Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/ALRJM0X60OS9piY2FbQVHo8St74.roa
File:                     ALRJM0X60OS9piY2FbQVHo8St74.roa (raw, json)
Hash identifier:          rA+qwb8l8RTrF69ClTZoQzr2bF5/yh1lGqkS1/452ZQ=
Subject key identifier:   00:B4:49:33:45:FA:D0:E4:BD:A6:26:36:15:B4:15:1E:8F:12:B7:BE
Certificate issuer:       /CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Certificate serial:       01856CF872F66B54CB4E71CA398C103474A1
Authority key identifier: 5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/ALRJM0X60OS9piY2FbQVHo8St74.roa
Signing time:             Sun 01 Jan 2023 10:54:59 +0000
ROA not before:           Sun 01 Jan 2023 10:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2486
IP address blocks:        194.0.9.0/24 maxlen: 24
                          2001:67c:217c::/48 maxlen: 48
                          2001:678:c::/48 maxlen: 48
                          2001:67c:2160::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:72:f6:6b:54:cb:4e:71:ca:39:8c:10:34:74:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
        Validity
            Not Before: Jan  1 10:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00b4493345fad0e4bda6263615b4151e8f12b7be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b8:ec:f4:f3:18:06:98:60:09:bf:81:7d:01:
                    ae:9a:b3:07:0f:68:96:95:29:10:ba:85:14:89:84:
                    3f:36:0e:9e:02:2f:00:2c:3a:68:a6:90:1c:1c:9a:
                    8d:3c:99:72:8e:b0:ad:9c:48:51:23:88:5c:d8:18:
                    73:4d:c7:e9:e6:7f:c0:af:c0:dd:c6:99:d4:bf:df:
                    80:0d:96:50:60:bf:1e:c8:3b:50:20:03:4b:22:29:
                    c7:69:89:95:ff:cc:93:4a:60:e6:5f:86:f0:86:5c:
                    7b:ad:5b:2c:40:19:25:22:1c:75:bf:70:46:ca:94:
                    6b:ff:1b:3d:ba:2d:83:bf:35:c2:ec:49:5f:03:3f:
                    30:10:a9:7e:79:85:2f:23:a7:22:41:5c:4d:0a:6e:
                    5b:6b:c0:02:ac:40:f0:40:19:76:95:a3:95:96:5c:
                    e2:2e:a6:78:09:24:dd:32:31:8d:bc:e2:3e:29:fb:
                    52:a7:b4:ef:20:5b:a9:60:dc:36:d4:c2:c6:cb:a7:
                    55:8b:24:16:6f:16:41:4f:14:ef:5c:86:7a:32:01:
                    05:e4:46:b8:f4:b0:39:fd:1b:48:a9:54:42:c4:9b:
                    39:55:42:fe:bd:a4:f6:37:db:a0:a7:e1:5b:24:49:
                    fe:05:bd:8e:b5:65:18:ea:6d:dc:b9:59:ae:d1:c5:
                    3d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:B4:49:33:45:FA:D0:E4:BD:A6:26:36:15:B4:15:1E:8F:12:B7:BE
            X509v3 Authority Key Identifier:
                keyid:5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/ALRJM0X60OS9piY2FbQVHo8St74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/Xo08C2QUychuPJSnFN-yactekWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.9.0/24
                IPv6:
                  2001:678:c::/48
                  2001:67c:2160::/48
                  2001:67c:217c::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:62:2f:02:5a:64:d2:7e:8c:10:69:f2:4c:b0:c8:29:29:1c:
         2c:c8:09:06:de:f2:07:a2:58:fb:09:25:c0:7d:24:42:1a:ea:
         a1:12:ac:2a:00:dc:39:b6:92:bd:b2:77:c7:76:1d:71:86:e1:
         1c:de:be:af:4c:81:f9:87:be:e3:4b:c9:39:eb:20:db:b4:a0:
         21:c6:af:0e:0b:52:bb:08:04:93:cd:2e:ad:06:18:51:fb:f9:
         35:4b:1d:a7:7c:77:09:a1:74:48:f0:07:b3:23:de:52:a4:19:
         d8:e8:3b:69:99:fb:fc:ee:cd:f2:8c:48:22:b8:cf:8a:a5:7e:
         cf:a7:c8:81:a6:78:d3:37:46:28:fd:56:fa:2f:3a:df:07:8c:
         6e:8b:ac:79:f1:49:7b:c2:20:e2:54:88:16:fd:57:5e:9f:85:
         95:73:48:44:70:87:b2:0b:4e:69:48:d2:83:d4:9c:7e:7e:91:
         c5:f9:be:94:7c:c3:b0:58:3f:f9:4f:ee:ea:15:a4:5b:79:e6:
         c2:69:1d:71:11:e9:e9:36:8f:81:cb:65:ce:4f:6c:1d:f1:85:
         53:64:10:11:3d:1b:23:1c:a4:a1:e7:f0:86:83:39:04:ad:14:
         0c:7a:2d:96:fe:fc:ba:ca:c7:d2:b0:3f:4e:46:d5:ca:f5:48:
         d5:95:b8:90
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVs+HL2a1TLTnHKOYwQNHShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQzYzBiNjQxNGM5Yzg2ZTNjOTRhNzE0ZGZiMjY5Y2I1
ZTkxNjkwHhcNMjMwMTAxMTA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI0NDkzMzQ1ZmFkMGU0YmRhNjI2MzYxNWI0MTUxZThmMTJiN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLjs9PMYBphgCb+BfQGumrMHD2iW
lSkQuoUUiYQ/Ng6eAi8ALDpoppAcHJqNPJlyjrCtnEhRI4hc2BhzTcfp5n/Ar8Dd
xpnUv9+ADZZQYL8eyDtQIANLIinHaYmV/8yTSmDmX4bwhlx7rVssQBklIhx1v3BG
ypRr/xs9ui2DvzXC7ElfAz8wEKl+eYUvI6ciQVxNCm5ba8ACrEDwQBl2laOVllzi
LqZ4CSTdMjGNvOI+KftSp7TvIFupYNw21MLGy6dViyQWbxZBTxTvXIZ6MgEF5Ea4
9LA5/RtIqVRCxJs5VUL+vaT2N9ugp+FbJEn+Bb2OtWUY6m3cuVmu0cU9MQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAC0STNF+tDkvaYmNhW0FR6PEre+MB8GA1UdIwQY
MBaAFF6NPAtkFMnIbjyUpxTfsmnLXpFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAt
MjM0MzA5NTA2MDljLzEvQUxSSk0wWDYwT1M5cGlZMkZiUVZIbzhTdDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAtMjM0MzA5NTA2MDlj
LzEvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAwgAJMCEE
AgACMBsDBwAgAQZ4AAwDBwAgAQZ8IWADBwAgAQZ8IXwwDQYJKoZIhvcNAQELBQAD
ggEBAENiLwJaZNJ+jBBp8kywyCkpHCzICQbe8geiWPsJJcB9JEIa6qESrCoA3Dm2
kr2yd8d2HXGG4Rzevq9MgfmHvuNLyTnrINu0oCHGrw4LUrsIBJPNLq0GGFH7+TVL
Had8dwmhdEjwB7Mj3lKkGdjoO2mZ+/zuzfKMSCK4z4qlfs+nyIGmeNM3Rij9Vvov
Ot8HjG6LrHnxSXvCIOJUiBb9V16fhZVzSERwh7ILTmlI0oPUnH5+kcX5vpR8w7BY
P/lP7uoVpFt55sJpHXER6ek2j4HLZc5PbB3xhVNkEBE9GyMcpKHn8IaDOQStFAx6
LZb+/LrKx9KwP05G1cr1SNWVuJA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:50 2024 by rpki-client on console-ams.rpki-client.org