Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ITlQkDv_M2oWgc3COZDuVETXayo.roa
File:                     ITlQkDv_M2oWgc3COZDuVETXayo.roa (raw, json)
Hash identifier:          ijfmSyGKXVTXQFdQDU3oQUWtyh4jWVdBzYMpGcVomQU=
Subject key identifier:   21:39:50:90:3B:FF:33:6A:16:81:CD:C2:39:90:EE:54:44:D7:6B:2A
Certificate issuer:       /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial:       018CC5DCE04F9B74EAADC9BCD6EBC1FB81E0
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ITlQkDv_M2oWgc3COZDuVETXayo.roa
Signing time:             Mon 01 Jan 2024 16:30:35 +0000
ROA not before:           Mon 01 Jan 2024 16:30:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5065
IP address blocks:        82.163.168.0/22 maxlen: 24
                          188.215.120.0/22 maxlen: 24
                          82.163.96.0/21 maxlen: 24
                          82.163.224.0/22 maxlen: 24
                          130.255.68.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 18 Feb 2024 06:51:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:e0:4f:9b:74:ea:ad:c9:bc:d6:eb:c1:fb:81:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
        Validity
            Not Before: Jan  1 16:30:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=213950903bff336a1681cdc23990ee5444d76b2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:3f:de:ca:bc:35:e7:c8:46:ee:4e:a3:2a:2a:
                    03:91:70:92:02:82:85:ef:dd:d1:0b:ed:17:05:0d:
                    23:ef:17:76:f2:bb:52:b1:cc:fb:d7:74:d9:a1:cb:
                    84:a8:d6:5f:53:f4:bd:8f:49:a4:fc:8d:c2:f4:92:
                    15:74:49:4a:f1:e4:3c:88:2a:6d:2c:a3:0e:03:c0:
                    ea:78:02:4f:8e:37:8f:28:30:76:16:aa:8a:30:fa:
                    1e:53:68:11:23:6f:ce:e5:ff:2a:8c:ae:e2:09:70:
                    b4:b5:01:1d:d3:fe:f8:c6:53:40:7a:54:5c:67:c6:
                    d1:8e:94:1e:17:dc:5a:17:0e:d2:f6:b5:23:36:75:
                    2d:83:0b:5d:2f:11:cd:30:7c:7d:86:58:62:24:4b:
                    75:bd:1f:6c:f8:7c:31:a9:f7:2d:3d:4a:ac:f2:6d:
                    fe:d1:73:5b:1d:c4:5c:5c:c5:49:c0:1e:c0:bf:45:
                    7b:16:1b:d9:78:89:70:1e:21:66:0e:5e:7e:b2:75:
                    d5:15:f0:24:47:eb:5e:8c:d9:49:5e:ab:cd:e3:e6:
                    10:8b:0c:25:f5:c0:2f:a3:34:de:e5:59:f7:47:69:
                    08:43:57:80:ad:4b:ba:33:9d:eb:6a:6d:47:86:34:
                    10:47:e3:15:b6:ad:e2:16:ff:60:06:07:28:28:1a:
                    08:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:39:50:90:3B:FF:33:6A:16:81:CD:C2:39:90:EE:54:44:D7:6B:2A
            X509v3 Authority Key Identifier:
                keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ITlQkDv_M2oWgc3COZDuVETXayo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.163.96.0/21
                  82.163.168.0/22
                  82.163.224.0/22
                  130.255.68.0/22
                  188.215.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0f:4d:69:73:3d:f0:f1:f0:2e:0f:0a:19:09:05:f1:8b:6d:1c:
         f2:3e:a5:70:db:5f:3e:a3:f5:26:21:2f:e8:92:86:a2:54:f1:
         20:69:b5:1c:ad:2f:10:ba:2c:8a:7e:0c:98:3a:d4:81:66:ab:
         77:b9:33:2f:7d:60:3c:82:b4:db:4a:08:45:5b:83:76:03:90:
         e9:15:5e:37:da:69:52:53:a3:74:da:b9:5c:5c:04:c5:4a:a5:
         a5:d4:8e:1c:d0:1e:f7:23:a9:55:63:20:6d:2b:20:fe:82:f5:
         87:11:6e:28:cb:6b:28:f4:3e:9d:c0:50:f3:58:02:80:a1:e4:
         b9:70:23:ba:6c:81:a0:5a:d2:bc:ba:d8:ac:f7:b2:1f:79:e7:
         1d:4e:4e:34:b6:bb:8b:3a:b8:ac:fa:87:7b:2a:16:8b:52:b4:
         23:e1:af:7a:98:61:7b:bc:96:95:7d:7c:83:c6:0c:e3:dc:33:
         bc:d1:da:1e:4d:d4:92:62:a7:01:e0:5e:de:ff:be:5d:ea:81:
         3a:c7:52:ff:7f:28:51:b2:25:84:83:72:4f:5f:63:ce:0f:46:
         b5:03:90:43:34:42:02:03:a6:70:84:1a:f6:91:82:28:da:a8:
         75:ad:b9:09:fe:4e:0c:0e:21:bd:43:fe:bb:58:ea:bd:07:1f:
         b0:4f:12:f2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3OBPm3Tqrcm81uvB+4HgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTM5NTA5MDNiZmYzMzZhMTY4MWNkYzIzOTkwZWU1NDQ0ZDc2YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz/eyrw158hG7k6jKioDkXCSAoKF
793RC+0XBQ0j7xd28rtSscz713TZocuEqNZfU/S9j0mk/I3C9JIVdElK8eQ8iCpt
LKMOA8DqeAJPjjePKDB2FqqKMPoeU2gRI2/O5f8qjK7iCXC0tQEd0/74xlNAelRc
Z8bRjpQeF9xaFw7S9rUjNnUtgwtdLxHNMHx9hlhiJEt1vR9s+HwxqfctPUqs8m3+
0XNbHcRcXMVJwB7Av0V7FhvZeIlwHiFmDl5+snXVFfAkR+tejNlJXqvN4+YQiwwl
9cAvozTe5Vn3R2kIQ1eArUu6M53ram1HhjQQR+MVtq3iFv9gBgcoKBoIQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCE5UJA7/zNqFoHNwjmQ7lRE12sqMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSVRsUWtEdl9NMm9XZ2MzQ09aRHVWRVRYYXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUqNgAwQC
UqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQAPTWlzPfDx
8C4PChkJBfGLbRzyPqVw218+o/UmIS/okoaiVPEgabUcrS8QuiyKfgyYOtSBZqt3
uTMvfWA8grTbSghFW4N2A5DpFV432mlSU6N02rlcXATFSqWl1I4c0B73I6lVYyBt
KyD+gvWHEW4oy2so9D6dwFDzWAKAoeS5cCO6bIGgWtK8utis97IfeecdTk40truL
Oris+od7KhaLUrQj4a96mGF7vJaVfXyDxgzj3DO80doeTdSSYqcB4F7e/75d6oE6
x1L/fyhRsiWEg3JPX2POD0a1A5BDNEICA6ZwhBr2kYIo2qh1rbkJ/k4MDiG9Q/67
WOq9Bx+wTxLy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org