Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/xalUI2k-F5_QrCDcuj5Toe8i5HI.roa
File:                     xalUI2k-F5_QrCDcuj5Toe8i5HI.roa (raw, json)
Hash identifier:          Pd1bX38uWs20Zm6cpo3lFOVoxX/MqQbpuYsQTa5siP8=
Subject key identifier:   C5:A9:54:23:69:3E:17:9F:D0:AC:20:DC:BA:3E:53:A1:EF:22:E4:72
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018B13E5407D310AEEE643BB519655E90E07
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/xalUI2k-F5_QrCDcuj5Toe8i5HI.roa
Signing time:             Mon 09 Oct 2023 10:04:33 +0000
ROA not before:           Mon 09 Oct 2023 10:04:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        185.111.27.0/24 maxlen: 24
                          185.73.219.0/24 maxlen: 24
                          185.110.131.0/24 maxlen: 24
                          185.110.130.0/24 maxlen: 24
                          185.110.129.0/24 maxlen: 24
                          185.110.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Nov 2023 06:27:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:13:e5:40:7d:31:0a:ee:e6:43:bb:51:96:55:e9:0e:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Oct  9 10:04:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c5a95423693e179fd0ac20dcba3e53a1ef22e472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:b7:ad:8f:d4:83:b4:7c:88:e7:f8:d2:44:06:
                    bc:da:0e:b8:90:bf:b7:59:df:68:79:0e:d8:5c:08:
                    ce:73:48:8a:04:b3:a5:85:88:3a:c0:94:f1:5e:70:
                    3e:6f:45:32:a7:5f:44:99:6e:d9:79:c6:c6:1e:e1:
                    c8:18:7c:6c:f4:77:c0:1a:6e:55:ba:cc:c5:6c:c1:
                    33:87:cf:d6:61:84:31:6f:97:4e:02:61:4d:9f:a5:
                    b4:3a:28:2d:c0:d7:65:d3:1e:70:3d:e1:1c:5c:14:
                    1f:30:67:59:34:aa:9b:56:67:58:89:cc:1e:8e:4e:
                    4d:24:cf:bc:6d:8a:28:0e:6a:68:f7:25:66:b3:ea:
                    90:11:7c:ce:63:0f:5e:f3:bc:6f:05:b4:f2:3e:15:
                    40:c2:fa:35:bb:d6:7f:a1:b8:9e:84:3a:aa:62:71:
                    b4:e0:a4:9b:61:92:91:77:5f:0e:84:d7:17:4d:46:
                    6d:8f:bb:ec:40:44:dc:a8:fa:4a:27:7e:27:63:9a:
                    31:d9:34:76:00:86:20:f3:8c:b5:c7:cc:14:22:2e:
                    ab:0a:5a:71:4b:28:0a:4d:26:67:4d:20:81:e2:8f:
                    c2:d7:06:7b:43:95:40:76:2f:67:06:a2:5e:78:3d:
                    eb:2b:08:da:55:bb:7f:38:41:8c:33:74:77:fe:34:
                    b3:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:A9:54:23:69:3E:17:9F:D0:AC:20:DC:BA:3E:53:A1:EF:22:E4:72
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/xalUI2k-F5_QrCDcuj5Toe8i5HI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.219.0/24
                  185.110.128.0/22
                  185.111.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:62:23:77:41:a3:b6:37:c0:73:ed:2f:5e:fe:da:76:a1:d5:
         d1:e8:ec:65:c0:eb:f4:ba:e0:d4:23:bc:e3:fe:ca:80:3e:76:
         0b:17:f5:68:00:a7:bf:c0:5b:84:d6:47:1b:bf:4c:26:93:27:
         21:54:6a:c2:a5:ef:c6:cb:a8:9c:83:6f:1e:8d:4e:48:6c:71:
         5a:37:66:6c:9e:58:de:75:d0:f2:15:ab:21:2a:59:ba:6e:3c:
         8a:1e:2a:39:79:df:97:39:8d:e8:b3:29:d8:bf:41:38:b4:6b:
         6c:61:a8:38:7b:fd:f0:93:0e:45:95:76:6e:b5:9f:99:3c:7c:
         32:58:c0:bc:4a:e5:79:88:45:31:da:ce:5f:2e:f8:f6:7d:4d:
         56:20:67:60:34:7c:a1:5f:7d:a3:70:05:fe:42:fb:24:3f:86:
         5a:b9:fb:d5:8a:33:63:88:da:d1:72:4d:7d:2f:f5:fd:0a:5d:
         90:6f:43:c9:32:68:51:a5:fe:0d:80:61:18:ea:18:2e:a1:85:
         ed:6c:bb:2d:96:3b:5a:3d:f6:7d:53:6f:63:af:fd:63:67:99:
         c4:f0:43:82:f0:37:50:46:63:00:ec:0f:16:15:f7:93:62:c7:
         51:5c:82:ec:e5:18:02:27:0b:42:ab:75:9c:43:f8:27:66:c8:
         d7:45:eb:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsT5UB9MQru5kO7UZZV6Q4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMxMDA5MTAwNDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWE5NTQyMzY5M2UxNzlmZDBhYzIwZGNiYTNlNTNhMWVmMjJlNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhretj9SDtHyI5/jSRAa82g64kL+3
Wd9oeQ7YXAjOc0iKBLOlhYg6wJTxXnA+b0Uyp19EmW7ZecbGHuHIGHxs9HfAGm5V
uszFbMEzh8/WYYQxb5dOAmFNn6W0OigtwNdl0x5wPeEcXBQfMGdZNKqbVmdYicwe
jk5NJM+8bYooDmpo9yVms+qQEXzOYw9e87xvBbTyPhVAwvo1u9Z/obiehDqqYnG0
4KSbYZKRd18OhNcXTUZtj7vsQETcqPpKJ34nY5ox2TR2AIYg84y1x8wUIi6rClpx
SygKTSZnTSCB4o/C1wZ7Q5VAdi9nBqJeeD3rKwjaVbt/OEGMM3R3/jSz3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMWpVCNpPhef0Kwg3Lo+U6HvIuRyMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEveGFsVUkyay1GNV9RckNEY3VqNVRvZThpNUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuUnbAwQC
uW6AAwQAuW8bMA0GCSqGSIb3DQEBCwUAA4IBAQCmYiN3QaO2N8Bz7S9e/tp2odXR
6OxlwOv0uuDUI7zj/sqAPnYLF/VoAKe/wFuE1kcbv0wmkychVGrCpe/Gy6icg28e
jU5IbHFaN2ZsnljeddDyFashKlm6bjyKHio5ed+XOY3osynYv0E4tGtsYag4e/3w
kw5FlXZutZ+ZPHwyWMC8SuV5iEUx2s5fLvj2fU1WIGdgNHyhX32jcAX+QvskP4Za
ufvVijNjiNrRck19L/X9Cl2Qb0PJMmhRpf4NgGEY6hguoYXtbLstljtaPfZ9U29j
r/1jZ5nE8EOC8DdQRmMA7A8WFfeTYsdRXILs5RgCJwtCq3WcQ/gnZsjXReut
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:18 2024 by rpki-client on console-ams.rpki-client.org