Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/H0fiX6mPNRhsgSMirJt6RW3twIY.roa
File:                     H0fiX6mPNRhsgSMirJt6RW3twIY.roa (raw, json)
Hash identifier:          2bk/kWucwMEsUkqzu0A8uTQIiGmmfOnZukD9NjgztUo=
Subject key identifier:   1F:47:E2:5F:A9:8F:35:18:6C:81:23:22:AC:9B:7A:45:6D:ED:C0:86
Certificate issuer:       /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial:       01924FA0270886D8819F3A69DCE2B70820C8
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/H0fiX6mPNRhsgSMirJt6RW3twIY.roa
Signing time:             Wed 02 Oct 2024 23:45:48 +0000
ROA not before:           Wed 02 Oct 2024 23:45:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8070
IP address blocks:        13.118.0.0/15 maxlen: 15
                          62.10.0.0/15 maxlen: 15
                          194.41.16.0/24 maxlen: 24
                          194.41.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 23 Oct 2024 16:54:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:4f:a0:27:08:86:d8:81:9f:3a:69:dc:e2:b7:08:20:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
        Validity
            Not Before: Oct  2 23:45:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1f47e25fa98f35186c812322ac9b7a456dedc086
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:4a:f2:33:53:24:67:e4:d7:c5:13:20:f4:e7:
                    c5:d5:65:19:e2:30:06:10:35:c2:72:2d:18:0e:e5:
                    c3:56:a6:62:1a:99:38:2b:31:e5:f6:7f:fc:3c:fb:
                    24:a6:b0:8f:0a:03:68:40:79:cc:7a:2a:72:a2:23:
                    18:f1:16:31:c7:3d:97:e1:ac:ab:e0:84:9b:32:0e:
                    12:fe:01:1e:37:76:cd:70:82:1b:de:c2:c8:38:68:
                    0b:dd:60:cb:86:25:9a:53:99:3a:46:c4:72:d6:97:
                    f5:c6:2b:d3:5d:43:9e:8f:c4:4f:aa:7a:72:a8:75:
                    3b:8d:46:4e:fa:b3:e8:07:03:8e:e7:63:07:48:a2:
                    a3:fe:bc:c2:f0:18:4f:a0:21:a2:66:26:ad:ab:09:
                    23:32:81:3f:63:65:e1:b1:d9:39:23:e3:88:49:3a:
                    ed:00:c9:d9:60:b5:5d:ac:26:77:a0:9c:df:c0:a0:
                    ae:ce:cc:fd:ee:3c:d9:e2:3d:64:a2:af:dd:70:09:
                    56:b2:8d:d9:00:52:a1:db:74:2e:fc:f8:8a:9f:8c:
                    eb:9b:69:da:14:85:b2:ab:6d:ac:e1:12:3e:93:80:
                    fa:52:98:13:b3:02:4c:c2:21:39:0a:a0:f4:39:9a:
                    ed:94:70:47:82:01:e9:37:15:c9:58:62:f8:e3:8b:
                    74:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:47:E2:5F:A9:8F:35:18:6C:81:23:22:AC:9B:7A:45:6D:ED:C0:86
            X509v3 Authority Key Identifier:
                keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/H0fiX6mPNRhsgSMirJt6RW3twIY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.118.0.0/15
                  62.10.0.0/15
                  194.41.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:6e:a3:04:4a:a5:4d:9c:18:fd:71:92:53:fc:a7:b9:a4:94:
         84:5b:25:3b:6b:8f:ba:8b:e4:97:4a:25:39:88:f9:d2:9f:ee:
         70:1b:bc:b7:bf:21:83:ae:16:4b:2f:c9:d6:63:9d:fd:cc:2d:
         4a:a3:92:f0:b7:9c:52:90:9d:32:1b:d3:ef:a0:bf:f7:47:71:
         dd:3a:54:dc:43:f5:ec:4e:ad:8d:91:a5:d9:8f:26:ff:fa:13:
         67:26:79:b8:3d:68:a8:c3:17:f8:12:08:c0:92:fb:23:10:dc:
         81:8c:b8:4e:f8:08:bc:ff:77:23:d8:60:35:e4:fb:5e:84:b8:
         ce:69:51:53:0f:49:21:e9:27:23:cf:2b:e5:8c:2a:14:0a:59:
         ae:1a:69:98:59:8a:46:0b:6b:38:11:46:64:da:0a:0f:40:15:
         10:e4:dc:39:2d:81:1e:1e:06:f5:d5:7d:4b:41:e1:e8:9f:9d:
         8d:de:d5:05:be:8b:2c:4b:d6:45:83:a7:e3:57:60:9b:59:a8:
         b7:63:69:80:a1:db:49:54:ca:cc:b4:c8:7a:be:fc:e1:68:93:
         d7:ae:05:12:83:2c:34:6a:de:43:6b:69:19:1a:a9:20:da:c4:
         67:36:d7:78:93:04:cc:c5:6c:15:20:1f:5f:96:1e:a3:e8:72:
         fa:14:63:6f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZJPoCcIhtiBnzpp3OK3CCDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjQxMDAyMjM0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQ3ZTI1ZmE5OGYzNTE4NmM4MTIzMjJhYzliN2E0NTZkZWRjMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6EryM1MkZ+TXxRMg9OfF1WUZ4jAG
EDXCci0YDuXDVqZiGpk4KzHl9n/8PPskprCPCgNoQHnMeipyoiMY8RYxxz2X4ayr
4ISbMg4S/gEeN3bNcIIb3sLIOGgL3WDLhiWaU5k6RsRy1pf1xivTXUOej8RPqnpy
qHU7jUZO+rPoBwOO52MHSKKj/rzC8BhPoCGiZiatqwkjMoE/Y2Xhsdk5I+OISTrt
AMnZYLVdrCZ3oJzfwKCuzsz97jzZ4j1koq/dcAlWso3ZAFKh23Qu/PiKn4zrm2na
FIWyq22s4RI+k4D6UpgTswJMwiE5CqD0OZrtlHBHggHpNxXJWGL444t0dQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFB9H4l+pjzUYbIEjIqybekVt7cCGMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvSDBmaVg2bVBOUmhzZ1NNaXJKdDZSVzN0d0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAATAQAwMBDXYDAwE+
CgMEAcIpEDANBgkqhkiG9w0BAQsFAAOCAQEABG6jBEqlTZwY/XGSU/ynuaSUhFsl
O2uPuovkl0olOYj50p/ucBu8t78hg64WSy/J1mOd/cwtSqOS8LecUpCdMhvT76C/
90dx3TpU3EP17E6tjZGl2Y8m//oTZyZ5uD1oqMMX+BIIwJL7IxDcgYy4TvgIvP93
I9hgNeT7XoS4zmlRUw9JIeknI88r5YwqFApZrhppmFmKRgtrOBFGZNoKD0AVEOTc
OS2BHh4G9dV9S0Hh6J+djd7VBb6LLEvWRYOn41dgm1mot2NpgKHbSVTKzLTIer78
4WiT164FEoMsNGreQ2tpGRqpINrEZzbXeJMEzMVsFSAfX5Yeo+hy+hRjbw==
-----END CERTIFICATE-----
Generated at Wed Oct 23 22:04:18 2024 by rpki-client on console-ams.rpki-client.org