Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/F15w2A0ubKLY5k6GyzxgzrNpF78.roa
File:                     F15w2A0ubKLY5k6GyzxgzrNpF78.roa (raw, json)
Hash identifier:          YLB8l7/6PITXbDPGWOo8xqBAdb5qNauibVpd4MM2FP0=
Subject key identifier:   17:5E:70:D8:0D:2E:6C:A2:D8:E6:4E:86:CB:3C:60:CE:B3:69:17:BF
Certificate issuer:       /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial:       018E3154ED6FD16BFB70010DF5AD3338BDFE
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/F15w2A0ubKLY5k6GyzxgzrNpF78.roa
Signing time:             Tue 12 Mar 2024 06:23:53 +0000
ROA not before:           Tue 12 Mar 2024 06:23:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56740
IP address blocks:        87.252.234.0/24 maxlen: 24
                          87.252.237.0/24 maxlen: 24
                          87.252.238.0/24 maxlen: 24
                          87.252.240.0/24 maxlen: 24
                          91.149.167.0/24 maxlen: 24
                          93.125.18.0/24 maxlen: 24
                          93.125.60.0/23 maxlen: 23
                          93.125.114.0/24 maxlen: 24
                          178.172.164.0/24 maxlen: 24
                          178.172.165.0/24 maxlen: 24
                          178.172.212.0/24 maxlen: 24
                          178.172.217.0/24 maxlen: 24
                          178.172.220.0/24 maxlen: 24
                          178.172.247.0/24 maxlen: 24
                          178.172.251.0/24 maxlen: 24
                          178.172.255.0/24 maxlen: 24
                          213.184.236.0/24 maxlen: 24
                          213.184.240.0/24 maxlen: 24
                          217.21.44.0/24 maxlen: 24
                          217.21.52.0/24 maxlen: 24
                          217.21.53.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Jul 2024 15:28:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:31:54:ed:6f:d1:6b:fb:70:01:0d:f5:ad:33:38:bd:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
        Validity
            Not Before: Mar 12 06:23:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=175e70d80d2e6ca2d8e64e86cb3c60ceb36917bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:5b:65:65:18:40:97:29:4e:49:82:51:64:36:
                    fe:50:7b:be:cb:ec:ad:25:65:b2:4f:ce:57:84:4b:
                    67:d9:7d:86:50:53:8b:12:c0:61:d9:b4:30:5e:75:
                    09:e8:f2:16:f9:fe:00:43:a3:8b:8f:03:f5:24:97:
                    25:f8:84:1b:19:60:4b:fc:1e:34:a9:8d:0e:31:4f:
                    27:74:8e:77:4f:f3:e6:e1:8b:1c:c8:8f:ec:6e:10:
                    c5:e1:2e:68:6c:db:83:b2:55:cf:c7:a5:fa:57:dd:
                    d6:04:ed:e3:9d:fe:cd:88:db:ef:b5:43:bf:23:9a:
                    e8:2c:e8:31:f9:0e:6c:30:67:ba:ce:ed:fa:6f:47:
                    98:bc:28:b3:93:44:72:4b:5c:fd:38:d6:2c:5a:e1:
                    f9:2c:47:a7:a3:e6:c2:a0:e3:66:c3:f6:b6:61:e0:
                    fe:5c:89:4f:be:61:71:bf:0d:5e:bf:b6:75:ab:2f:
                    df:a7:b3:b1:51:d0:0b:00:a9:59:46:11:0e:12:61:
                    0d:39:44:ef:ab:cf:be:2d:9f:9e:d5:57:16:9b:9a:
                    78:8c:06:cb:62:3a:14:4e:bf:39:f0:5f:24:ea:e3:
                    6e:b0:03:b7:2d:00:0f:1c:b2:06:6f:33:61:4f:2a:
                    db:1d:24:4e:7d:6c:7f:68:51:26:86:34:2f:70:d6:
                    ba:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:5E:70:D8:0D:2E:6C:A2:D8:E6:4E:86:CB:3C:60:CE:B3:69:17:BF
            X509v3 Authority Key Identifier:
                keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/F15w2A0ubKLY5k6GyzxgzrNpF78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.252.234.0/24
                  87.252.237.0-87.252.238.255
                  87.252.240.0/24
                  91.149.167.0/24
                  93.125.18.0/24
                  93.125.60.0/23
                  93.125.114.0/24
                  178.172.164.0/23
                  178.172.212.0/24
                  178.172.217.0/24
                  178.172.220.0/24
                  178.172.247.0/24
                  178.172.251.0/24
                  178.172.255.0/24
                  213.184.236.0/24
                  213.184.240.0/24
                  217.21.44.0/24
                  217.21.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5c:68:22:a5:7e:bc:b6:66:91:a5:43:33:f9:82:e7:07:b9:7f:
         bb:4f:08:f6:f3:cb:02:da:b5:9c:10:ed:fa:8d:93:5f:5a:3e:
         7b:d7:77:e4:a0:d4:b3:e7:9e:9e:fa:d1:2b:ff:bc:07:59:ad:
         50:25:ef:3c:6c:0c:d3:5a:30:08:e5:fa:89:2e:0a:d2:06:c3:
         9b:95:77:af:c8:d4:5b:1d:f8:90:ca:90:ec:ce:63:d2:42:ff:
         b6:e0:ca:4c:64:4a:02:dc:e5:79:4c:df:c0:20:0f:da:c7:c1:
         ba:36:d6:a8:1b:b7:19:0a:a6:4b:1e:d1:0d:8e:0c:74:06:cf:
         0a:df:aa:78:63:6c:38:fc:52:8c:ca:51:19:1d:47:ef:07:73:
         8e:c0:1f:63:e9:9c:84:e0:2e:f5:49:ff:73:47:03:5e:38:75:
         5b:de:1b:d1:1d:e2:69:dc:2c:ec:98:61:29:5e:86:bb:de:8f:
         d2:31:ed:08:b4:d7:32:b7:93:c9:74:e9:b1:81:04:d8:b4:b0:
         71:65:be:e8:7e:08:92:3d:e3:62:3b:06:3b:9c:6e:f7:18:fc:
         33:f7:60:7b:a9:4b:47:67:0d:c3:be:c3:c9:8a:0b:50:70:90:
         3e:a4:df:95:c2:20:e4:e7:02:96:25:05:64:01:19:9d:4e:ab:
         27:5c:31:69
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY4xVO1v0Wv7cAEN9a0zOL3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjQwMzEyMDYyMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzVlNzBkODBkMmU2Y2EyZDhlNjRlODZjYjNjNjBjZWIzNjkxN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFtlZRhAlylOSYJRZDb+UHu+y+yt
JWWyT85XhEtn2X2GUFOLEsBh2bQwXnUJ6PIW+f4AQ6OLjwP1JJcl+IQbGWBL/B40
qY0OMU8ndI53T/Pm4YscyI/sbhDF4S5obNuDslXPx6X6V93WBO3jnf7NiNvvtUO/
I5roLOgx+Q5sMGe6zu36b0eYvCizk0RyS1z9ONYsWuH5LEeno+bCoONmw/a2YeD+
XIlPvmFxvw1ev7Z1qy/fp7OxUdALAKlZRhEOEmENOUTvq8++LZ+e1VcWm5p4jAbL
YjoUTr858F8k6uNusAO3LQAPHLIGbzNhTyrbHSROfWx/aFEmhjQvcNa65wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFBdecNgNLmyi2OZOhss8YM6zaRe/MB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvRjE1dzJBMHViS0xZNWs2R3l6eGd6ck5wRjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFf86jAM
AwQAV/ztAwQAV/zuAwQAV/zwAwQAW5WnAwQAXX0SAwQBXX08AwQAXX1yAwQBsqyk
AwQAsqzUAwQAsqzZAwQAsqzcAwQAsqz3AwQAsqz7AwQAsqz/AwQA1bjsAwQA1bjw
AwQA2RUsAwQB2RU0MA0GCSqGSIb3DQEBCwUAA4IBAQBcaCKlfry2ZpGlQzP5gucH
uX+7Twj288sC2rWcEO36jZNfWj5713fkoNSz556e+tEr/7wHWa1QJe88bAzTWjAI
5fqJLgrSBsOblXevyNRbHfiQypDszmPSQv+24MpMZEoC3OV5TN/AIA/ax8G6Ntao
G7cZCqZLHtENjgx0Bs8K36p4Y2w4/FKMylEZHUfvB3OOwB9j6ZyE4C71Sf9zRwNe
OHVb3hvRHeJp3CzsmGEpXoa73o/SMe0ItNcyt5PJdOmxgQTYtLBxZb7ofgiSPeNi
OwY7nG73GPwz92B7qUtHZw3DvsPJigtQcJA+pN+VwiDk5wKWJQVkARmdTqsnXDFp
-----END CERTIFICATE-----
Generated at Thu Jul 11 18:11:43 2024 by rpki-client on console-ams.rpki-client.org