11:9a:e5:6a:35:07:86:62:7a:94:
                    cc:3b:3f:37:47:79:e7:66:cc:1f:13:48:19:72:22:
                    43:5a:3c:2f:78:62:d0:17:dd:84:35:6d:c5:3d:2e:
                    c6:b4:44:3a:b0:46:a6:87:a3:57:03:d4:4f:6a:ff:
                    9d:e1:60:9c:d6:9b:a2:db:94:db:91:af:ba:2d:1f:
                    1f:dd:4e:52:69:36:fb:e0:da:a3:a3:03:d3:53:87:
                    e6:5f:25:85:47:75:f5:14:24:8d:7d:78:12:7f:d9:
                    9a:5a:70:69:44:7c:ff:fc:3c:8f:14:a0:66:27:e5:
                    92:e9:ce:9a:de:cb:b5:b9:91:4c:1f:95:b0:d4:ff:
                    c2:ba:52:17:5d:66:99:aa:cf:3a:e6:66:b2:07:a1:
                    b4:8c:fe:e7:7d:f4:c5:fe:c4:f7:c9:37:fc:a6:24:
                    ca:68:96:2d:7c:bf:86:f3:0b:df:ce:33:d8:09:cd:
                    55:b3:9f:84:4b:1d:7a:9a:27:75:ef:34:5b:3f:e2:
                    b8:92:7f:f3:85:3e:d2:78:bf:88:66:b8:94:76:2a:
                    f4:24:28:f5:62:45:c5:1f:ae:29:6a:eb:0a:45:47:
                    bc:19:cc:5e:dd:b8:dd:64:3b:dd:be:58:1c:90:8a:
                    ea:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:51:E2:E8:A5:CD:61:E4:52:1D:9C:C7:81:3B:94:B3:92:3B:E5:17
            X509v3 Authority Key Identifier:
                keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/IlHi6KXNYeRSHZzHgTuUs5I75Rc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.133.80.0/22
                  31.133.88.0/22
                  176.103.224.0/22
                  176.103.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:d6:31:a0:a6:32:7e:12:68:5c:1c:14:f4:aa:fa:4d:a9:af:
         cc:e1:ff:a6:5e:f3:ce:9b:b3:ae:2c:24:ad:df:16:f4:4d:6e:
         c9:9b:c6:42:74:be:be:0e:30:85:e7:a2:5b:61:05:9c:3b:2e:
         bb:9d:de:03:9c:f8:44:1d:66:13:c4:57:f3:29:f7:62:43:d4:
         43:31:54:b5:9b:4a:f6:73:a0:c1:e8:f5:27:30:f2:50:44:cb:
         1f:fd:a0:ab:f5:29:94:b6:3c:64:bc:91:80:2f:f4:64:52:e5:
         e0:ec:42:23:4e:3d:68:82:37:5b:36:30:7d:63:b0:28:d2:9f:
         7e:ab:67:c0:cb:36:82:73:98:55:64:eb:05:d4:e0:c5:2a:86:
         d5:b0:3f:f3:1b:98:73:32:65:98:40:a3:42:f1:51:fc:04:a6:
         44:9a:fd:00:93:31:76:26:4a:88:83:5d:8c:90:1e:f6:82:b0:
         fc:65:86:bf:d6:e8:f4:3e:f0:92:f9:c0:8a:58:85:d4:cc:c3:
         6e:7f:9e:94:27:b2:ad:74:5e:b2:50:25:a2:f6:bc:7f:ed:db:
         80:03:91:fb:76:0a:e9:de:d4:e2:a2:3b:fd:49:84:12:1e:06:
         5f:31:fd:4e:c0:a5:ee:2f:e8:d6:64:2c:e1:3c:9b:cd:9a:c6:
         a1:e5:35:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSgjx71GjzqoeFb7S+IYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQwMTAxMTgyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjUxZTJlOGE1Y2Q2MWU0NTIxZDljYzc4MTNiOTRiMzkyM2JlNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbxfHPTwwSGNKqVxkCP2yxeI9BGa
5Wo1B4ZiepTMOz83R3nnZswfE0gZciJDWjwveGLQF92ENW3FPS7GtEQ6sEamh6NX
A9RPav+d4WCc1pui25Tbka+6LR8f3U5SaTb74NqjowPTU4fmXyWFR3X1FCSNfXgS
f9maWnBpRHz//DyPFKBmJ+WS6c6a3su1uZFMH5Ww1P/CulIXXWaZqs865mayB6G0
jP7nffTF/sT3yTf8piTKaJYtfL+G8wvfzjPYCc1Vs5+ESx16mid17zRbP+K4kn/z
hT7SeL+IZriUdir0JCj1YkXFH64pausKRUe8Gcxe3bjdZDvdvlgckIrqnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCJR4uilzWHkUh2cx4E7lLOSO+UXMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvSWxIaTZLWE5ZZVJTSFp6SGdUdVVzNUk3NVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4VQAwQC
H4VYAwQCsGfgAwQCsGfoMA0GCSqGSIb3DQEBCwUAA4IBAQBR1jGgpjJ+EmhcHBT0
qvpNqa/M4f+mXvPOm7OuLCSt3xb0TW7Jm8ZCdL6+DjCF56JbYQWcOy67nd4DnPhE
HWYTxFfzKfdiQ9RDMVS1m0r2c6DB6PUnMPJQRMsf/aCr9SmUtjxkvJGAL/RkUuXg
7EIjTj1ogjdbNjB9Y7Ao0p9+q2fAyzaCc5hVZOsF1ODFKobVsD/zG5hzMmWYQKNC
8VH8BKZEmv0AkzF2JkqIg12MkB72grD8ZYa/1uj0PvCS+cCKWIXUzMNuf56UJ7Kt
dF6yUCWi9rx/7duAA5H7dgrp3tTiojv9SYQSHgZfMf1OwKXuL+jWZCzhPJvNmsah
5TUH
-----END CERTIFICATE-----
Generated at Tue Jun 11 16:28:25 2024 by rpki-client on console-ams.rpki-client.org