Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/avaiAmYL7oSPgN0CmBnsMp7LR1Q.roa
File:                     avaiAmYL7oSPgN0CmBnsMp7LR1Q.roa (raw, json)
Hash identifier:          QlagyOpGFF9bCfht6fxnSMvN9JrQj8iRTnokuIyIY7s=
Subject key identifier:   6A:F6:A2:02:66:0B:EE:84:8F:80:DD:02:98:19:EC:32:9E:CB:47:54
Certificate issuer:       /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial:       0185BEBA5865DFAFF8317DD629B5A3555554
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/avaiAmYL7oSPgN0CmBnsMp7LR1Q.roa
Signing time:             Tue 17 Jan 2023 07:56:01 +0000
ROA not before:           Tue 17 Jan 2023 07:56:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2077990
IP address blocks:        216.194.80.0/20 maxlen: 32
                          103.211.184.0/23 maxlen: 32
                          103.30.12.0/22 maxlen: 32

Validation:               Failed, certificate revoked on Tue 17 Jan 2023 12:54:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:be:ba:58:65:df:af:f8:31:7d:d6:29:b5:a3:55:55:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
        Validity
            Not Before: Jan 17 07:56:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6af6a202660bee848f80dd029819ec329ecb4754
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:95:73:76:7a:e7:4f:92:5e:08:5d:c6:58:52:
                    cb:ab:82:0d:35:e7:cb:ef:41:e9:61:8d:d3:97:7e:
                    28:d3:bb:c7:1e:e9:c4:5d:1b:fb:73:c8:4b:0f:5b:
                    92:c6:72:32:a8:7a:29:0b:5d:92:43:43:49:ff:63:
                    69:fa:36:4e:49:75:33:82:31:30:e9:f1:ef:c9:73:
                    aa:6a:0d:5c:06:55:9f:c5:35:68:1c:9f:b3:83:c5:
                    87:f9:d4:d2:c2:46:32:24:84:da:f7:3a:e6:93:fb:
                    a4:20:b0:e5:35:db:ea:1b:ad:e4:cf:30:6e:07:92:
                    d2:56:70:b4:fb:ea:ec:f4:92:8c:46:d4:6a:2a:4b:
                    bd:c0:6c:ce:e4:7d:65:57:2b:20:7b:90:cb:04:ff:
                    df:03:07:2b:73:49:da:ee:20:71:54:53:57:3d:5c:
                    e1:92:a1:a2:e6:81:b8:60:23:d9:5b:02:e5:45:ca:
                    0c:c1:7a:d7:70:25:8b:a7:94:e3:d5:ce:ea:af:c2:
                    f4:92:41:0f:71:29:09:bb:9a:64:93:8a:9b:ed:3d:
                    42:d5:db:1d:93:32:2e:37:81:ac:cd:ce:f5:e4:cf:
                    65:32:98:ef:c3:39:1f:5a:36:4b:61:d9:14:17:5b:
                    73:01:fd:8f:c7:db:a4:ca:23:41:b2:b1:3a:da:e5:
                    e0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F6:A2:02:66:0B:EE:84:8F:80:DD:02:98:19:EC:32:9E:CB:47:54
            X509v3 Authority Key Identifier:
                keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/avaiAmYL7oSPgN0CmBnsMp7LR1Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.30.12.0/22
                  103.211.184.0/23
                  216.194.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         71:e1:ce:06:01:8d:a4:03:2b:be:ab:bc:47:e3:40:2c:c5:71:
         33:12:14:9c:d0:df:ae:ce:1c:1b:9f:47:cd:1f:cc:94:f5:2f:
         24:ed:dc:51:f1:e0:5b:09:0a:96:cf:31:ce:23:1f:fc:63:b5:
         93:5a:10:6f:df:d2:c6:78:b5:f2:e4:44:19:be:36:ac:a4:cf:
         93:cd:cf:00:c6:ce:8f:29:0e:c3:eb:9d:dd:9b:52:07:b7:1c:
         0a:bb:3a:b1:5b:e6:db:c8:01:34:21:e6:c6:7e:5c:d7:cd:6c:
         1b:4c:1f:4c:b3:b4:2c:f0:7c:15:85:4b:76:8f:d5:3d:f7:95:
         30:a6:0a:f1:ea:a3:b4:ac:ef:01:3c:bc:6c:4e:25:ab:60:3b:
         c7:2a:21:81:e4:85:38:ff:11:1e:fc:ce:3d:87:a1:53:01:41:
         19:62:ee:b3:d6:72:bc:9d:8e:ab:69:33:10:05:a8:18:14:a1:
         d8:43:db:fc:69:86:67:b6:84:a6:e2:1d:64:12:58:7e:47:b1:
         04:6f:07:b4:69:df:d8:39:af:6d:e5:e0:1e:55:e2:8e:64:9f:
         dd:69:05:8d:7c:40:88:5f:d5:c3:4c:48:37:c1:a9:84:34:93:
         bf:54:24:52:a3:b3:c2:8d:5e:d5:92:6e:5b:39:c6:6f:c1:4d:
         b5:51:a7:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYW+ulhl36/4MX3WKbWjVVVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwMTE3MDc1NjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY2YTIwMjY2MGJlZTg0OGY4MGRkMDI5ODE5ZWMzMjllY2I0NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZVzdnrnT5JeCF3GWFLLq4INNefL
70HpYY3Tl34o07vHHunEXRv7c8hLD1uSxnIyqHopC12SQ0NJ/2Np+jZOSXUzgjEw
6fHvyXOqag1cBlWfxTVoHJ+zg8WH+dTSwkYyJITa9zrmk/ukILDlNdvqG63kzzBu
B5LSVnC0++rs9JKMRtRqKku9wGzO5H1lVysge5DLBP/fAwcrc0na7iBxVFNXPVzh
kqGi5oG4YCPZWwLlRcoMwXrXcCWLp5Tj1c7qr8L0kkEPcSkJu5pkk4qb7T1C1dsd
kzIuN4Gszc715M9lMpjvwzkfWjZLYdkUF1tzAf2Px9ukyiNBsrE62uXgTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGr2ogJmC+6Ej4DdApgZ7DKey0dUMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvYXZhaUFtWUw3b1NQZ04wQ21CbnNNcDdMUjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCZx4MAwQB
Z9O4AwQE2MJQMA0GCSqGSIb3DQEBCwUAA4IBAQBx4c4GAY2kAyu+q7xH40AsxXEz
EhSc0N+uzhwbn0fNH8yU9S8k7dxR8eBbCQqWzzHOIx/8Y7WTWhBv39LGeLXy5EQZ
vjaspM+Tzc8Axs6PKQ7D653dm1IHtxwKuzqxW+bbyAE0IebGflzXzWwbTB9Ms7Qs
8HwVhUt2j9U995Uwpgrx6qO0rO8BPLxsTiWrYDvHKiGB5IU4/xEe/M49h6FTAUEZ
Yu6z1nK8nY6raTMQBagYFKHYQ9v8aYZntoSm4h1kElh+R7EEbwe0ad/YOa9t5eAe
VeKOZJ/daQWNfECIX9XDTEg3wamENJO/VCRSo7PCjV7Vkm5bOcZvwU21Uada
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:34 2024 by rpki-client on console-ams.rpki-client.org