Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Eij8y1IKwqMqpPDkbVvP-oJ9My4.roa
File:                     Eij8y1IKwqMqpPDkbVvP-oJ9My4.roa (raw, json)
Hash identifier:          XGevxSCdcDLwWHpBeMJfgjl1wXgUx/EYOeZ7iVJpIWg=
Subject key identifier:   12:28:FC:CB:52:0A:C2:A3:2A:A4:F0:E4:6D:5B:CF:FA:82:7D:33:2E
Certificate issuer:       /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial:       018CC94E4B7F33C2E9564F05407A47427F7C
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Eij8y1IKwqMqpPDkbVvP-oJ9My4.roa
Signing time:             Tue 02 Jan 2024 08:33:20 +0000
ROA not before:           Tue 02 Jan 2024 08:33:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42473
IP address blocks:        152.53.69.0/24 maxlen: 24
                          152.53.75.0/24 maxlen: 24
                          152.53.78.0/24 maxlen: 24
                          152.53.0.0/16 maxlen: 24
                          152.53.9.0/24 maxlen: 24
                          152.53.24.0/24 maxlen: 24
                          152.53.30.0/24 maxlen: 24
                          152.53.62.0/24 maxlen: 24
                          152.53.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 11:08:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:4b:7f:33:c2:e9:56:4f:05:40:7a:47:42:7f:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
        Validity
            Not Before: Jan  2 08:33:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1228fccb520ac2a32aa4f0e46d5bcffa827d332e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:39:52:e7:40:ae:f1:af:36:70:d9:d9:8d:3f:
                    80:b7:e9:4f:80:0c:12:d5:77:10:ea:42:83:fe:00:
                    b2:2b:96:ee:28:1e:40:6b:83:1d:8b:21:0e:2c:62:
                    ef:90:99:ca:5a:ac:42:56:c0:9d:ac:10:49:5d:88:
                    50:c8:9b:c2:d5:36:ef:18:2b:2e:03:3d:c6:4e:ed:
                    12:92:9d:8f:52:47:92:ad:c3:97:79:1a:96:a5:aa:
                    75:e0:e9:8c:64:e7:34:af:c4:3d:b3:d9:a5:55:c7:
                    d3:22:d5:5c:b8:37:be:25:28:30:4a:08:6a:aa:38:
                    ad:3d:40:4a:e4:e2:c8:c6:e8:57:48:d7:93:40:d4:
                    77:e7:f6:e8:71:f4:84:2c:59:45:19:77:91:1a:e6:
                    44:f3:7e:5f:da:27:38:0b:61:22:e3:74:a0:77:7d:
                    23:80:50:2c:90:d9:d9:7e:fe:da:7e:df:51:9d:93:
                    26:6d:d8:c4:e2:3e:c5:c6:8e:30:19:22:89:8a:4e:
                    8e:dc:be:14:e6:57:be:85:64:41:a2:c5:cd:b0:4a:
                    11:11:96:ca:fc:8e:ff:f3:ee:d8:25:93:b6:af:e0:
                    22:ce:71:ad:c8:5a:29:7d:2a:d8:f0:81:e5:b0:45:
                    c0:40:af:36:23:af:46:01:0e:b8:1e:96:fa:8c:7b:
                    38:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:28:FC:CB:52:0A:C2:A3:2A:A4:F0:E4:6D:5B:CF:FA:82:7D:33:2E
            X509v3 Authority Key Identifier:
                keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Eij8y1IKwqMqpPDkbVvP-oJ9My4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         65:1e:81:90:1d:94:e1:c6:15:5f:92:15:ba:1c:32:90:3a:38:
         5d:de:7f:e3:2a:bf:1a:50:1d:56:49:8e:94:b4:bf:5d:96:6b:
         c7:c4:67:35:6e:1b:39:b3:59:b3:84:bd:2a:29:ce:ae:8a:45:
         9a:67:cb:62:83:b1:0b:69:ec:e1:9e:e3:44:b8:96:ce:a0:a0:
         a8:70:bb:36:35:e2:f7:41:9b:d8:e9:ab:9e:62:1b:8c:6b:fb:
         f5:c9:64:0d:93:97:be:20:a6:75:3d:88:1f:6d:a2:7c:42:1d:
         68:d8:02:92:73:dc:d9:29:d4:f2:30:d2:7a:a8:10:92:2c:83:
         06:03:d3:e3:80:ff:d0:a1:49:0d:e2:45:32:07:0d:17:08:a1:
         b9:4b:bd:95:e8:1d:62:8c:1e:ed:f9:e0:c0:e0:c5:16:fe:04:
         4a:17:ba:2e:a4:90:e9:15:04:18:12:24:9f:f1:e2:9c:e9:cb:
         73:4a:a1:45:84:ac:1f:09:42:78:db:35:51:0c:cc:b5:05:f2:
         9c:24:0d:e7:70:81:1e:65:58:1f:64:71:69:3d:77:a4:be:0c:
         8c:36:c1:01:b8:be:cb:ff:74:a6:49:f4:df:0b:57:c8:d7:11:
         4e:89:48:fb:7c:80:9a:5a:f3:20:1f:11:92:3a:36:9c:e4:47:
         cd:4b:63:38
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzJTkt/M8LpVk8FQHpHQn98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjI4ZmNjYjUyMGFjMmEzMmFhNGYwZTQ2ZDViY2ZmYTgyN2QzMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzlS50Cu8a82cNnZjT+At+lPgAwS
1XcQ6kKD/gCyK5buKB5Aa4MdiyEOLGLvkJnKWqxCVsCdrBBJXYhQyJvC1TbvGCsu
Az3GTu0Skp2PUkeSrcOXeRqWpap14OmMZOc0r8Q9s9mlVcfTItVcuDe+JSgwSghq
qjitPUBK5OLIxuhXSNeTQNR35/bocfSELFlFGXeRGuZE835f2ic4C2Ei43Sgd30j
gFAskNnZfv7aft9RnZMmbdjE4j7Fxo4wGSKJik6O3L4U5le+hWRBosXNsEoREZbK
/I7/8+7YJZO2r+AiznGtyFopfSrY8IHlsEXAQK82I69GAQ64Hpb6jHs4VQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBIo/MtSCsKjKqTw5G1bz/qCfTMuMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvRWlqOHkxSUt3cU1xcFBEa2JWdlAtb0o5TXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAGUegZAdlOHGFV+SFbocMpA6OF3ef+MqvxpQHVZJjpS0
v12Wa8fEZzVuGzmzWbOEvSopzq6KRZpny2KDsQtp7OGe40S4ls6goKhwuzY14vdB
m9jpq55iG4xr+/XJZA2Tl74gpnU9iB9tonxCHWjYApJz3Nkp1PIw0nqoEJIsgwYD
0+OA/9ChSQ3iRTIHDRcIoblLvZXoHWKMHu354MDgxRb+BEoXui6kkOkVBBgSJJ/x
4pzpy3NKoUWErB8JQnjbNVEMzLUF8pwkDedwgR5lWB9kcWk9d6S+DIw2wQG4vsv/
dKZJ9N8LV8jXEU6JSPt8gJpa8yAfEZI6NpzkR81LYzg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:28 2024 by rpki-client on console-ams.rpki-client.org