Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/pOsCUXDe1r5bRvr9x8mgsfFIfRI.roa
File:                     pOsCUXDe1r5bRvr9x8mgsfFIfRI.roa (raw, json)
Hash identifier:          UX13V9qL8BaZTOs68rMLBwQq+neIVdWk8fXe8LRZ/gU=
Subject key identifier:   A4:EB:02:51:70:DE:D6:BE:5B:46:FA:FD:C7:C9:A0:B1:F1:48:7D:12
Certificate issuer:       /CN=9f5e4ff2cee4db7a95bcf2a3ad11c947575bb1a6
Certificate serial:       018D83F65522FA2452847495F6B9B59FB24E
Authority key identifier: 9F:5E:4F:F2:CE:E4:DB:7A:95:BC:F2:A3:AD:11:C9:47:57:5B:B1:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n15P8s7k23qVvPKjrRHJR1dbsaY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/pOsCUXDe1r5bRvr9x8mgsfFIfRI.roa
Signing time:             Wed 07 Feb 2024 14:26:15 +0000
ROA not before:           Wed 07 Feb 2024 14:26:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        213.156.160.0/24 maxlen: 24
                          213.156.161.0/24 maxlen: 24
                          213.156.162.0/24 maxlen: 24
                          213.156.163.0/24 maxlen: 24
                          213.156.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Feb 2024 11:09:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:83:f6:55:22:fa:24:52:84:74:95:f6:b9:b5:9f:b2:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f5e4ff2cee4db7a95bcf2a3ad11c947575bb1a6
        Validity
            Not Before: Feb  7 14:26:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a4eb025170ded6be5b46fafdc7c9a0b1f1487d12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:27:5b:6f:9c:07:cc:3a:4c:9a:76:f8:5c:22:
                    d2:97:ac:69:0b:45:a2:66:ce:a3:c9:5c:c1:8c:4e:
                    31:a0:c5:61:33:1d:79:b3:1e:28:7a:80:1d:5a:60:
                    b1:4e:7f:b2:9f:21:37:df:8e:d2:e4:45:61:e5:80:
                    36:6e:ba:13:2b:c6:8a:be:63:74:a3:79:22:c5:48:
                    e3:21:41:a2:58:98:27:c5:b2:ac:9b:3b:26:b9:c2:
                    59:df:2c:2b:23:d2:0e:1a:c6:d8:b0:63:f9:80:ef:
                    ce:de:2c:e0:21:48:39:81:68:80:41:65:fe:6f:29:
                    ea:5c:30:4d:26:60:49:21:90:3a:2a:18:c7:ba:45:
                    6f:14:4c:20:f8:3b:68:ad:c4:99:a4:28:74:08:e4:
                    c3:ae:ac:88:37:3c:03:89:35:2d:dd:32:50:a0:0c:
                    10:b0:71:44:94:d6:14:86:17:07:ad:a5:7b:a8:56:
                    3b:8d:38:7e:7d:e6:12:96:d7:7f:b3:7b:2a:c8:25:
                    6c:2d:77:a7:70:4f:eb:e1:87:37:db:78:c1:8d:4c:
                    93:c5:79:1a:9b:96:2d:68:96:18:1a:2e:e7:ae:07:
                    39:fe:3c:7b:10:29:1d:9e:d8:44:d1:8b:45:98:9e:
                    a9:8d:37:70:a9:62:8b:32:74:6d:83:24:a5:b0:af:
                    74:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:EB:02:51:70:DE:D6:BE:5B:46:FA:FD:C7:C9:A0:B1:F1:48:7D:12
            X509v3 Authority Key Identifier:
                keyid:9F:5E:4F:F2:CE:E4:DB:7A:95:BC:F2:A3:AD:11:C9:47:57:5B:B1:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n15P8s7k23qVvPKjrRHJR1dbsaY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/pOsCUXDe1r5bRvr9x8mgsfFIfRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/n15P8s7k23qVvPKjrRHJR1dbsaY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.156.160.0-213.156.164.255

    Signature Algorithm: sha256WithRSAEncryption
         a4:1b:88:37:54:b4:06:0d:7d:2f:bb:39:15:f0:f8:6c:9f:d0:
         98:29:47:b4:4a:9e:54:d2:9f:b7:e3:ae:59:2e:fa:0f:c1:e8:
         71:6b:b1:ab:98:2b:27:60:af:91:0d:92:35:c8:ee:86:b0:fc:
         a8:02:13:e8:92:63:b3:8e:5d:c3:ec:e1:48:e8:19:0a:a3:4a:
         55:39:70:b2:f8:9b:56:87:c4:c2:6b:05:c1:3f:8b:01:e9:6e:
         0c:6a:e0:ea:71:d0:45:e3:85:82:8f:a9:0e:ab:01:cf:54:6f:
         41:bd:f5:65:4c:5e:7b:48:78:22:f0:02:70:fb:c4:fc:1c:23:
         a7:da:1a:1d:ea:e9:ca:0f:dd:2b:95:cb:15:d9:a2:53:2f:62:
         74:20:59:55:5f:07:51:cf:0e:33:55:b2:bb:42:2f:44:f7:47:
         4e:b8:a4:5f:97:af:bc:1b:d1:31:ef:ec:cb:99:94:b4:ad:09:
         6e:60:6e:4f:40:02:08:05:94:82:da:2b:f5:57:d1:83:1a:ae:
         b3:64:58:f0:36:0c:a3:f1:97:a2:56:82:12:f3:7e:e0:86:37:
         d5:f1:6e:d6:62:18:71:1c:5b:41:dd:67:32:17:4f:8b:1c:a9:
         d4:16:cb:45:5f:ff:54:6a:be:5c:a7:4b:96:e0:b7:52:26:b9:
         34:8a:c9:a2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY2D9lUi+iRShHSV9rm1n7JOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWU0ZmYyY2VlNGRiN2E5NWJjZjJhM2FkMTFjOTQ3NTc1
YmIxYTYwHhcNMjQwMjA3MTQyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGViMDI1MTcwZGVkNmJlNWI0NmZhZmRjN2M5YTBiMWYxNDg3ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSdbb5wHzDpMmnb4XCLSl6xpC0Wi
Zs6jyVzBjE4xoMVhMx15sx4oeoAdWmCxTn+ynyE3347S5EVh5YA2broTK8aKvmN0
o3kixUjjIUGiWJgnxbKsmzsmucJZ3ywrI9IOGsbYsGP5gO/O3izgIUg5gWiAQWX+
bynqXDBNJmBJIZA6KhjHukVvFEwg+DtorcSZpCh0COTDrqyINzwDiTUt3TJQoAwQ
sHFElNYUhhcHraV7qFY7jTh+feYSltd/s3sqyCVsLXencE/r4Yc323jBjUyTxXka
m5YtaJYYGi7nrgc5/jx7ECkdnthE0YtFmJ6pjTdwqWKLMnRtgySlsK90yQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKTrAlFw3ta+W0b6/cfJoLHxSH0SMB8GA1UdIwQY
MBaAFJ9eT/LO5Nt6lbzyo60RyUdXW7GmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjE1UDhzN2syM3FWdlBLanJSSEpSMWRic2FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xOGJiNWYtOTA3Ni00MmZhLTlmOGYt
MzNiOGMxZjdkMTI3LzEvcE9zQ1VYRGUxcjViUnZyOXg4bWdzZkZJZlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xOGJiNWYtOTA3Ni00MmZhLTlmOGYtMzNiOGMxZjdkMTI3
LzEvbjE1UDhzN2syM3FWdlBLanJSSEpSMWRic2FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXVnKAD
BADVnKQwDQYJKoZIhvcNAQELBQADggEBAKQbiDdUtAYNfS+7ORXw+Gyf0JgpR7RK
nlTSn7fjrlku+g/B6HFrsauYKydgr5ENkjXI7oaw/KgCE+iSY7OOXcPs4UjoGQqj
SlU5cLL4m1aHxMJrBcE/iwHpbgxq4Opx0EXjhYKPqQ6rAc9Ub0G99WVMXntIeCLw
AnD7xPwcI6faGh3q6coP3SuVyxXZolMvYnQgWVVfB1HPDjNVsrtCL0T3R064pF+X
r7wb0THv7MuZlLStCW5gbk9AAggFlILaK/VX0YMarrNkWPA2DKPxl6JWghLzfuCG
N9XxbtZiGHEcW0HdZzIXT4scqdQWy0Vf/1RqvlynS5bgt1ImuTSKyaI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:33 2024 by rpki-client on console-fra.rpki-client.org