Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/1xREQ5c-_H2nn8h_DmDfUwL_bGY.roa
File:                     1xREQ5c-_H2nn8h_DmDfUwL_bGY.roa (raw, json)
Hash identifier:          GUmzncBUZy+VZecG1BZA4U1eM/kXIXwnE1feJjAUnI8=
Subject key identifier:   D7:14:44:43:97:3E:FC:7D:A7:9F:C8:7F:0E:60:DF:53:02:FF:6C:66
Certificate issuer:       /CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Certificate serial:       01856FD504698731287EE3E4826BE498E24E
Authority key identifier: A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/1xREQ5c-_H2nn8h_DmDfUwL_bGY.roa
Signing time:             Mon 02 Jan 2023 00:15:09 +0000
ROA not before:           Mon 02 Jan 2023 00:15:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50343
IP address blocks:        109.233.152.0/21 maxlen: 24
                          185.169.112.0/22 maxlen: 24
                          2a01:8780::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:04:69:87:31:28:7e:e3:e4:82:6b:e4:98:e2:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3190f6efd79ea7333f9bccd85a04352d915b239
        Validity
            Not Before: Jan  2 00:15:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7144443973efc7da79fc87f0e60df5302ff6c66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:9b:1f:ef:84:6c:66:af:09:3f:c5:75:f0:dc:
                    fe:d8:32:6a:52:f4:ac:9d:51:4f:7a:d8:01:9f:16:
                    26:3e:82:41:ff:92:0f:57:d8:ee:87:62:80:db:17:
                    ff:22:e6:03:6c:31:d6:c5:55:26:e8:84:ad:4e:40:
                    44:9a:89:c6:36:d4:cb:62:33:2d:00:f7:68:31:7e:
                    b7:1c:39:01:47:96:c9:6d:f4:bc:c9:95:7d:4f:c8:
                    c5:0e:bd:a3:10:23:bd:a7:68:fe:6d:5a:a4:08:2a:
                    cf:d7:a2:39:47:77:f0:d0:28:da:e7:58:c5:bb:12:
                    8e:10:14:c9:da:4e:01:df:ba:38:a7:c0:3d:59:3d:
                    ac:88:48:24:1f:6e:81:7c:ce:0e:af:75:2f:10:91:
                    5a:c1:ee:86:c2:26:24:b2:bb:b2:bd:19:c8:f0:e2:
                    ad:a5:d1:71:53:16:f1:75:de:4f:9b:e9:6e:32:c7:
                    0f:bc:82:5b:03:9a:15:ae:5f:73:39:df:70:a1:c4:
                    c4:d3:25:88:5f:10:a2:11:fc:09:36:7c:cd:65:51:
                    e1:5b:f4:fd:44:09:d8:2d:cc:d9:2a:b0:b6:f4:06:
                    b2:62:f5:49:54:5c:5b:d0:b7:da:d9:58:5e:ce:a4:
                    66:57:38:38:71:07:cf:02:89:85:c1:c0:50:57:a7:
                    a7:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:14:44:43:97:3E:FC:7D:A7:9F:C8:7F:0E:60:DF:53:02:FF:6C:66
            X509v3 Authority Key Identifier:
                keyid:A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/1xREQ5c-_H2nn8h_DmDfUwL_bGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.233.152.0/21
                  185.169.112.0/22
                IPv6:
                  2a01:8780::/29

    Signature Algorithm: sha256WithRSAEncryption
         03:96:aa:80:99:75:78:3d:50:d7:ed:5b:3e:5b:b6:93:55:7b:
         0b:df:ec:9a:23:88:aa:3c:4a:49:e4:1c:64:42:4f:6e:83:25:
         af:a6:a5:99:e1:9f:64:54:88:b4:fd:9c:41:56:39:f4:ff:a2:
         b7:18:99:25:c0:79:cc:ff:8b:00:d9:6a:30:4e:70:f7:89:d8:
         29:4b:c0:d5:87:42:77:18:63:34:d9:47:7b:cb:49:56:42:e8:
         da:fc:38:5c:78:9c:bb:fc:27:45:d6:18:e3:72:eb:b4:16:61:
         bf:e1:f2:a5:2e:ec:69:72:5f:4f:06:ae:58:f7:19:58:fa:36:
         e8:70:3d:1b:ff:44:f5:05:3d:0a:9a:7b:9e:34:78:21:8b:33:
         b2:2a:8b:1a:cf:10:40:40:63:03:32:cb:13:66:b2:d8:af:49:
         0b:f4:2c:d3:57:72:dd:45:c2:39:ab:f8:89:86:f4:9b:3d:41:
         23:a6:28:a2:19:b4:70:e6:45:43:14:c3:ba:a2:29:04:aa:81:
         ab:fb:69:06:54:18:de:f1:dd:af:59:56:4c:8d:49:28:d2:e7:
         9b:93:7d:ba:91:ca:6d:ce:78:09:66:87:f1:0b:00:3b:c5:b2:
         eb:62:c1:fe:42:e7:50:be:4d:64:22:ee:0d:a7:37:2d:f2:86:
         1a:be:bc:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv1QRphzEofuPkgmvkmOJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTkwZjZlZmQ3OWVhNzMzM2Y5YmNjZDg1YTA0MzUyZDkx
NWIyMzkwHhcNMjMwMTAyMDAxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE0NDQ0Mzk3M2VmYzdkYTc5ZmM4N2YwZTYwZGY1MzAyZmY2YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpsf74RsZq8JP8V18Nz+2DJqUvSs
nVFPetgBnxYmPoJB/5IPV9juh2KA2xf/IuYDbDHWxVUm6IStTkBEmonGNtTLYjMt
APdoMX63HDkBR5bJbfS8yZV9T8jFDr2jECO9p2j+bVqkCCrP16I5R3fw0Cja51jF
uxKOEBTJ2k4B37o4p8A9WT2siEgkH26BfM4Or3UvEJFawe6GwiYksruyvRnI8OKt
pdFxUxbxdd5Pm+luMscPvIJbA5oVrl9zOd9wocTE0yWIXxCiEfwJNnzNZVHhW/T9
RAnYLczZKrC29AayYvVJVFxb0Lfa2VhezqRmVzg4cQfPAomFwcBQV6enJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNcUREOXPvx9p5/Ifw5g31MC/2xmMB8GA1UdIwQY
MBaAFKMZD279eepzM/m8zYWgQ1LZFbI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUt
NWY0Yjg3YWRhNGI1LzEvMXhSRVE1Yy1fSDJubjhoX0RtRGZVd0xfYkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUtNWY0Yjg3YWRhNGI1
LzEvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbemYAwQC
ualwMA0EAgACMAcDBQMqAYeAMA0GCSqGSIb3DQEBCwUAA4IBAQADlqqAmXV4PVDX
7Vs+W7aTVXsL3+yaI4iqPEpJ5BxkQk9ugyWvpqWZ4Z9kVIi0/ZxBVjn0/6K3GJkl
wHnM/4sA2WowTnD3idgpS8DVh0J3GGM02Ud7y0lWQuja/DhceJy7/CdF1hjjcuu0
FmG/4fKlLuxpcl9PBq5Y9xlY+jbocD0b/0T1BT0KmnueNHghizOyKosazxBAQGMD
MssTZrLYr0kL9CzTV3LdRcI5q/iJhvSbPUEjpiiiGbRw5kVDFMO6oikEqoGr+2kG
VBje8d2vWVZMjUko0uebk326kcptzngJZofxCwA7xbLrYsH+QudQvk1kIu4Npzct
8oYavrwl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:21 2024 by rpki-client on console-ams.rpki-client.org