Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/nzAQqVwhRIKqXbKxPudPs1DpJFo.roa
File:                     nzAQqVwhRIKqXbKxPudPs1DpJFo.roa (raw, json)
Hash identifier:          9hfY5hn53uH74dsTcnaETovLRNIyRu3ohzOH+e569Ps=
Subject key identifier:   9F:30:10:A9:5C:21:44:82:AA:5D:B2:B1:3E:E7:4F:B3:50:E9:24:5A
Certificate issuer:       /CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Certificate serial:       0187F69BE8C7A7DE61F48ED2953A37AAB226
Authority key identifier: 0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/nzAQqVwhRIKqXbKxPudPs1DpJFo.roa
Signing time:             Sun 07 May 2023 14:27:05 +0000
ROA not before:           Sun 07 May 2023 14:27:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        132.68.0.0/16 maxlen: 16
                          132.68.0.0/15 maxlen: 15
                          132.69.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:f6:9b:e8:c7:a7:de:61:f4:8e:d2:95:3a:37:aa:b2:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
        Validity
            Not Before: May  7 14:27:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f3010a95c214482aa5db2b13ee74fb350e9245a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:3d:e4:64:79:66:7c:15:e1:4c:23:90:70:b3:
                    53:cf:b5:ee:69:2e:94:64:ee:22:09:95:5c:f1:30:
                    55:17:06:f3:ce:c8:99:2b:0a:3f:e9:78:2b:99:e5:
                    d2:71:d5:51:19:de:31:81:de:43:51:26:64:9a:63:
                    a9:ef:2f:1b:7e:d7:ac:11:3d:17:51:86:15:2e:14:
                    23:74:1b:b3:40:d9:7b:10:94:15:62:34:fe:c3:14:
                    0f:d8:c8:b1:ca:4c:05:a8:97:8e:2e:38:c7:5b:d3:
                    e7:7d:8e:30:b4:e7:54:91:cb:b0:2d:b7:b3:20:95:
                    76:cc:d3:6a:51:df:f4:c3:6e:ce:58:17:96:9d:c5:
                    9e:39:c1:91:b2:8b:af:fd:98:a9:fc:bb:6c:9f:fe:
                    e7:2c:b6:36:02:2f:46:65:92:79:06:86:50:e7:85:
                    d7:85:b2:f9:51:1d:69:d7:df:d1:50:5a:c1:8a:c0:
                    01:ba:ef:7b:98:b0:1e:99:74:8d:18:7a:da:d9:ec:
                    bd:08:9d:8a:dc:26:60:d5:ca:14:be:f1:2b:74:66:
                    1e:db:63:44:d7:2c:c9:67:e3:9c:d0:f7:67:2a:03:
                    3e:62:68:8f:88:26:9c:8e:7b:6e:07:ac:1b:f6:71:
                    98:b9:b4:a1:ff:1f:d8:ff:76:51:d3:34:ce:77:a1:
                    a7:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:30:10:A9:5C:21:44:82:AA:5D:B2:B1:3E:E7:4F:B3:50:E9:24:5A
            X509v3 Authority Key Identifier:
                keyid:0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/nzAQqVwhRIKqXbKxPudPs1DpJFo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.68.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         78:cf:22:38:e2:9e:4e:c7:f5:83:ec:f2:28:27:e4:31:43:41:
         17:b1:35:11:e8:b6:51:e1:7a:be:c6:bd:f6:bf:74:8f:b5:be:
         52:69:25:e1:8a:1b:f1:f3:07:1f:79:dc:c0:51:31:7e:78:33:
         7c:a4:88:3c:de:68:3b:0e:3a:7f:b1:8c:b5:45:5f:88:32:1b:
         35:96:57:91:41:69:0d:83:0d:82:b0:11:c4:8a:03:62:4c:70:
         8c:06:ef:28:ca:10:4b:6b:40:23:35:4b:5b:5a:a9:54:85:6b:
         70:77:e5:04:c1:3d:33:9f:0e:88:7b:ea:a6:2b:64:6c:3b:a2:
         c1:c6:a6:b3:91:c9:9f:72:ee:de:7b:18:74:ba:a0:27:bf:4b:
         eb:b6:b9:8c:f7:d2:bd:47:f8:bc:83:89:61:37:12:e2:da:b0:
         e1:fa:c2:c0:d9:fa:7e:f3:12:92:cf:6a:93:56:f3:72:56:de:
         2b:b1:a4:30:9b:f0:59:be:81:ff:70:3c:7d:9e:92:54:92:97:
         92:2b:90:be:76:a7:af:40:bf:ab:d8:a7:da:a5:ce:fe:e3:61:
         ee:f1:32:2f:83:24:8a:2d:2a:38:c0:8b:f6:23:0a:12:c9:b4:
         02:bc:5c:2e:df:9d:2d:c3:5b:27:1b:b5:c3:e2:47:33:04:ea:
         7f:d0:43:63
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYf2m+jHp95h9I7SlTo3qrImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjFiNzhjZTk3YjBmNWZiM2Q4OGJmOTVjZmJiMDhiMmZi
ZWE4ZTUwHhcNMjMwNTA3MTQyNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjMwMTBhOTVjMjE0NDgyYWE1ZGIyYjEzZWU3NGZiMzUwZTkyNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT3kZHlmfBXhTCOQcLNTz7XuaS6U
ZO4iCZVc8TBVFwbzzsiZKwo/6XgrmeXScdVRGd4xgd5DUSZkmmOp7y8bftesET0X
UYYVLhQjdBuzQNl7EJQVYjT+wxQP2MixykwFqJeOLjjHW9PnfY4wtOdUkcuwLbez
IJV2zNNqUd/0w27OWBeWncWeOcGRsouv/Zip/Ltsn/7nLLY2Ai9GZZJ5BoZQ54XX
hbL5UR1p19/RUFrBisABuu97mLAemXSNGHra2ey9CJ2K3CZg1coUvvErdGYe22NE
1yzJZ+Oc0PdnKgM+YmiPiCacjntuB6wb9nGYubSh/x/Y/3ZR0zTOd6Gn0QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJ8wEKlcIUSCql2ysT7nT7NQ6SRaMB8GA1UdIwQY
MBaAFA8ht4zpew9fs9iL+Vz7sIsvvqjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEt
ZGRiOWU0ZGI5OGM2LzEvbnpBUXFWd2hSSUtxWGJLeFB1ZFBzMURwSkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEtZGRiOWU0ZGI5OGM2
LzEvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEQwDQYJ
KoZIhvcNAQELBQADggEBAHjPIjjink7H9YPs8ign5DFDQRexNRHotlHher7Gvfa/
dI+1vlJpJeGKG/HzBx953MBRMX54M3ykiDzeaDsOOn+xjLVFX4gyGzWWV5FBaQ2D
DYKwEcSKA2JMcIwG7yjKEEtrQCM1S1taqVSFa3B35QTBPTOfDoh76qYrZGw7osHG
prORyZ9y7t57GHS6oCe/S+u2uYz30r1H+LyDiWE3EuLasOH6wsDZ+n7zEpLPapNW
83JW3iuxpDCb8Fm+gf9wPH2eklSSl5IrkL52p69Av6vYp9qlzv7jYe7xMi+DJIot
KjjAi/YjChLJtAK8XC7fnS3DWycbtcPiRzME6n/QQ2M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:10 2024 by rpki-client on console-ams.rpki-client.org