Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/1FFqRK4BGy6Kwcw90fOpz6BpHI4.roa
File:                     1FFqRK4BGy6Kwcw90fOpz6BpHI4.roa (raw, json)
Hash identifier:          imJUrKvcDofIfzrLMQ/rR7BiVEPpfbE9G9igs1BedXY=
Subject key identifier:   D4:51:6A:44:AE:01:1B:2E:8A:C1:CC:3D:D1:F3:A9:CF:A0:69:1C:8E
Certificate issuer:       /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial:       018B0550CFC6EF41934FA9A71DCCC669D291
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/1FFqRK4BGy6Kwcw90fOpz6BpHI4.roa
Signing time:             Fri 06 Oct 2023 14:07:43 +0000
ROA not before:           Fri 06 Oct 2023 14:07:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197540
IP address blocks:        152.53.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Oct 2023 14:03:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:05:50:cf:c6:ef:41:93:4f:a9:a7:1d:cc:c6:69:d2:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
        Validity
            Not Before: Oct  6 14:07:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4516a44ae011b2e8ac1cc3dd1f3a9cfa0691c8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:8b:d2:e0:83:c6:38:0c:73:f6:18:19:73:9c:
                    38:62:c9:bb:81:0b:f1:6c:f9:e6:f6:ac:5e:54:1f:
                    cc:72:b8:3a:52:3a:5d:f9:f3:34:1d:18:20:fb:f3:
                    1d:64:f3:0f:6f:1f:81:29:45:84:d6:96:02:87:09:
                    8d:98:fd:eb:e7:4f:d1:e6:bb:90:5e:5d:08:f5:a1:
                    1a:40:8b:2b:34:e8:40:e6:c8:f1:83:d9:0b:c6:a7:
                    6c:b9:5f:8b:d8:1f:f4:5d:32:2a:8b:32:f1:b7:af:
                    78:86:63:4f:1f:3d:10:93:62:39:14:50:d8:9c:37:
                    0b:c7:5c:e8:a7:c7:ce:97:7e:98:d2:ba:ad:39:9c:
                    91:b2:92:35:11:14:9c:a4:c9:6b:f7:b4:34:1c:88:
                    28:d9:ba:8f:a6:7a:d2:c8:d4:e2:1c:90:45:d2:6b:
                    f3:35:32:1d:a8:06:8d:9a:3d:5f:8a:9a:a2:b6:d0:
                    81:3a:0f:d0:05:63:2f:fb:7b:8b:86:4b:a7:92:6d:
                    50:4c:10:76:cb:22:dc:f5:3e:0c:69:b0:8b:41:6a:
                    bb:cc:e2:98:cb:9e:d4:37:c9:38:e2:ad:bb:e1:c7:
                    b8:19:f8:68:a4:85:16:a9:28:38:4d:b7:d6:f7:31:
                    ed:21:32:bc:a1:7d:a8:38:d6:d9:5a:82:f5:31:47:
                    5e:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:51:6A:44:AE:01:1B:2E:8A:C1:CC:3D:D1:F3:A9:CF:A0:69:1C:8E
            X509v3 Authority Key Identifier:
                keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/1FFqRK4BGy6Kwcw90fOpz6BpHI4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7c:06:7f:0a:ea:92:19:4c:b5:14:77:97:b4:5b:fc:46:48:e6:
         a4:80:4d:be:02:66:20:22:79:7f:94:39:c6:06:f5:ce:ff:dc:
         5b:c6:45:04:d7:23:7e:78:94:15:27:75:06:51:95:78:43:14:
         f4:52:f8:83:e4:69:46:c3:aa:41:9c:f8:35:7f:2d:a5:64:95:
         e6:b9:3d:1b:e6:b3:a5:80:cd:02:d5:e6:ca:45:54:a2:5f:88:
         f2:58:c6:ef:72:ff:c1:e8:37:d6:77:18:64:d2:e6:c5:58:10:
         11:98:2f:8d:a6:5c:76:cc:bb:17:51:05:b6:ee:f2:fe:70:48:
         04:51:4c:53:b4:b9:11:29:03:39:50:ad:f5:51:52:20:f9:06:
         a3:ab:45:d6:10:c3:37:c0:c2:2f:20:d8:be:16:32:07:1f:14:
         6b:c7:76:7b:ed:12:91:f0:37:60:50:70:c7:ae:11:9a:18:b6:
         28:0a:2d:c9:ab:b2:cf:36:fb:6c:0b:da:3b:c4:ad:fb:de:ed:
         3b:44:0d:af:58:34:3c:9f:2d:60:87:e6:f5:c3:78:14:5b:7d:
         a9:61:6c:ef:1f:91:0d:77:fa:60:40:e0:86:66:1d:37:8e:c6:
         b0:04:30:2c:63:9d:df:97:b0:50:de:fd:1d:0f:d5:45:65:6f:
         53:2e:3c:cf
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYsFUM/G70GTT6mnHczGadKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjMxMDA2MTQwNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDUxNmE0NGFlMDExYjJlOGFjMWNjM2RkMWYzYTljZmEwNjkxYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4vS4IPGOAxz9hgZc5w4Ysm7gQvx
bPnm9qxeVB/Mcrg6Ujpd+fM0HRgg+/MdZPMPbx+BKUWE1pYChwmNmP3r50/R5ruQ
Xl0I9aEaQIsrNOhA5sjxg9kLxqdsuV+L2B/0XTIqizLxt694hmNPHz0Qk2I5FFDY
nDcLx1zop8fOl36Y0rqtOZyRspI1ERScpMlr97Q0HIgo2bqPpnrSyNTiHJBF0mvz
NTIdqAaNmj1fipqittCBOg/QBWMv+3uLhkunkm1QTBB2yyLc9T4MabCLQWq7zOKY
y57UN8k44q274ce4GfhopIUWqSg4TbfW9zHtITK8oX2oONbZWoL1MUdeXwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNRRakSuARsuisHMPdHzqc+gaRyOMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvMUZGcVJLNEJHeTZLd2N3OTBmT3B6NkJwSEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAHwGfwrqkhlMtRR3l7Rb/EZI5qSATb4CZiAieX+UOcYG
9c7/3FvGRQTXI354lBUndQZRlXhDFPRS+IPkaUbDqkGc+DV/LaVklea5PRvms6WA
zQLV5spFVKJfiPJYxu9y/8HoN9Z3GGTS5sVYEBGYL42mXHbMuxdRBbbu8v5wSARR
TFO0uREpAzlQrfVRUiD5BqOrRdYQwzfAwi8g2L4WMgcfFGvHdnvtEpHwN2BQcMeu
EZoYtigKLcmrss82+2wL2jvErfve7TtEDa9YNDyfLWCH5vXDeBRbfalhbO8fkQ13
+mBA4IZmHTeOxrAEMCxjnd+XsFDe/R0P1UVlb1MuPM8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:28 2024 by rpki-client on console-ams.rpki-client.org