Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/aLtGpEAjEk98ooPYFwTtxdVHjqg.roa
File:                     aLtGpEAjEk98ooPYFwTtxdVHjqg.roa (raw, json)
Hash identifier:          NXonGBNqPSTv+hmw+cSe8s76gAWavAuJrZiA56dj5+o=
Subject key identifier:   68:BB:46:A4:40:23:12:4F:7C:A2:83:D8:17:04:ED:C5:D5:47:8E:A8
Certificate issuer:       /CN=532d1e41424819bcc0cd637d8ee141fea585d00d
Certificate serial:       018ACB19C0B7037B33A2DFED28B02B346155
Authority key identifier: 53:2D:1E:41:42:48:19:BC:C0:CD:63:7D:8E:E1:41:FE:A5:85:D0:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Uy0eQUJIGbzAzWN9juFB_qWF0A0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/aLtGpEAjEk98ooPYFwTtxdVHjqg.roa
Signing time:             Mon 25 Sep 2023 06:49:37 +0000
ROA not before:           Mon 25 Sep 2023 06:49:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201404
IP address blocks:        185.49.49.0/24 maxlen: 24
                          2a04:b700:ca75::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:cb:19:c0:b7:03:7b:33:a2:df:ed:28:b0:2b:34:61:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=532d1e41424819bcc0cd637d8ee141fea585d00d
        Validity
            Not Before: Sep 25 06:49:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=68bb46a44023124f7ca283d81704edc5d5478ea8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:6b:02:5d:10:2e:7e:5f:62:99:b5:50:0e:b0:
                    39:90:fc:de:d4:6c:73:cf:a7:06:cc:2f:5b:ac:de:
                    f0:86:80:34:4d:ea:8f:6a:50:51:8c:6d:13:66:99:
                    0c:a3:57:7a:82:fd:79:3f:d9:02:83:60:9d:cf:c2:
                    e8:55:b0:3b:ae:83:28:cd:13:f7:ee:36:f2:96:b5:
                    c1:c2:b6:b9:30:3f:34:c4:a3:69:5b:7e:4f:63:87:
                    63:7c:09:69:1f:9f:78:73:13:15:cb:96:26:95:64:
                    0f:45:fa:bb:1c:2b:4e:77:44:70:7c:b2:f1:ed:89:
                    72:de:c9:18:c4:a5:94:21:20:08:a8:66:aa:53:fd:
                    79:8f:e0:62:38:17:19:e1:21:33:f6:24:87:a4:0d:
                    bc:01:e0:6a:da:d5:01:d6:f9:ab:1b:dc:d3:41:84:
                    f9:c4:c6:8f:7a:1b:b2:05:aa:79:28:e4:39:29:34:
                    a3:e7:e4:84:63:47:b3:9a:b9:94:36:41:ee:f7:5f:
                    e3:72:8b:09:f1:13:ea:7b:d6:6e:e3:c2:39:a3:b7:
                    87:b4:64:c6:9e:1c:2e:8d:b8:22:24:b1:e6:28:e6:
                    6f:fc:f2:be:81:d1:26:ce:5a:8c:57:de:1a:90:bd:
                    dd:82:16:d5:f8:6d:84:00:a9:c5:a6:e3:a3:52:64:
                    2c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:BB:46:A4:40:23:12:4F:7C:A2:83:D8:17:04:ED:C5:D5:47:8E:A8
            X509v3 Authority Key Identifier:
                keyid:53:2D:1E:41:42:48:19:BC:C0:CD:63:7D:8E:E1:41:FE:A5:85:D0:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uy0eQUJIGbzAzWN9juFB_qWF0A0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/aLtGpEAjEk98ooPYFwTtxdVHjqg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/78c577-8f98-40b2-b01d-10777f9e3685/1/Uy0eQUJIGbzAzWN9juFB_qWF0A0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.49.0/24
                IPv6:
                  2a04:b700:ca75::/48

    Signature Algorithm: sha256WithRSAEncryption
         57:ba:32:ce:8a:d4:54:f9:a1:96:db:a7:76:46:40:38:5a:45:
         ce:60:b6:20:6c:14:89:23:60:6d:63:be:d6:dc:3b:36:ec:9e:
         8a:0a:02:63:1e:20:92:c9:8b:5e:82:c0:02:bb:68:82:5f:13:
         5f:cf:fd:6f:37:0d:51:4b:72:b9:86:9c:f2:1a:59:58:31:6f:
         cd:ae:61:cb:a1:9a:26:c1:10:f9:d6:ab:8a:ec:8f:9f:ae:76:
         ff:25:b8:7c:9b:62:13:50:d0:a8:00:4f:05:d6:a3:65:d9:85:
         cd:1a:9a:10:88:13:b8:f4:08:0d:a5:1a:48:95:de:82:61:36:
         a0:04:ed:ab:23:17:7d:87:e7:a3:ed:eb:32:05:1a:a3:fb:fa:
         bc:7b:64:2a:f8:0d:7d:55:38:9e:5d:53:2f:ce:c0:c4:a3:1a:
         48:62:99:18:ee:19:e2:ed:5e:a9:e0:6e:b9:ed:6b:4e:7b:bd:
         d8:3c:8f:af:e6:d0:96:7a:0e:5c:e8:ba:e7:d3:6e:f2:7a:56:
         ec:a7:57:7a:d0:eb:36:3a:37:e0:3e:9e:cd:1a:b0:3e:47:8e:
         bd:a0:7b:41:6b:94:2a:29:ae:de:8d:49:79:13:3a:28:55:a4:
         0b:13:42:4e:84:c0:d5:51:57:0f:dd:41:90:e8:73:4c:26:6e:
         07:08:53:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrLGcC3A3szot/tKLArNGFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMmQxZTQxNDI0ODE5YmNjMGNkNjM3ZDhlZTE0MWZlYTU4
NWQwMGQwHhcNMjMwOTI1MDY0OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJiNDZhNDQwMjMxMjRmN2NhMjgzZDgxNzA0ZWRjNWQ1NDc4ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWsCXRAufl9imbVQDrA5kPze1Gxz
z6cGzC9brN7whoA0TeqPalBRjG0TZpkMo1d6gv15P9kCg2Cdz8LoVbA7roMozRP3
7jbylrXBwra5MD80xKNpW35PY4djfAlpH594cxMVy5YmlWQPRfq7HCtOd0RwfLLx
7Yly3skYxKWUISAIqGaqU/15j+BiOBcZ4SEz9iSHpA28AeBq2tUB1vmrG9zTQYT5
xMaPehuyBap5KOQ5KTSj5+SEY0ezmrmUNkHu91/jcosJ8RPqe9Zu48I5o7eHtGTG
nhwujbgiJLHmKOZv/PK+gdEmzlqMV94akL3dghbV+G2EAKnFpuOjUmQsEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGi7RqRAIxJPfKKD2BcE7cXVR46oMB8GA1UdIwQY
MBaAFFMtHkFCSBm8wM1jfY7hQf6lhdANMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXkwZVFVSklHYnpBeldOOWp1RkJfcVdGMEEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83OGM1NzctOGY5OC00MGIyLWIwMWQt
MTA3NzdmOWUzNjg1LzEvYUx0R3BFQWpFazk4b29QWUZ3VHR4ZFZIanFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83OGM1NzctOGY5OC00MGIyLWIwMWQtMTA3NzdmOWUzNjg1
LzEvVXkwZVFVSklHYnpBeldOOWp1RkJfcVdGMEEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuTExMA8E
AgACMAkDBwAqBLcAynUwDQYJKoZIhvcNAQELBQADggEBAFe6Ms6K1FT5oZbbp3ZG
QDhaRc5gtiBsFIkjYG1jvtbcOzbsnooKAmMeIJLJi16CwAK7aIJfE1/P/W83DVFL
crmGnPIaWVgxb82uYcuhmibBEPnWq4rsj5+udv8luHybYhNQ0KgATwXWo2XZhc0a
mhCIE7j0CA2lGkiV3oJhNqAE7asjF32H56Pt6zIFGqP7+rx7ZCr4DX1VOJ5dUy/O
wMSjGkhimRjuGeLtXqngbrnta057vdg8j6/m0JZ6DlzouufTbvJ6VuynV3rQ6zY6
N+A+ns0asD5Hjr2ge0FrlCoprt6NSXkTOihVpAsTQk6EwNVRVw/dQZDoc0wmbgcI
U4Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:10 2024 by rpki-client on console-fra.rpki-client.org