Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/de9615-0bc0-4e5e-8318-fb1d992de001/1/X-DfuCgcQsrzig3D5X0H_xSQZTc.roa
File:                     X-DfuCgcQsrzig3D5X0H_xSQZTc.roa (raw, json)
Hash identifier:          2JaIOMTrCZlHgHrxSsWFQ46NpiKwR0FT+LfuhSiygEw=
Subject key identifier:   5F:E0:DF:B8:28:1C:42:CA:F3:8A:0D:C3:E5:7D:07:FF:14:90:65:37
Certificate issuer:       /CN=aa8551e851e69db165c6c632af45f21715512939
Certificate serial:       01856F94C0E389A304EAA8356933CC3BB738
Authority key identifier: AA:85:51:E8:51:E6:9D:B1:65:C6:C6:32:AF:45:F2:17:15:51:29:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qoVR6FHmnbFlxsYyr0XyFxVRKTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/de9615-0bc0-4e5e-8318-fb1d992de001/1/X-DfuCgcQsrzig3D5X0H_xSQZTc.roa
Signing time:             Sun 01 Jan 2023 23:04:57 +0000
ROA not before:           Sun 01 Jan 2023 23:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        176.221.80.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:c0:e3:89:a3:04:ea:a8:35:69:33:cc:3b:b7:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa8551e851e69db165c6c632af45f21715512939
        Validity
            Not Before: Jan  1 23:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5fe0dfb8281c42caf38a0dc3e57d07ff14906537
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4f:77:77:bd:a5:c5:c1:93:b2:5d:a5:c1:82:
                    77:10:8c:d7:88:31:75:7e:db:1e:81:a4:81:df:d2:
                    38:09:35:b5:b2:7e:c7:6a:0f:f8:76:2a:c1:ea:62:
                    7f:7e:83:14:41:91:04:97:02:02:fa:97:b9:ba:cf:
                    ea:3f:89:92:8f:6a:2f:a0:4a:43:0f:04:18:62:61:
                    f2:f7:2b:19:02:78:2e:b8:7c:9d:f9:40:c7:96:8a:
                    dc:c7:49:ab:c2:b1:ea:1a:f5:73:5b:9b:17:30:cc:
                    60:eb:3a:95:0d:77:80:da:8c:a9:25:51:86:55:f2:
                    3d:48:c7:4e:b5:8e:6d:f6:f5:c4:a8:d2:07:25:d4:
                    7e:c6:de:c2:13:e8:87:42:42:cd:da:17:58:21:d8:
                    9c:04:3c:56:70:88:7a:b8:85:f7:d6:92:f0:ea:54:
                    d8:90:c4:f8:b3:9b:5e:95:32:3b:48:c8:de:23:f2:
                    2f:f6:ab:9c:75:13:8f:f1:6f:de:10:5f:be:fb:86:
                    a0:f5:76:b4:4c:9e:d6:7a:6b:59:16:7e:d4:ff:11:
                    b7:d8:03:78:5b:f7:a6:b2:b6:fd:3d:4e:0f:7a:71:
                    ec:de:73:c9:50:30:85:c0:df:b3:b3:c2:ee:e4:24:
                    cd:42:cc:2c:5a:9e:72:6a:73:36:6b:25:eb:93:f5:
                    0f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:E0:DF:B8:28:1C:42:CA:F3:8A:0D:C3:E5:7D:07:FF:14:90:65:37
            X509v3 Authority Key Identifier:
                keyid:AA:85:51:E8:51:E6:9D:B1:65:C6:C6:32:AF:45:F2:17:15:51:29:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoVR6FHmnbFlxsYyr0XyFxVRKTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/de9615-0bc0-4e5e-8318-fb1d992de001/1/X-DfuCgcQsrzig3D5X0H_xSQZTc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/de9615-0bc0-4e5e-8318-fb1d992de001/1/qoVR6FHmnbFlxsYyr0XyFxVRKTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.221.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         aa:26:17:46:03:38:ee:6c:d3:76:ae:64:dc:30:61:2e:4b:cd:
         e1:86:a1:d3:8d:10:ea:8b:a2:07:92:ad:76:b5:89:f2:73:fb:
         49:c4:c6:65:d5:18:25:39:0f:b2:29:8c:37:87:81:96:66:26:
         42:04:85:a0:68:25:6f:0c:01:92:e6:ab:c5:4a:64:87:52:86:
         8f:15:58:ac:ae:e1:76:c8:b7:82:9f:50:d1:7e:24:b5:f6:f0:
         95:e0:1e:1e:de:f4:b5:71:bb:25:cb:75:eb:9a:58:8d:36:c8:
         74:5e:b8:bd:5a:65:ad:05:b5:7f:39:42:32:6b:fb:f9:3b:21:
         24:d9:11:f9:8c:7f:a2:6a:b1:b5:4c:99:b5:6d:92:d0:4f:f4:
         09:e8:80:c2:45:e9:7e:cf:b7:b6:97:ca:57:e8:31:70:d1:1e:
         70:ea:49:09:54:1c:30:71:f1:2c:af:50:2e:9a:17:ea:cb:12:
         67:b7:80:51:72:b9:af:7d:11:cc:85:ac:6d:fb:29:75:2c:fe:
         aa:b3:d5:a7:f5:40:e2:56:b3:f5:52:36:69:9e:94:fa:25:55:
         fd:c7:dc:3c:e9:72:cf:57:72:56:f6:43:14:9f:10:cf:17:9d:
         0f:8e:75:d0:6a:e0:c4:67:76:b8:99:e0:a6:17:ae:60:70:14:
         68:65:0e:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlMDjiaME6qg1aTPMO7c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhODU1MWU4NTFlNjlkYjE2NWM2YzYzMmFmNDVmMjE3MTU1
MTI5MzkwHhcNMjMwMTAxMjMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmUwZGZiODI4MWM0MmNhZjM4YTBkYzNlNTdkMDdmZjE0OTA2NTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU93d72lxcGTsl2lwYJ3EIzXiDF1
ftsegaSB39I4CTW1sn7Hag/4dirB6mJ/foMUQZEElwIC+pe5us/qP4mSj2ovoEpD
DwQYYmHy9ysZAnguuHyd+UDHlorcx0mrwrHqGvVzW5sXMMxg6zqVDXeA2oypJVGG
VfI9SMdOtY5t9vXEqNIHJdR+xt7CE+iHQkLN2hdYIdicBDxWcIh6uIX31pLw6lTY
kMT4s5telTI7SMjeI/Iv9qucdROP8W/eEF+++4ag9Xa0TJ7WemtZFn7U/xG32AN4
W/emsrb9PU4PenHs3nPJUDCFwN+zs8Lu5CTNQswsWp5yanM2ayXrk/UPnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/g37goHELK84oNw+V9B/8UkGU3MB8GA1UdIwQY
MBaAFKqFUehR5p2xZcbGMq9F8hcVUSk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9WUjZGSG1uYkZseHNZeXIwWHlGeFZSS1RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kZTk2MTUtMGJjMC00ZTVlLTgzMTgt
ZmIxZDk5MmRlMDAxLzEvWC1EZnVDZ2NRc3J6aWczRDVYMEhfeFNRWlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kZTk2MTUtMGJjMC00ZTVlLTgzMTgtZmIxZDk5MmRlMDAx
LzEvcW9WUjZGSG1uYkZseHNZeXIwWHlGeFZSS1RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsN1QMA0G
CSqGSIb3DQEBCwUAA4IBAQCqJhdGAzjubNN2rmTcMGEuS83hhqHTjRDqi6IHkq12
tYnyc/tJxMZl1RglOQ+yKYw3h4GWZiZCBIWgaCVvDAGS5qvFSmSHUoaPFVisruF2
yLeCn1DRfiS19vCV4B4e3vS1cbsly3XrmliNNsh0Xri9WmWtBbV/OUIya/v5OyEk
2RH5jH+iarG1TJm1bZLQT/QJ6IDCRel+z7e2l8pX6DFw0R5w6kkJVBwwcfEsr1Au
mhfqyxJnt4BRcrmvfRHMhaxt+yl1LP6qs9Wn9UDiVrP1UjZpnpT6JVX9x9w86XLP
V3JW9kMUnxDPF50PjnXQauDEZ3a4meCmF65gcBRoZQ6+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:13 2024 by rpki-client on console-ams.rpki-client.org