Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DSODZCPSL5Jl2-6Akk8fzedsb9I.roa
File:                     DSODZCPSL5Jl2-6Akk8fzedsb9I.roa (raw, json)
Hash identifier:          fC6Us03c85DtLDmB3jcHFX6/ZbkxIyHNYUPtfffPFLQ=
Subject key identifier:   0D:23:83:64:23:D2:2F:92:65:DB:EE:80:92:4F:1F:CD:E7:6C:6F:D2
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018CC8DE7FF4FF91E8E25BA0BADCEB1AD94F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DSODZCPSL5Jl2-6Akk8fzedsb9I.roa
Signing time:             Tue 02 Jan 2024 06:31:14 +0000
ROA not before:           Tue 02 Jan 2024 06:31:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        5.180.234.0/24 maxlen: 24
                          2a09:96c0::/29 maxlen: 48
                          2a0b:a0c0::/29 maxlen: 48
                          2a09:ae80::/29 maxlen: 48
                          2a06:e5c0::/29 maxlen: 48
                          2a0d:e000::/29 maxlen: 48
                          2a13:4bc0::/29 maxlen: 48
                          2a09:b440::/48 maxlen: 48
                          2a0a:d040::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 27 Feb 2024 12:28:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:7f:f4:ff:91:e8:e2:5b:a0:ba:dc:eb:1a:d9:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  2 06:31:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d23836423d22f9265dbee80924f1fcde76c6fd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:da:90:cd:16:88:1f:16:6e:3e:0a:bd:cd:c0:
                    43:a4:6a:aa:9f:c9:83:3f:17:5e:c7:44:7b:60:82:
                    b3:d4:5e:13:74:6d:fe:d5:c3:fa:33:11:91:bc:67:
                    bd:3e:88:fe:77:ef:0f:cb:c0:ed:3d:af:0b:ab:36:
                    6f:a4:6f:c9:50:00:c9:4e:82:19:6d:81:c2:92:d8:
                    30:a1:da:52:5a:58:23:e2:29:25:e3:7d:a7:29:bc:
                    64:26:ca:2c:20:18:6a:dc:2f:18:b9:5d:b4:9e:b0:
                    f7:b7:e9:13:59:5e:78:a6:4a:70:dc:48:0c:c5:27:
                    1e:49:6d:27:34:d8:8d:49:39:0d:33:e1:7c:cf:0e:
                    97:60:e4:85:25:d3:37:f4:be:d4:af:07:be:d6:bf:
                    f7:d9:61:c0:78:9f:48:f0:f0:30:c9:12:51:13:7c:
                    1d:5e:e9:91:76:fc:84:6a:50:0a:60:47:76:ab:ee:
                    9a:7c:81:4c:78:52:0a:14:fd:d2:81:3e:50:e7:8a:
                    1b:d9:3a:dd:95:84:bc:e6:8b:ab:31:5a:48:25:de:
                    e5:37:56:32:65:17:ee:1c:11:ec:e1:48:8e:db:ed:
                    ff:dd:8d:56:b7:1a:86:ea:8b:50:91:6e:90:a5:c7:
                    9a:2d:73:d4:65:32:c6:2e:f4:85:19:33:5f:d2:39:
                    7d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:23:83:64:23:D2:2F:92:65:DB:EE:80:92:4F:1F:CD:E7:6C:6F:D2
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DSODZCPSL5Jl2-6Akk8fzedsb9I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.234.0/24
                IPv6:
                  2a06:e5c0::/29
                  2a09:96c0::/29
                  2a09:ae80::/29
                  2a09:b440::/48
                  2a0a:d040::/29
                  2a0b:a0c0::/29
                  2a0d:e000::/29
                  2a13:4bc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         5b:f7:66:2e:91:84:26:ab:22:fa:00:a3:88:9c:6c:c4:82:ac:
         bb:2a:a1:92:96:a2:25:01:56:49:fb:1d:41:c8:ed:da:3a:1a:
         ca:f3:3c:b9:e5:f9:07:51:44:ea:85:ef:15:9e:5f:d4:91:0a:
         c1:f6:02:70:db:2b:37:1c:cf:3e:1e:df:8c:e4:a9:3a:b4:d8:
         8f:71:85:11:e7:54:91:69:09:f8:d0:7d:35:7c:90:4d:bd:99:
         d8:66:a7:ab:52:13:be:64:6d:28:9a:1b:c1:fe:2c:2f:25:48:
         d2:97:49:fc:92:25:38:4e:5e:1c:c7:a3:db:d7:e2:04:19:48:
         6d:5a:e0:a5:21:5e:1f:1a:6e:f8:d0:7b:48:7b:46:14:e2:dd:
         c7:f5:6b:e0:69:17:0c:4a:b4:bd:90:11:4d:1b:d5:14:0e:c6:
         ad:82:46:d2:df:f0:d2:de:22:52:00:6d:95:ca:c3:f4:4c:f5:
         2b:ee:b4:aa:b8:19:44:4c:04:79:79:24:d1:40:a4:fb:91:ef:
         6a:89:66:b2:2c:33:21:ff:4d:6c:aa:21:23:bc:51:80:18:f6:
         52:2b:20:c6:11:93:5e:fc:75:c3:c2:56:15:cc:07:c2:0f:56:
         25:35:6a:7a:4d:37:d7:72:bb:96:ef:c3:25:21:4a:e7:ef:0e:
         06:c8:e9:51
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzI3n/0/5Ho4lugutzrGtlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDIzODM2NDIzZDIyZjkyNjVkYmVlODA5MjRmMWZjZGU3NmM2ZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotqQzRaIHxZuPgq9zcBDpGqqn8mD
Pxdex0R7YIKz1F4TdG3+1cP6MxGRvGe9Poj+d+8Py8DtPa8LqzZvpG/JUADJToIZ
bYHCktgwodpSWlgj4ikl432nKbxkJsosIBhq3C8YuV20nrD3t+kTWV54pkpw3EgM
xSceSW0nNNiNSTkNM+F8zw6XYOSFJdM39L7Urwe+1r/32WHAeJ9I8PAwyRJRE3wd
XumRdvyEalAKYEd2q+6afIFMeFIKFP3SgT5Q54ob2TrdlYS85ourMVpIJd7lN1Yy
ZRfuHBHs4UiO2+3/3Y1WtxqG6otQkW6QpceaLXPUZTLGLvSFGTNf0jl94wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFA0jg2Qj0i+SZdvugJJPH83nbG/SMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRFNPRFpDUFNMNUpsMi02QWtrOGZ6ZWRzYjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAMBAIAATAGAwQABbTqMEAE
AgACMDoDBQMqBuXAAwUDKgmWwAMFAyoJroADBwAqCbRAAAADBQMqCtBAAwUDKgug
wAMFAyoN4AADBQMqE0vAMA0GCSqGSIb3DQEBCwUAA4IBAQBb92YukYQmqyL6AKOI
nGzEgqy7KqGSlqIlAVZJ+x1ByO3aOhrK8zy55fkHUUTqhe8Vnl/UkQrB9gJw2ys3
HM8+Ht+M5Kk6tNiPcYUR51SRaQn40H01fJBNvZnYZqerUhO+ZG0omhvB/iwvJUjS
l0n8kiU4Tl4cx6Pb1+IEGUhtWuClIV4fGm740HtIe0YU4t3H9WvgaRcMSrS9kBFN
G9UUDsatgkbS3/DS3iJSAG2VysP0TPUr7rSquBlETAR5eSTRQKT7ke9qiWayLDMh
/01sqiEjvFGAGPZSKyDGEZNe/HXDwlYVzAfCD1YlNWp6TTfXcruW78MlIUrn7w4G
yOlR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org