Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/fS6zgo5SIt4xncj27P-xmLNL61U.roa
File:                     fS6zgo5SIt4xncj27P-xmLNL61U.roa (raw, json)
Hash identifier:          HX+ZnLJ5sU0c6vDa5UyLuHfU9wmBbsE0QdqK4iBWOcU=
Subject key identifier:   7D:2E:B3:82:8E:52:22:DE:31:9D:C8:F6:EC:FF:B1:98:B3:4B:EB:55
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       018CEA53AC6209BDD0DD50046F066ED47295
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/fS6zgo5SIt4xncj27P-xmLNL61U.roa
Signing time:             Mon 08 Jan 2024 18:26:41 +0000
ROA not before:           Mon 08 Jan 2024 18:26:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58061
IP address blocks:        176.101.58.0/24 maxlen: 24
                          176.101.57.0/24 maxlen: 24
                          176.101.56.0/24 maxlen: 24
                          176.101.62.0/24 maxlen: 24
                          176.101.61.0/24 maxlen: 24
                          176.101.60.0/24 maxlen: 24
                          176.101.59.0/24 maxlen: 24
                          176.101.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 19:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ea:53:ac:62:09:bd:d0:dd:50:04:6f:06:6e:d4:72:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jan  8 18:26:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d2eb3828e5222de319dc8f6ecffb198b34beb55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:09:bc:39:cf:ae:7b:fa:17:b6:96:16:89:0b:
                    79:fe:cc:aa:59:5e:ea:09:ae:50:e4:72:c3:70:57:
                    8d:fa:2b:65:8c:31:1e:59:e0:dd:a8:a5:7d:46:79:
                    2a:98:c7:bf:06:56:55:3e:59:b3:63:0e:dd:6c:aa:
                    6c:46:26:5a:6c:8f:9f:9f:36:dd:5d:20:84:38:35:
                    f6:01:68:63:66:a1:df:ba:d4:9a:22:46:fd:2f:57:
                    90:00:a4:b1:c5:19:24:24:5c:20:ca:ae:10:1e:59:
                    8d:02:8f:71:fe:67:68:f0:6f:5c:36:c4:ac:98:6a:
                    e9:e8:a9:81:a1:2f:52:a5:95:fb:46:51:d7:bb:27:
                    fb:47:43:1d:11:44:b9:4d:3e:2c:6e:ad:ff:ad:25:
                    42:2b:cc:7d:ea:0f:9e:9d:ec:af:67:d6:51:36:6e:
                    f4:4d:13:5b:de:20:92:2e:f8:69:29:66:98:f7:e9:
                    25:11:2c:72:47:ee:56:91:e4:7f:af:0d:9c:5a:a5:
                    2f:fb:45:d8:f3:c5:2c:21:0e:d0:f3:81:31:ce:fb:
                    01:75:95:9d:7d:5b:22:3d:fa:d3:39:61:c2:16:f2:
                    a7:51:7e:f6:fb:b7:15:bf:25:5a:14:0b:c6:97:f4:
                    c1:91:09:1c:31:2a:ff:98:8e:91:75:9a:b5:2c:d1:
                    82:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2E:B3:82:8E:52:22:DE:31:9D:C8:F6:EC:FF:B1:98:B3:4B:EB:55
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/fS6zgo5SIt4xncj27P-xmLNL61U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.101.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         31:85:41:bf:16:ea:19:c5:17:56:1b:69:b6:31:98:86:7f:7a:
         2a:aa:15:9a:21:76:e9:7e:1a:2c:26:4e:a9:bf:de:18:77:d3:
         e5:a0:d0:45:58:00:7c:78:42:a3:b5:b7:68:7e:bc:05:a1:6d:
         d0:f7:83:45:37:06:4c:af:bd:74:00:d6:12:02:51:94:d9:b1:
         da:97:ac:12:5b:41:0a:9f:c4:3f:b4:2f:87:0c:18:16:1b:91:
         bf:a3:5b:f6:7b:11:e9:50:b7:76:0c:11:0c:09:4e:ee:91:76:
         4f:ab:60:92:46:9b:ee:b2:49:13:c3:7d:f0:1f:44:00:ad:a2:
         d0:3a:8c:1a:39:27:58:b7:ee:eb:65:d5:39:47:5f:74:f5:c0:
         6a:bf:e0:32:2e:d3:b8:51:35:97:2d:c1:b5:bd:4b:5d:51:0c:
         10:a0:15:a6:b5:ee:df:ab:ff:7b:19:99:89:89:bf:66:7c:d2:
         8c:cd:33:04:12:da:c9:5e:2c:c2:62:31:6a:29:14:53:a0:d7:
         76:49:98:73:79:cc:6e:50:82:42:c6:9d:9f:60:f4:e5:e0:d6:
         a5:03:a8:99:91:4f:9b:dc:82:75:1d:f4:9d:e2:4d:b4:ef:ae:
         62:ca:14:23:e3:1d:99:ff:3d:c6:8c:53:d1:a4:7d:a8:98:5e:
         5b:1b:91:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzqU6xiCb3Q3VAEbwZu1HKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTA4MTgyNjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJlYjM4MjhlNTIyMmRlMzE5ZGM4ZjZlY2ZmYjE5OGIzNGJlYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgm8Oc+ue/oXtpYWiQt5/syqWV7q
Ca5Q5HLDcFeN+itljDEeWeDdqKV9RnkqmMe/BlZVPlmzYw7dbKpsRiZabI+fnzbd
XSCEODX2AWhjZqHfutSaIkb9L1eQAKSxxRkkJFwgyq4QHlmNAo9x/mdo8G9cNsSs
mGrp6KmBoS9SpZX7RlHXuyf7R0MdEUS5TT4sbq3/rSVCK8x96g+eneyvZ9ZRNm70
TRNb3iCSLvhpKWaY9+klESxyR+5WkeR/rw2cWqUv+0XY88UsIQ7Q84ExzvsBdZWd
fVsiPfrTOWHCFvKnUX72+7cVvyVaFAvGl/TBkQkcMSr/mI6RdZq1LNGC9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0us4KOUiLeMZ3I9uz/sZizS+tVMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvZlM2emdvNVNJdDR4bmNqMjdQLXhtTE5MNjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGU4MA0G
CSqGSIb3DQEBCwUAA4IBAQAxhUG/FuoZxRdWG2m2MZiGf3oqqhWaIXbpfhosJk6p
v94Yd9PloNBFWAB8eEKjtbdofrwFoW3Q94NFNwZMr710ANYSAlGU2bHal6wSW0EK
n8Q/tC+HDBgWG5G/o1v2exHpULd2DBEMCU7ukXZPq2CSRpvuskkTw33wH0QAraLQ
OowaOSdYt+7rZdU5R1909cBqv+AyLtO4UTWXLcG1vUtdUQwQoBWmte7fq/97GZmJ
ib9mfNKMzTMEEtrJXizCYjFqKRRToNd2SZhzecxuUIJCxp2fYPTl4NalA6iZkU+b
3IJ1HfSd4k20765iyhQj4x2Z/z3GjFPRpH2omF5bG5GD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:38 2024 by rpki-client on console-ams.rpki-client.org