Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/IGXbocYcnM07-urJolor_46c28U.roa
File:                     IGXbocYcnM07-urJolor_46c28U.roa (raw, json)
Hash identifier:          xh7Yl/pdpgbw8gv2+neFdzLaAETiE6D/KcpWnjCN6pM=
Subject key identifier:   20:65:DB:A1:C6:1C:9C:CD:3B:FA:EA:C9:A2:5A:2B:FF:8E:9C:DB:C5
Certificate issuer:       /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial:       018D36AFC10495EB3B874BAEA83E02DCFBB2
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/IGXbocYcnM07-urJolor_46c28U.roa
Signing time:             Tue 23 Jan 2024 14:18:24 +0000
ROA not before:           Tue 23 Jan 2024 14:18:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     13037
IP address blocks:        51.148.0.0/16 maxlen: 16
                          51.155.0.0/16 maxlen: 16
                          51.170.0.0/16 maxlen: 18
                          62.3.64.0/18 maxlen: 18
                          77.104.128.0/18 maxlen: 18
                          82.68.0.0/14 maxlen: 14
                          82.71.240.0/20 maxlen: 20
                          88.96.0.0/16 maxlen: 16
                          88.97.0.0/18 maxlen: 18
                          88.97.64.0/19 maxlen: 19
                          88.97.96.0/20 maxlen: 20
                          88.97.160.0/23 maxlen: 23
                          88.97.162.0/23 maxlen: 23
                          88.97.164.0/23 maxlen: 23
                          88.97.166.0/23 maxlen: 23
                          88.97.168.0/24 maxlen: 24
                          88.97.169.0/24 maxlen: 24
                          88.97.170.0/24 maxlen: 24
                          88.97.171.0/24 maxlen: 24
                          88.97.172.0/24 maxlen: 24
                          88.97.173.0/24 maxlen: 24
                          88.97.174.0/24 maxlen: 24
                          88.97.175.0/24 maxlen: 24
                          88.97.176.0/20 maxlen: 20
                          88.97.192.0/18 maxlen: 18
                          88.98.0.0/20 maxlen: 20
                          88.98.16.0/23 maxlen: 23
                          88.98.18.0/24 maxlen: 24
                          88.98.21.0/24 maxlen: 24
                          88.98.22.0/23 maxlen: 23
                          88.98.24.0/21 maxlen: 21
                          88.98.32.0/19 maxlen: 19
                          88.98.64.0/19 maxlen: 19
                          88.98.128.0/19 maxlen: 19
                          88.98.160.0/21 maxlen: 21
                          88.98.170.0/23 maxlen: 23
                          88.98.172.0/22 maxlen: 22
                          88.98.176.0/20 maxlen: 20
                          146.66.64.0/18 maxlen: 18
                          212.23.0.0/19 maxlen: 19
                          217.155.0.0/16 maxlen: 16
                          2a02:8010::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 16:57:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:36:af:c1:04:95:eb:3b:87:4b:ae:a8:3e:02:dc:fb:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
        Validity
            Not Before: Jan 23 14:18:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2065dba1c61c9ccd3bfaeac9a25a2bff8e9cdbc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b1:1c:e9:90:e0:b6:95:af:04:62:78:3e:f9:
                    da:66:06:3e:ac:ce:85:42:9c:f5:52:76:77:88:cb:
                    58:3e:0a:37:69:c9:49:2b:04:50:4c:bd:65:b3:ca:
                    db:2b:ee:97:b5:2e:8a:19:18:30:b3:22:7f:bc:93:
                    62:0e:a1:a1:f3:34:2c:67:19:28:34:81:c4:47:2c:
                    01:fc:84:b1:50:7e:73:92:b2:45:c2:37:c0:41:b1:
                    f4:08:7f:bb:d5:c0:9c:4f:73:41:b1:43:42:b9:f8:
                    86:41:fa:c9:4d:70:53:ea:26:01:13:a1:ef:61:ae:
                    b5:1e:8b:3d:08:ac:c0:db:3e:ce:8c:63:96:40:76:
                    56:0e:1f:0c:69:98:76:90:1a:37:d7:25:78:4f:68:
                    d8:e1:38:3f:5a:15:b3:dc:e6:47:13:34:9b:6b:29:
                    23:0d:be:a1:18:20:2f:dc:66:bf:17:70:e7:74:2f:
                    65:92:35:be:93:42:ed:aa:c9:e5:ff:37:1c:70:1a:
                    1a:01:9f:10:f1:d5:a2:87:20:5d:6f:e6:1f:7b:9c:
                    d6:ec:24:7d:87:e6:2e:c2:4c:51:bf:67:05:c9:52:
                    28:84:2b:0f:d3:5f:f8:41:36:29:04:b9:2f:14:3d:
                    6b:8c:39:5a:af:b8:4b:84:18:e5:7e:67:68:b0:e6:
                    ff:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:65:DB:A1:C6:1C:9C:CD:3B:FA:EA:C9:A2:5A:2B:FF:8E:9C:DB:C5
            X509v3 Authority Key Identifier:
                keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/IGXbocYcnM07-urJolor_46c28U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  51.148.0.0/16
                  51.155.0.0/16
                  51.170.0.0/16
                  62.3.64.0/18
                  77.104.128.0/18
                  82.68.0.0/14
                  88.96.0.0-88.97.111.255
                  88.97.160.0-88.98.18.255
                  88.98.21.0-88.98.95.255
                  88.98.128.0-88.98.167.255
                  88.98.170.0-88.98.191.255
                  146.66.64.0/18
                  212.23.0.0/19
                  217.155.0.0/16
                IPv6:
                  2a02:8010::/29

    Signature Algorithm: sha256WithRSAEncryption
         77:bd:b5:cd:5c:fa:20:13:f5:38:7c:5b:a5:de:4c:b9:0b:79:
         a2:62:54:65:8f:93:7c:9a:82:ba:23:01:29:68:81:26:1a:f5:
         4b:7f:e1:ff:ac:e4:2d:ed:3f:84:7d:77:e7:bc:c8:6d:9a:50:
         6e:86:fa:e4:37:43:04:ea:58:a6:91:b1:7a:b5:de:e2:f4:61:
         a9:90:38:d3:58:5c:97:88:e6:c2:2a:8a:b7:41:39:e1:d8:21:
         37:8a:a7:de:ad:48:44:c8:0e:6a:28:5d:bb:71:b6:6a:f1:13:
         05:9b:e6:50:da:cc:68:d7:c2:b1:b6:a0:4e:b8:16:03:14:2c:
         de:da:50:14:07:b0:88:47:bf:a9:61:42:e8:51:04:5f:de:0e:
         4a:cf:fa:44:4b:49:8f:a1:24:60:d5:25:20:6f:c5:60:3d:ff:
         85:e3:da:c2:35:17:0a:55:0b:10:c5:61:3c:8e:df:00:77:40:
         f1:19:18:79:d7:01:35:8b:d4:ca:c1:95:d5:54:f2:06:87:e0:
         55:c8:2d:16:7a:06:23:44:6e:8b:a1:b6:1d:77:7a:a8:1d:5b:
         e9:4c:a1:68:60:89:13:48:89:a2:67:8b:34:c0:2a:c4:1e:d4:
         26:b6:38:52:17:e3:8b:d0:36:2e:0a:58:80:45:24:73:78:1d:
         9a:fd:02:32
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY02r8EEles7h0uuqD4C3PuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwMTIzMTQxODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY1ZGJhMWM2MWM5Y2NkM2JmYWVhYzlhMjVhMmJmZjhlOWNkYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurEc6ZDgtpWvBGJ4PvnaZgY+rM6F
Qpz1UnZ3iMtYPgo3aclJKwRQTL1ls8rbK+6XtS6KGRgwsyJ/vJNiDqGh8zQsZxko
NIHERywB/ISxUH5zkrJFwjfAQbH0CH+71cCcT3NBsUNCufiGQfrJTXBT6iYBE6Hv
Ya61Hos9CKzA2z7OjGOWQHZWDh8MaZh2kBo31yV4T2jY4Tg/WhWz3OZHEzSbaykj
Db6hGCAv3Ga/F3DndC9lkjW+k0Ltqsnl/zcccBoaAZ8Q8dWihyBdb+Yfe5zW7CR9
h+YuwkxRv2cFyVIohCsP01/4QTYpBLkvFD1rjDlar7hLhBjlfmdosOb/iwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFCBl26HGHJzNO/rqyaJaK/+OnNvFMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvSUdYYm9jWWNuTTA3LXVySm9sb3JfNDZjMjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwMAM5QD
AwAzmwMDADOqAwQGPgNAAwQGTWiAAwMCUkQwCwMDBVhgAwQEWGFgMAwDBAVYYaAD
BABYYhIwDAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKgMAwDBAFYYqoDBAZYYoAD
BAaSQkADBAXUFwADAwDZmzANBAIAAjAHAwUDKgKAEDANBgkqhkiG9w0BAQsFAAOC
AQEAd721zVz6IBP1OHxbpd5MuQt5omJUZY+TfJqCuiMBKWiBJhr1S3/h/6zkLe0/
hH1357zIbZpQbob65DdDBOpYppGxerXe4vRhqZA401hcl4jmwiqKt0E54dghN4qn
3q1IRMgOaihdu3G2avETBZvmUNrMaNfCsbagTrgWAxQs3tpQFAewiEe/qWFC6FEE
X94OSs/6REtJj6EkYNUlIG/FYD3/hePawjUXClULEMVhPI7fAHdA8RkYedcBNYvU
ysGV1VTyBofgVcgtFnoGI0Rui6G2HXd6qB1b6UyhaGCJE0iJomeLNMAqxB7UJrY4
Uhfji9A2LgpYgEUkc3gdmv0CMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:53 2024 by rpki-client on console-ams.rpki-client.org