Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ODBhxY63jXTqeI3s_qJcxSyc6jQ.roa
File:                     ODBhxY63jXTqeI3s_qJcxSyc6jQ.roa (raw, json)
Hash identifier:          fhBI5SmDxXcGqbnUUcuvis0BGQrU/PSvmV0Ewz2OyW0=
Subject key identifier:   38:30:61:C5:8E:B7:8D:74:EA:78:8D:EC:FE:A2:5C:C5:2C:9C:EA:34
Certificate issuer:       /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial:       019130B0E447B11D9CDB465D0008D55EFF02
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ODBhxY63jXTqeI3s_qJcxSyc6jQ.roa
Signing time:             Thu 08 Aug 2024 06:33:04 +0000
ROA not before:           Thu 08 Aug 2024 06:33:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212238
IP address blocks:        103.125.77.0/24 maxlen: 24
                          103.125.78.0/24 maxlen: 24
                          103.125.79.0/24 maxlen: 24
                          167.160.16.0/24 maxlen: 24
                          167.160.17.0/24 maxlen: 24
                          167.160.29.0/24 maxlen: 24
                          198.55.28.0/24 maxlen: 24
                          198.55.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 20 Sep 2024 11:03:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:30:b0:e4:47:b1:1d:9c:db:46:5d:00:08:d5:5e:ff:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
        Validity
            Not Before: Aug  8 06:33:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=383061c58eb78d74ea788decfea25cc52c9cea34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a5:ae:42:3f:f4:c5:62:81:08:97:92:5b:7a:
                    99:d6:98:cb:6f:68:4e:f3:59:24:bf:6b:53:54:f1:
                    76:90:94:cb:11:95:6b:fd:4b:45:68:88:27:4f:06:
                    95:2e:5f:c5:f9:d8:f4:fd:23:de:fe:69:32:a1:42:
                    e8:4a:b8:2a:e2:0c:b7:bc:d3:13:d2:a8:c9:67:3a:
                    9c:90:8a:a1:24:47:d0:1b:23:5a:db:47:48:da:be:
                    e1:96:18:e7:2e:7a:d0:fe:6d:b7:af:42:a5:08:ea:
                    10:ba:9b:1a:71:48:fe:77:ea:8f:ea:95:49:92:b1:
                    04:b7:d6:1b:a4:e8:6a:a2:9c:1f:8b:21:9d:33:0e:
                    e0:fd:f3:35:f9:ab:59:20:8f:1a:d2:99:8d:dc:94:
                    7f:a5:12:50:d6:7f:d2:34:8f:64:05:c7:0e:bb:42:
                    27:78:98:be:21:99:85:6e:7d:ab:6e:3e:00:e7:8a:
                    fa:34:d7:c1:3e:ad:33:73:c3:c7:bc:55:e4:45:f3:
                    90:fb:39:0d:23:2b:0f:26:8c:48:c0:ca:6d:90:bc:
                    fc:ae:e4:22:83:bb:9d:5e:e9:0e:bb:98:fa:2f:f5:
                    c3:01:d7:f3:f6:25:c8:e2:61:53:3c:25:43:01:d1:
                    45:38:89:e6:5d:4d:6e:19:00:9d:4f:ff:2c:b2:67:
                    e2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:30:61:C5:8E:B7:8D:74:EA:78:8D:EC:FE:A2:5C:C5:2C:9C:EA:34
            X509v3 Authority Key Identifier:
                keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ODBhxY63jXTqeI3s_qJcxSyc6jQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.125.77.0-103.125.79.255
                  167.160.16.0/23
                  167.160.29.0/24
                  198.55.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9e:9e:ec:65:b9:aa:eb:2b:c4:91:ba:d6:b6:31:d4:bc:dc:df:
         1e:fd:d6:79:e8:c8:c9:b4:1f:96:e6:61:2b:a8:a6:dd:74:2f:
         9d:05:c3:59:fb:a4:11:51:67:1f:cd:d7:45:74:6f:5c:ba:e6:
         62:e7:2f:7c:db:0a:32:a2:32:a0:61:f8:09:4c:94:bd:bf:25:
         0e:cc:7e:5f:10:d2:ab:4b:93:a3:8e:b8:71:6c:b7:e7:f1:26:
         d5:36:c4:66:fd:bf:17:6c:06:80:68:f4:89:ac:37:ec:e6:af:
         f0:1c:94:2c:c4:0d:82:0a:74:32:63:8c:bd:25:2e:32:d3:f3:
         f5:ee:7f:60:e6:6c:ce:3b:17:37:35:9b:bc:7a:02:b5:84:63:
         96:b1:e3:72:c1:8b:e9:3c:35:2b:59:31:83:6a:8a:6f:a4:3f:
         e9:10:4f:cd:be:fd:3a:db:ff:50:10:cc:ca:03:d6:2c:73:ba:
         c3:e7:bc:4b:42:b6:ed:be:ae:6d:ea:3c:0b:c3:c8:d9:68:65:
         0c:7a:2c:3e:e6:c2:4c:3e:84:ee:6e:e1:30:f8:30:88:e2:cc:
         5b:63:d9:bb:cb:c5:a2:1a:56:d5:f7:7c:6b:25:80:48:bf:7a:
         03:bc:80:b6:3f:01:91:b6:de:9b:51:d1:68:b5:78:e1:ae:29:
         58:84:ce:5c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZEwsORHsR2c20ZdAAjVXv8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwODA4MDYzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODMwNjFjNThlYjc4ZDc0ZWE3ODhkZWNmZWEyNWNjNTJjOWNlYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6WuQj/0xWKBCJeSW3qZ1pjLb2hO
81kkv2tTVPF2kJTLEZVr/UtFaIgnTwaVLl/F+dj0/SPe/mkyoULoSrgq4gy3vNMT
0qjJZzqckIqhJEfQGyNa20dI2r7hlhjnLnrQ/m23r0KlCOoQupsacUj+d+qP6pVJ
krEEt9YbpOhqopwfiyGdMw7g/fM1+atZII8a0pmN3JR/pRJQ1n/SNI9kBccOu0In
eJi+IZmFbn2rbj4A54r6NNfBPq0zc8PHvFXkRfOQ+zkNIysPJoxIwMptkLz8ruQi
g7udXukOu5j6L/XDAdfz9iXI4mFTPCVDAdFFOInmXU1uGQCdT/8ssmfi2QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDgwYcWOt4106niN7P6iXMUsnOo0MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvT0RCaHhZNjNqWFRxZUkzc19xSmN4U3ljNmpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABnfU0D
BARnfUADBAGnoBADBACnoB0DBAHGNxwwDQYJKoZIhvcNAQELBQADggEBAJ6e7GW5
qusrxJG61rYx1Lzc3x791nnoyMm0H5bmYSuopt10L50Fw1n7pBFRZx/N10V0b1y6
5mLnL3zbCjKiMqBh+AlMlL2/JQ7Mfl8Q0qtLk6OOuHFst+fxJtU2xGb9vxdsBoBo
9ImsN+zmr/AclCzEDYIKdDJjjL0lLjLT8/Xuf2DmbM47Fzc1m7x6ArWEY5ax43LB
i+k8NStZMYNqim+kP+kQT82+/Trb/1AQzMoD1ixzusPnvEtCtu2+rm3qPAvDyNlo
ZQx6LD7mwkw+hO5u4TD4MIjizFtj2bvLxaIaVtX3fGslgEi/egO8gLY/AZG23ptR
0Wi1eOGuKViEzlw=
-----END CERTIFICATE-----
Generated at Fri Sep 20 15:00:18 2024 by rpki-client on console-ams.rpki-client.org