Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/p531JLZ-VGPC1J5JcpBnHv_iS18.roa
File:                     p531JLZ-VGPC1J5JcpBnHv_iS18.roa (raw, json)
Hash identifier:          72zXtANOJfSFYpMIFgRXNpj1Q6i6SzkbLqM8Wj+twIk=
Subject key identifier:   A7:9D:F5:24:B6:7E:54:63:C2:D4:9E:49:72:90:67:1E:FF:E2:4B:5F
Certificate issuer:       /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial:       018750A97047073ACDED4CF37ED4C8CCEA86
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/p531JLZ-VGPC1J5JcpBnHv_iS18.roa
Signing time:             Wed 05 Apr 2023 09:04:54 +0000
ROA not before:           Wed 05 Apr 2023 09:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207990
IP address blocks:        206.204.0.0/20 maxlen: 32
                          206.204.16.0/20 maxlen: 32
                          43.252.28.0/22 maxlen: 32
                          103.211.184.0/23 maxlen: 32
                          206.204.32.0/20 maxlen: 32
                          203.78.168.0/21 maxlen: 32
                          206.204.48.0/20 maxlen: 32
                          37.61.226.0/24 maxlen: 32
                          94.176.48.0/20 maxlen: 32
                          92.255.86.0/23 maxlen: 32
                          216.194.80.0/20 maxlen: 32
                          103.225.128.0/22 maxlen: 32
                          89.223.14.0/23 maxlen: 32
                          89.223.18.0/23 maxlen: 32
                          45.130.120.0/22 maxlen: 32
                          92.255.32.0/21 maxlen: 32
                          103.207.152.0/23 maxlen: 32
                          213.188.64.0/22 maxlen: 32
                          193.151.52.0/22 maxlen: 32
                          116.212.188.0/22 maxlen: 32
                          180.94.216.0/22 maxlen: 32
                          213.188.80.0/20 maxlen: 32
                          85.208.148.0/22 maxlen: 32
                          103.30.12.0/22 maxlen: 32

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 12:41:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:50:a9:70:47:07:3a:cd:ed:4c:f3:7e:d4:c8:cc:ea:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
        Validity
            Not Before: Apr  5 09:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a79df524b67e5463c2d49e497290671effe24b5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c4:ae:26:b3:0c:c2:dd:ba:90:1c:cf:b2:8c:
                    f0:41:df:fe:c4:a2:18:7f:fb:29:41:59:ab:fa:66:
                    be:28:bc:87:f6:72:51:60:72:c6:7b:8f:70:68:15:
                    21:85:8e:14:c0:69:41:6a:66:c1:35:c4:05:d2:28:
                    e4:21:c4:66:62:da:73:95:bb:5a:fa:ac:4c:be:b6:
                    55:8a:29:28:1e:8c:d8:67:6a:5a:9d:27:f5:b8:09:
                    a7:f3:8c:2e:b9:71:5a:04:40:08:e4:e4:07:25:6f:
                    6f:f5:31:62:a2:0e:2c:16:a9:92:ae:9a:8e:87:2a:
                    2c:b9:c5:ff:7b:b7:27:2c:71:ac:a6:70:4e:8b:5d:
                    5d:d8:0e:15:e2:39:50:26:a8:6b:69:39:8a:5a:25:
                    2f:ae:5c:72:4d:f1:c2:b6:0f:00:be:45:5a:1f:37:
                    db:9d:f3:80:26:98:fc:a5:88:d2:6d:1e:de:4b:64:
                    ba:eb:45:fd:40:7e:65:b9:17:c7:53:d4:31:08:91:
                    df:c4:0f:dc:be:91:bc:5b:2a:b9:30:ed:3a:6c:47:
                    62:d2:dd:cf:e1:10:6c:74:ea:76:27:f3:e2:80:1c:
                    11:09:88:24:18:32:01:8d:d5:fa:53:fe:37:28:68:
                    6e:c5:9f:b7:98:6a:00:79:b5:8b:0e:41:30:c8:80:
                    30:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:9D:F5:24:B6:7E:54:63:C2:D4:9E:49:72:90:67:1E:FF:E2:4B:5F
            X509v3 Authority Key Identifier:
                keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/p531JLZ-VGPC1J5JcpBnHv_iS18.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.61.226.0/24
                  43.252.28.0/22
                  45.130.120.0/22
                  85.208.148.0/22
                  89.223.14.0/23
                  89.223.18.0/23
                  92.255.32.0/21
                  92.255.86.0/23
                  94.176.48.0/20
                  103.30.12.0/22
                  103.207.152.0/23
                  103.211.184.0/23
                  103.225.128.0/22
                  116.212.188.0/22
                  180.94.216.0/22
                  193.151.52.0/22
                  203.78.168.0/21
                  206.204.0.0/18
                  213.188.64.0/22
                  213.188.80.0/20
                  216.194.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         69:3d:72:e8:ba:cd:8f:01:b4:89:f1:8b:87:55:7d:64:9f:51:
         42:6d:e9:87:50:d9:f9:24:91:17:43:ef:63:76:2a:92:93:fa:
         17:e1:df:e9:f3:69:ea:cf:2b:20:f3:e9:73:f7:56:b1:df:74:
         f9:53:4b:c9:63:28:77:9d:58:91:8c:a2:6e:96:70:2a:7d:b7:
         7d:7a:5e:a9:1b:8c:87:81:9c:5f:3e:cd:d1:2c:73:4c:04:07:
         59:bb:54:5f:01:e0:e8:38:70:a9:c9:0a:b7:4d:d9:69:63:0a:
         09:14:ea:0b:9c:7b:5e:f2:ee:de:df:bf:2f:2d:5b:b3:0e:82:
         9d:f3:6e:bd:cc:4d:50:ed:e3:3d:0a:19:02:1b:ba:fa:25:24:
         34:45:f1:03:ca:1f:71:a3:f4:fe:44:df:31:20:8a:e3:16:07:
         0a:0a:9b:cb:96:7b:b2:b9:5a:59:f4:4a:e4:f0:83:91:0e:82:
         0f:b2:68:ea:87:3f:ea:c4:46:1f:a0:38:b7:cc:2f:3d:d4:bf:
         a1:56:a9:5b:50:54:33:f4:8c:7e:2c:fa:db:3e:9b:ed:83:88:
         eb:79:09:44:18:0a:69:bc:d1:d4:da:5f:4f:fa:24:0e:07:10:
         cc:89:8a:95:43:e1:b7:e2:7d:fb:b5:4a:e4:19:20:98:3f:98:
         ab:e7:c8:58
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYdQqXBHBzrN7UzzftTIzOqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwNDA1MDkwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzlkZjUyNGI2N2U1NDYzYzJkNDllNDk3MjkwNjcxZWZmZTI0YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MSuJrMMwt26kBzPsozwQd/+xKIY
f/spQVmr+ma+KLyH9nJRYHLGe49waBUhhY4UwGlBambBNcQF0ijkIcRmYtpzlbta
+qxMvrZViikoHozYZ2panSf1uAmn84wuuXFaBEAI5OQHJW9v9TFiog4sFqmSrpqO
hyosucX/e7cnLHGspnBOi11d2A4V4jlQJqhraTmKWiUvrlxyTfHCtg8AvkVaHzfb
nfOAJpj8pYjSbR7eS2S660X9QH5luRfHU9QxCJHfxA/cvpG8Wyq5MO06bEdi0t3P
4RBsdOp2J/PigBwRCYgkGDIBjdX6U/43KGhuxZ+3mGoAebWLDkEwyIAw6wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKed9SS2flRjwtSeSXKQZx7/4ktfMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvcDUzMUpMWi1WR1BDMUo1SmNwQm5Idl9pUzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEACU9
4gMEAiv8HAMEAi2CeAMEAlXQlAMEAVnfDgMEAVnfEgMEA1z/IAMEAVz/VgMEBF6w
MAMEAmceDAMEAWfPmAMEAWfTuAMEAmfhgAMEAnTUvAMEArRe2AMEAsGXNAMEA8tO
qAMEBs7MAAMEAtW8QAMEBNW8UAMEBNjCUDANBgkqhkiG9w0BAQsFAAOCAQEAaT1y
6LrNjwG0ifGLh1V9ZJ9RQm3ph1DZ+SSRF0PvY3YqkpP6F+Hf6fNp6s8rIPPpc/dW
sd90+VNLyWMod51YkYyibpZwKn23fXpeqRuMh4GcXz7N0SxzTAQHWbtUXwHg6Dhw
qckKt03ZaWMKCRTqC5x7XvLu3t+/Ly1bsw6CnfNuvcxNUO3jPQoZAhu6+iUkNEXx
A8ofcaP0/kTfMSCK4xYHCgqby5Z7srlaWfRK5PCDkQ6CD7Jo6oc/6sRGH6A4t8wv
PdS/oVapW1BUM/SMfiz62z6b7YOI63kJRBgKabzR1NpfT/okDgcQzImKlUPht+J9
+7VK5BkgmD+Yq+fIWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:34 2024 by rpki-client on console-ams.rpki-client.org