Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/SAMffQ1_ry73iZ-xY8cE9cPIHNg.roa
File:                     SAMffQ1_ry73iZ-xY8cE9cPIHNg.roa (raw, json)
Hash identifier:          MDMBsMvX7fJpAR2Tc5AdAzES5ZpqGzncZ6N+jrrM4Ro=
Subject key identifier:   48:03:1F:7D:0D:7F:AF:2E:F7:89:9F:B1:63:C7:04:F5:C3:C8:1C:D8
Certificate issuer:       /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial:       01887D1204348BF405181E7660698F5E7E92
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/SAMffQ1_ry73iZ-xY8cE9cPIHNg.roa
Signing time:             Fri 02 Jun 2023 17:05:12 +0000
ROA not before:           Fri 02 Jun 2023 17:05:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3356
IP address blocks:        2a03:5000:22::/48 maxlen: 48
                          2a03:5000:122::/48 maxlen: 48
                          2a03:5000:42::/48 maxlen: 48
                          2a03:5000:142::/48 maxlen: 48
                          2a03:5000:62::/48 maxlen: 48
                          2a03:5000:82::/48 maxlen: 48
                          2a03:5000:21::/48 maxlen: 48
                          2a03:5000:121::/48 maxlen: 48
                          2a03:5000:41::/48 maxlen: 48
                          2a03:5000:141::/48 maxlen: 48
                          2a03:5000:61::/48 maxlen: 48
                          2a03:5000:81::/48 maxlen: 48
                          2a03:5000:101::/48 maxlen: 48
                          2a03:5000:72::/48 maxlen: 48
                          2a03:5000:92::/48 maxlen: 48
                          2a03:5000:212::/48 maxlen: 48
                          2a03:5000:112::/48 maxlen: 48
                          2a03:5000:32::/48 maxlen: 48
                          2a03:5000:132::/48 maxlen: 48
                          2a03:5000:52::/48 maxlen: 48
                          2a03:5000:71::/48 maxlen: 48
                          2a03:5000:91::/48 maxlen: 48
                          2a03:5000:211::/48 maxlen: 48
                          2a03:5000:111::/48 maxlen: 48
                          2a03:5000:31::/48 maxlen: 48
                          2a03:5000:131::/48 maxlen: 48
                          2a03:5000:51::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 17:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7d:12:04:34:8b:f4:05:18:1e:76:60:69:8f:5e:7e:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
        Validity
            Not Before: Jun  2 17:05:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=48031f7d0d7faf2ef7899fb163c704f5c3c81cd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:33:54:6a:3f:4e:5f:15:f9:3e:fb:42:64:ab:
                    3d:0e:ec:8b:e0:53:c4:ee:86:f4:f7:37:7e:8c:7e:
                    00:81:fc:03:9f:0c:c6:2c:d8:d6:b5:74:ba:44:ee:
                    eb:46:d3:37:8f:7f:99:04:86:9d:91:bc:f1:24:bf:
                    dc:d1:ef:a5:99:da:32:e9:6c:36:1d:6a:f0:ae:ed:
                    4c:5d:9a:dc:1c:78:0a:d3:44:a4:13:cb:5a:f7:ea:
                    f8:ef:43:e6:9a:80:53:16:5c:de:41:57:5d:09:89:
                    d4:f0:18:0e:b7:e5:7e:54:13:9e:f2:11:9c:42:e5:
                    f5:49:5f:da:a5:c2:f5:82:ea:b1:e1:62:3f:12:1d:
                    14:93:47:ae:41:04:dc:05:fb:96:a5:0f:3d:d4:e0:
                    6b:20:0c:23:f9:8c:89:c1:67:a3:db:be:c5:de:80:
                    3e:4c:bc:4d:52:8e:af:c3:4a:2a:65:dd:e6:a6:c7:
                    24:83:5b:81:e5:3b:a1:75:72:52:5a:94:93:71:47:
                    81:6e:fb:cc:e1:5b:0f:9b:41:d7:7f:d8:53:1d:fc:
                    f0:b7:76:ec:da:3b:6e:4f:bf:99:fe:3e:ed:e4:7e:
                    29:20:03:4c:6c:32:2d:3f:89:39:2e:a3:54:25:0d:
                    e4:d7:c7:25:19:ac:54:05:f2:ba:13:dc:94:61:28:
                    9a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:03:1F:7D:0D:7F:AF:2E:F7:89:9F:B1:63:C7:04:F5:C3:C8:1C:D8
            X509v3 Authority Key Identifier:
                keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/SAMffQ1_ry73iZ-xY8cE9cPIHNg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:5000:21::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:31::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:101::/48
                  2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         3b:d9:42:9f:31:d6:21:44:f2:ca:66:49:9d:ea:bf:d6:17:47:
         d6:37:9a:ec:f5:de:d8:02:23:28:b3:e3:0e:81:c8:7b:6d:b8:
         2c:e2:78:81:87:8c:0c:b6:3b:3a:8e:1a:23:50:d7:cc:7b:6d:
         9e:4e:a6:93:7b:8d:b7:57:80:1e:18:f9:07:2e:14:fa:b5:86:
         55:ad:75:5d:e0:95:87:44:1d:db:17:68:48:1a:b2:24:22:9d:
         ef:64:3b:a4:5a:33:d4:1a:ef:12:ca:f6:10:2c:45:67:62:a8:
         2d:38:4b:34:ff:3c:a4:85:e7:77:c7:5f:10:66:d8:64:18:85:
         45:d8:7c:0e:b3:8d:e5:fb:ca:45:26:77:1e:cc:21:f2:d4:84:
         bb:e9:8e:e0:eb:78:e9:85:2b:5d:e6:d0:a7:80:9a:0b:af:7d:
         df:93:33:dd:02:49:86:4f:07:df:3d:c7:3f:bf:b3:1d:77:68:
         a9:bf:4e:3d:32:ac:43:fa:5f:d2:a0:79:47:2d:cb:56:4f:4f:
         23:af:3e:eb:5a:63:6e:30:b5:31:63:93:67:d4:a8:2d:03:60:
         68:b6:b9:e8:2c:0f:9c:72:7a:f4:e8:3f:54:4d:5c:4e:6f:a5:
         26:f5:7f:06:0a:d0:79:8a:2c:a5:36:84:3d:e6:06:c1:44:c4:
         62:eb:b7:d1
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAYh9EgQ0i/QFGB52YGmPXn6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjMwNjAyMTcwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODAzMWY3ZDBkN2ZhZjJlZjc4OTlmYjE2M2M3MDRmNWMzYzgxY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDNUaj9OXxX5PvtCZKs9DuyL4FPE
7ob09zd+jH4AgfwDnwzGLNjWtXS6RO7rRtM3j3+ZBIadkbzxJL/c0e+lmdoy6Ww2
HWrwru1MXZrcHHgK00SkE8ta9+r470PmmoBTFlzeQVddCYnU8BgOt+V+VBOe8hGc
QuX1SV/apcL1guqx4WI/Eh0Uk0euQQTcBfuWpQ891OBrIAwj+YyJwWej277F3oA+
TLxNUo6vw0oqZd3mpsckg1uB5TuhdXJSWpSTcUeBbvvM4VsPm0HXf9hTHfzwt3bs
2jtuT7+Z/j7t5H4pIANMbDItP4k5LqNUJQ3k18clGaxUBfK6E9yUYSiacQIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFEgDH30Nf68u94mfsWPHBPXDyBzYMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvU0FNZmZRMV9yeTczaVoteFk4Y0U5Y1BJSE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTCCARUEAgACMIIB
DTASAwcAKgNQAAAhAwcAKgNQAAAiMBIDBwAqA1AAADEDBwAqA1AAADIwEgMHACoD
UAAAQQMHACoDUAAAQjASAwcAKgNQAABRAwcAKgNQAABSMBIDBwAqA1AAAGEDBwAq
A1AAAGIwEgMHACoDUAAAcQMHACoDUAAAcjASAwcAKgNQAACBAwcAKgNQAACCMBID
BwAqA1AAAJEDBwAqA1AAAJIDBwAqA1AAAQEwEgMHACoDUAABEQMHACoDUAABEjAS
AwcAKgNQAAEhAwcAKgNQAAEiMBIDBwAqA1AAATEDBwAqA1AAATIwEgMHACoDUAAB
QQMHACoDUAABQjASAwcAKgNQAAIRAwcAKgNQAAISMA0GCSqGSIb3DQEBCwUAA4IB
AQA72UKfMdYhRPLKZkmd6r/WF0fWN5rs9d7YAiMos+MOgch7bbgs4niBh4wMtjs6
jhojUNfMe22eTqaTe423V4AeGPkHLhT6tYZVrXVd4JWHRB3bF2hIGrIkIp3vZDuk
WjPUGu8SyvYQLEVnYqgtOEs0/zykhed3x18QZthkGIVF2HwOs43l+8pFJncezCHy
1IS76Y7g63jphStd5tCngJoLr33fkzPdAkmGTwffPcc/v7Mdd2ipv049MqxD+l/S
oHlHLctWT08jrz7rWmNuMLUxY5Nn1KgtA2BotrnoLA+ccnr06D9UTVxOb6Um9X8G
CtB5iiylNoQ95gbBRMRi67fR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:18 2024 by rpki-client on console-ams.rpki-client.org