Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/r08XY8W4QbZbEkaXe34QWIEq0TI.roa
File:                     r08XY8W4QbZbEkaXe34QWIEq0TI.roa (raw, json)
Hash identifier:          wYAaRE2jxWXKBsLT5g+ctc2bxJkGNwfIxmwu0IbV5Mo=
Subject key identifier:   AF:4F:17:63:C5:B8:41:B6:5B:12:46:97:7B:7E:10:58:81:2A:D1:32
Certificate issuer:       /CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Certificate serial:       018571152FEE8FFCD9E810160C2B67349C69
Authority key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/r08XY8W4QbZbEkaXe34QWIEq0TI.roa
Signing time:             Mon 02 Jan 2023 06:04:51 +0000
ROA not before:           Mon 02 Jan 2023 06:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201641
IP address blocks:        194.15.212.0/24 maxlen: 24
                          185.102.100.0/22 maxlen: 24
                          2001:67c:6e8::/48 maxlen: 48
                          2a10:a600::/32 maxlen: 48

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 11:38:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:2f:ee:8f:fc:d9:e8:10:16:0c:2b:67:34:9c:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
        Validity
            Not Before: Jan  2 06:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af4f1763c5b841b65b1246977b7e1058812ad132
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:f2:6c:36:8d:fe:d4:7c:55:81:b9:4b:e2:53:
                    03:c6:51:da:05:cd:b3:bc:c6:cc:1d:b8:23:ab:8a:
                    94:ce:c4:6f:15:24:c0:c9:da:d7:a2:ce:d8:63:0a:
                    6d:33:e5:19:52:5e:dd:73:ec:88:3c:d9:a1:22:37:
                    55:67:5a:a5:0a:36:71:05:af:cf:72:c5:ae:de:bb:
                    fa:58:97:26:bc:35:28:f9:58:5a:3c:be:25:a6:b9:
                    1b:09:de:b9:30:f0:fc:77:6b:29:73:cb:4f:5b:5f:
                    a2:38:29:63:ff:48:d1:b2:ff:25:75:b5:3d:fc:fb:
                    99:7f:ae:ee:de:bc:72:9b:2b:46:fa:5d:e8:ee:4e:
                    ae:7c:39:c2:f0:14:c8:c3:42:fc:66:d6:ea:10:88:
                    69:9c:1c:df:58:87:ae:9f:96:2b:0c:a8:27:bd:7e:
                    27:a0:45:4d:fe:de:ae:9f:27:f9:ad:62:3a:43:61:
                    6d:fb:bb:45:20:98:33:59:7f:26:3b:76:65:84:5f:
                    d1:63:13:a0:1c:95:24:c5:2e:79:64:6f:65:9b:21:
                    0b:87:50:a5:2d:e4:47:df:6f:5d:69:22:9c:a0:59:
                    76:9d:c2:bc:e3:72:98:03:03:ad:97:c5:df:3c:bb:
                    fd:98:0e:31:c8:fb:8c:f1:d4:44:9f:6a:7b:30:8c:
                    be:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:4F:17:63:C5:B8:41:B6:5B:12:46:97:7B:7E:10:58:81:2A:D1:32
            X509v3 Authority Key Identifier:
                keyid:21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/r08XY8W4QbZbEkaXe34QWIEq0TI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.102.100.0/22
                  194.15.212.0/24
                IPv6:
                  2001:67c:6e8::/48
                  2a10:a600::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:ce:c1:32:17:4f:3d:2d:19:ad:a9:66:80:5b:5c:f3:39:76:
         e1:38:54:72:8e:c4:24:bb:84:e4:1a:1a:66:88:23:d8:91:78:
         78:e4:48:d7:36:d2:50:59:ba:0e:f0:86:0f:13:32:12:82:73:
         39:f2:92:ce:e3:6d:a6:b5:d1:3a:7d:7f:0d:0a:a7:d6:a3:8b:
         c6:09:36:5a:4b:c9:97:5c:14:71:74:6b:d1:f3:11:0b:d1:7f:
         e1:a0:56:3f:81:86:0f:04:98:ba:b0:7b:30:ed:71:3c:fb:48:
         74:b4:4b:59:7b:3e:4e:f0:20:39:bb:2e:6f:1b:62:12:21:c7:
         43:45:04:37:23:64:76:fe:09:f7:f1:0c:e1:ba:b2:4c:88:e8:
         07:da:4a:b2:2d:84:95:fa:0e:01:4b:bc:a2:eb:ef:bb:75:26:
         6d:74:bb:1f:bd:ba:93:b7:f3:fa:22:8c:06:30:7b:62:8d:35:
         f7:ce:32:56:66:c1:26:dc:66:b3:43:e3:b5:21:2a:bf:f2:fb:
         e2:6a:80:69:e0:3f:3a:4d:4f:7a:56:c7:f3:f5:8b:dd:43:b0:
         11:80:d3:50:54:fd:e3:1c:71:49:e5:bd:4e:1f:f1:4d:83:7a:
         eb:ac:54:e6:1e:b8:42:68:ba:49:82:e6:fd:29:4d:b7:cb:9e:
         a8:45:ef:be
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxFS/uj/zZ6BAWDCtnNJxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWEyOGRlMjFiYzkxZjM5ZGJmMmQwMTJmZDU1MmQyMmQw
ZjVhYWEwHhcNMjMwMTAyMDYwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjRmMTc2M2M1Yjg0MWI2NWIxMjQ2OTc3YjdlMTA1ODgxMmFkMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPJsNo3+1HxVgblL4lMDxlHaBc2z
vMbMHbgjq4qUzsRvFSTAydrXos7YYwptM+UZUl7dc+yIPNmhIjdVZ1qlCjZxBa/P
csWu3rv6WJcmvDUo+VhaPL4lprkbCd65MPD8d2spc8tPW1+iOClj/0jRsv8ldbU9
/PuZf67u3rxymytG+l3o7k6ufDnC8BTIw0L8ZtbqEIhpnBzfWIeun5YrDKgnvX4n
oEVN/t6unyf5rWI6Q2Ft+7tFIJgzWX8mO3ZlhF/RYxOgHJUkxS55ZG9lmyELh1Cl
LeRH329daSKcoFl2ncK843KYAwOtl8XfPLv9mA4xyPuM8dREn2p7MIy+BwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK9PF2PFuEG2WxJGl3t+EFiBKtEyMB8GA1UdIwQY
MBaAFCGqKN4hvJHznb8tAS/VUtItD1qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAt
Zjk5NzNjNTc2YjAzLzEvcjA4WFk4VzRRYlpiRWthWGUzNFFXSUVxMFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAtZjk5NzNjNTc2YjAz
LzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuWZkAwQA
wg/UMBYEAgACMBADBwAgAQZ8BugDBQAqEKYAMA0GCSqGSIb3DQEBCwUAA4IBAQBm
zsEyF089LRmtqWaAW1zzOXbhOFRyjsQku4TkGhpmiCPYkXh45EjXNtJQWboO8IYP
EzISgnM58pLO422mtdE6fX8NCqfWo4vGCTZaS8mXXBRxdGvR8xEL0X/hoFY/gYYP
BJi6sHsw7XE8+0h0tEtZez5O8CA5uy5vG2ISIcdDRQQ3I2R2/gn38QzhurJMiOgH
2kqyLYSV+g4BS7yi6++7dSZtdLsfvbqTt/P6IowGMHtijTX3zjJWZsEm3GazQ+O1
ISq/8vviaoBp4D86TU96Vsfz9YvdQ7ARgNNQVP3jHHFJ5b1OH/FNg3rrrFTmHrhC
aLpJgub9KU23y56oRe++
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:49 2024 by rpki-client on console-ams.rpki-client.org