Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/1-cI-ITcjg_BMhII3W3Z8fHPXRE8.roa
File:                     1-cI-ITcjg_BMhII3W3Z8fHPXRE8.roa (raw, json)
Hash identifier:          u/bSf4yuSTYTEcoi8xgst3kxcfZ10VjP7JE2zh/Vz/8=
Subject key identifier:   F9:C2:3E:21:37:23:83:F0:4C:84:82:37:5B:76:7C:7C:73:D7:44:4F
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       018CB6DC26CE70D3A95299367E6BD585EA1B
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/1-cI-ITcjg_BMhII3W3Z8fHPXRE8.roa
Signing time:             Fri 29 Dec 2023 18:35:30 +0000
ROA not before:           Fri 29 Dec 2023 18:35:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36113
IP address blocks:        202.50.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b6:dc:26:ce:70:d3:a9:52:99:36:7e:6b:d5:85:ea:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Dec 29 18:35:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9c23e21372383f04c8482375b767c7c73d7444f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:1a:93:1e:da:c6:0c:65:f6:2f:6f:53:77:08:
                    83:7b:87:87:77:28:87:ae:f0:f3:13:89:06:9e:c9:
                    31:4a:e6:98:cb:c5:22:64:60:89:95:f5:2f:af:c8:
                    8c:c7:ef:d2:09:8e:63:f6:e5:bb:0e:af:e7:87:9f:
                    6b:9d:bc:e3:7e:65:af:df:90:84:bf:34:58:c8:a9:
                    a4:be:e5:de:c7:df:7e:fe:00:a4:5d:10:29:e3:ed:
                    e9:16:b7:79:6c:16:29:ba:00:40:59:d4:5d:d6:b0:
                    8e:cb:1d:45:c4:5d:71:14:b0:30:fc:9c:5b:ab:78:
                    8b:04:7f:7d:47:72:58:26:80:46:6f:8a:85:bd:65:
                    82:a5:5c:38:1f:f6:43:96:31:68:18:c8:6b:84:81:
                    5e:10:4b:ec:bc:1c:bd:38:0e:64:de:3f:2e:79:bf:
                    37:7f:27:bf:4f:e9:2f:4b:8d:d0:e4:71:2c:49:c0:
                    dd:d3:9d:ef:22:a6:74:fc:50:6b:20:77:9b:49:22:
                    32:28:64:ac:87:68:39:8a:94:3d:01:99:7e:ff:49:
                    cb:2c:8c:3d:20:ee:6e:55:fe:ad:be:d3:d5:91:de:
                    90:5b:ba:60:61:3d:a4:24:e1:2f:3b:27:2f:02:b7:
                    cd:da:5e:cc:b9:f3:ec:45:31:00:03:04:96:d5:5b:
                    16:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:C2:3E:21:37:23:83:F0:4C:84:82:37:5B:76:7C:7C:73:D7:44:4F
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/1-cI-ITcjg_BMhII3W3Z8fHPXRE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.50.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:87:3a:ad:2d:55:6a:d3:fc:ba:b3:fa:3c:b3:f7:b3:b9:3c:
         71:b9:36:9a:0f:3d:67:b5:e6:37:fe:b2:78:38:99:50:d0:0e:
         cb:32:16:38:47:9d:f3:ab:9c:35:e5:2f:bf:5a:1f:b9:66:93:
         e4:9b:83:15:8d:a4:ef:a9:ec:56:ca:c8:fc:09:be:ac:7b:a4:
         3f:6e:92:d3:e2:10:61:24:11:cf:65:c4:d6:0c:fa:cd:59:4b:
         47:67:06:c0:38:83:7a:92:12:37:e4:6c:0f:75:76:df:ab:5b:
         f9:26:37:18:68:9d:5a:4b:dd:72:28:92:dc:2a:c5:e8:64:57:
         ad:ed:ee:70:cf:e2:df:73:15:a7:28:9b:63:77:fa:22:97:3f:
         52:d5:a6:a7:d5:b6:1d:e9:93:db:7e:f2:82:43:88:fc:dc:46:
         50:ba:d0:f8:95:77:2c:f4:f4:36:21:39:9f:55:39:06:f5:98:
         bf:7c:81:0a:70:e8:f9:a6:ff:62:84:d4:ac:27:72:0a:e2:2f:
         ed:4c:0c:07:82:5f:b8:5b:f4:ac:5b:95:a2:ea:34:bf:41:ae:
         06:95:60:34:79:e0:bd:79:5d:4f:f6:b2:37:8f:78:e3:94:d1:
         08:ef:de:26:79:ca:4d:e1:da:df:57:12:0f:39:ce:2b:60:e7:
         fe:08:1b:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYy23CbOcNOpUpk2fmvVheobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjMxMjI5MTgzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWMyM2UyMTM3MjM4M2YwNGM4NDgyMzc1Yjc2N2M3YzczZDc0NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBqTHtrGDGX2L29TdwiDe4eHdyiH
rvDzE4kGnskxSuaYy8UiZGCJlfUvr8iMx+/SCY5j9uW7Dq/nh59rnbzjfmWv35CE
vzRYyKmkvuXex99+/gCkXRAp4+3pFrd5bBYpugBAWdRd1rCOyx1FxF1xFLAw/Jxb
q3iLBH99R3JYJoBGb4qFvWWCpVw4H/ZDljFoGMhrhIFeEEvsvBy9OA5k3j8ueb83
fye/T+kvS43Q5HEsScDd053vIqZ0/FBrIHebSSIyKGSsh2g5ipQ9AZl+/0nLLIw9
IO5uVf6tvtPVkd6QW7pgYT2kJOEvOycvArfN2l7MufPsRTEAAwSW1VsWzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPnCPiE3I4PwTISCN1t2fHxz10RPMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvMS1jSS1JVGNqZ19CTWhJSTNXM1o4ZkhQWFJFOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjUvNTg5YTZiLTRkN2UtNDAxMi1hMGZjLWMwY2ViMDM3YWQ0
Mi8xLzZzTEJyOVM5N0pnRkJ2b0gzM3lHWXRWVS1rWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMoy/TAN
BgkqhkiG9w0BAQsFAAOCAQEAKIc6rS1VatP8urP6PLP3s7k8cbk2mg89Z7XmN/6y
eDiZUNAOyzIWOEed86ucNeUvv1ofuWaT5JuDFY2k76nsVsrI/Am+rHukP26S0+IQ
YSQRz2XE1gz6zVlLR2cGwDiDepISN+RsD3V236tb+SY3GGidWkvdciiS3CrF6GRX
re3ucM/i33MVpyibY3f6Ipc/UtWmp9W2HemT237ygkOI/NxGULrQ+JV3LPT0NiE5
n1U5BvWYv3yBCnDo+ab/YoTUrCdyCuIv7UwMB4JfuFv0rFuVouo0v0GuBpVgNHng
vXldT/ayN49445TRCO/eJnnKTeHa31cSDznOK2Dn/ggbwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:48 2024 by rpki-client on console-ams.rpki-client.org