Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Sn5rMJFzBRKO-muU43nfawra2E.roa
File:                     4Sn5rMJFzBRKO-muU43nfawra2E.roa (raw, json)
Hash identifier:          BpTzuIAlTWbDuYvLW2Z7bfCLkKNBqK4FLOwlJYoxt3w=
Subject key identifier:   E1:29:F9:AC:C2:45:CC:14:4A:3B:E9:AE:53:8D:E7:7D:AC:2B:6B:61
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       018E66F9D545955DC3B2419C182B2762AEAE
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Sn5rMJFzBRKO-muU43nfawra2E.roa
Signing time:             Fri 22 Mar 2024 16:23:52 +0000
ROA not before:           Fri 22 Mar 2024 16:23:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     262287
IP address blocks:        192.145.70.0/24 maxlen: 24
                          2a0a:8f40:4::/48 maxlen: 48
                          2a0a:8f40:5::/48 maxlen: 48
                          2a0a:8f40:6::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 23 Nov 2024 01:04:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:66:f9:d5:45:95:5d:c3:b2:41:9c:18:2b:27:62:ae:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Mar 22 16:23:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e129f9acc245cc144a3be9ae538de77dac2b6b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:ae:87:23:d8:7c:dd:75:cd:e6:7a:06:60:f2:
                    f3:c7:68:fa:3d:12:41:0b:a4:5f:ad:55:df:bb:f5:
                    ad:96:25:c7:c9:6a:5b:80:9c:d5:db:17:c9:08:9d:
                    f9:80:bf:f7:29:d1:e2:47:23:f9:95:3f:51:34:f3:
                    bc:11:e9:ad:3c:05:bc:f0:9d:82:9f:0e:7b:8e:83:
                    33:3c:ac:1d:51:ba:1e:34:3d:66:3b:a6:dc:be:71:
                    4c:a1:f9:e6:cc:15:bf:07:6f:e5:28:36:aa:1e:0b:
                    7f:5e:68:fe:ee:be:46:22:87:e7:87:a7:38:d1:ef:
                    0e:ac:38:10:54:86:25:5d:7a:0a:8d:0d:f4:de:e5:
                    2c:ef:ed:20:59:6c:43:2b:b8:be:db:81:90:0c:fd:
                    c5:db:43:82:e1:72:5c:8f:6c:93:26:76:7a:8e:3c:
                    58:46:8d:9a:51:b5:5d:0c:94:c8:4d:d5:26:89:5a:
                    ef:88:2d:36:21:2d:3b:e7:3c:c7:2c:62:4a:1d:96:
                    22:48:05:27:b3:08:af:75:20:dc:22:c2:2f:c2:1b:
                    93:09:0e:f0:6c:8c:4b:7c:7c:54:12:85:ef:1b:28:
                    39:e7:47:0c:ed:cc:66:af:c3:75:88:a9:27:cf:d8:
                    92:19:8c:8d:8e:b3:45:7b:5b:f8:4f:b0:d3:2b:0b:
                    f1:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:29:F9:AC:C2:45:CC:14:4A:3B:E9:AE:53:8D:E7:7D:AC:2B:6B:61
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Sn5rMJFzBRKO-muU43nfawra2E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.145.70.0/24
                IPv6:
                  2a0a:8f40:4::-2a0a:8f40:6:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         21:95:7a:01:a3:00:b6:5c:95:c2:d1:89:b3:ed:6c:b3:0f:78:
         87:d6:1e:99:d3:3d:b8:d9:d6:31:a1:a2:6a:48:83:75:3c:9a:
         a3:78:28:8b:eb:28:64:3e:0f:99:fe:46:29:ee:66:3f:37:fa:
         6b:e2:a0:8f:59:06:ed:4a:f3:10:df:62:5a:67:cf:42:7a:36:
         50:3d:37:ec:96:b4:b7:78:49:9c:bd:26:ea:ca:56:7b:b6:4f:
         57:3c:74:75:a3:a6:25:e9:4f:7f:9e:b2:3d:63:95:1b:4d:b3:
         88:df:3d:c5:c1:af:54:7d:32:36:02:78:2b:ee:63:c4:6e:8d:
         ba:b6:17:74:44:37:78:21:52:8f:f5:0d:32:3d:21:d8:36:71:
         8b:85:4d:63:7d:fb:12:f8:53:0d:26:e0:63:bb:10:5a:95:d9:
         14:8f:a3:be:e1:55:7c:db:c2:9d:96:c5:39:45:60:d6:2f:93:
         cc:27:ec:a3:9b:72:98:b4:2b:f4:cc:b7:eb:e3:44:ec:05:2a:
         d2:53:0b:5a:be:ff:de:d9:44:70:fc:40:3a:83:be:36:85:45:
         71:f0:0e:7c:b3:63:86:67:56:46:67:0e:fe:c1:72:91:04:ca:
         8b:4b:fa:fc:fe:70:47:d1:82:2c:42:9d:ad:5d:99:a2:89:ee:
         f0:73:e2:f7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY5m+dVFlV3DskGcGCsnYq6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMzIyMTYyMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTI5ZjlhY2MyNDVjYzE0NGEzYmU5YWU1MzhkZTc3ZGFjMmI2YjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhq6HI9h83XXN5noGYPLzx2j6PRJB
C6RfrVXfu/WtliXHyWpbgJzV2xfJCJ35gL/3KdHiRyP5lT9RNPO8EemtPAW88J2C
nw57joMzPKwdUboeND1mO6bcvnFMofnmzBW/B2/lKDaqHgt/Xmj+7r5GIofnh6c4
0e8OrDgQVIYlXXoKjQ303uUs7+0gWWxDK7i+24GQDP3F20OC4XJcj2yTJnZ6jjxY
Ro2aUbVdDJTITdUmiVrviC02IS075zzHLGJKHZYiSAUnswivdSDcIsIvwhuTCQ7w
bIxLfHxUEoXvGyg550cM7cxmr8N1iKknz9iSGYyNjrNFe1v4T7DTKwvxCwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOEp+azCRcwUSjvprlON532sK2thMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNFNuNXJNSkZ6QlJLTy1tdVU0M25mYXdyYTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAwJFGMBoE
AgACMBQwEgMHAioKj0AABAMHACoKj0AABjANBgkqhkiG9w0BAQsFAAOCAQEAIZV6
AaMAtlyVwtGJs+1ssw94h9YemdM9uNnWMaGiakiDdTyao3goi+soZD4Pmf5GKe5m
Pzf6a+Kgj1kG7UrzEN9iWmfPQno2UD037Ja0t3hJnL0m6spWe7ZPVzx0daOmJelP
f56yPWOVG02ziN89xcGvVH0yNgJ4K+5jxG6NurYXdEQ3eCFSj/UNMj0h2DZxi4VN
Y337EvhTDSbgY7sQWpXZFI+jvuFVfNvCnZbFOUVg1i+TzCfso5tymLQr9My36+NE
7AUq0lMLWr7/3tlEcPxAOoO+NoVFcfAOfLNjhmdWRmcO/sFykQTKi0v6/P5wR9GC
LEKdrV2Zoonu8HPi9w==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:52:30 2024 by rpki-client on console-ams.rpki-client.org