Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4xPCB64cL1OGUb5eDKThFif3gOE.roa
File:                     4xPCB64cL1OGUb5eDKThFif3gOE.roa (raw, json)
Hash identifier:          RDQWujfYIWsQzXscS9XzAYp0TDWHBb5hnowy6YBTiis=
Subject key identifier:   E3:13:C2:07:AE:1C:2F:53:86:51:BE:5E:0C:A4:E1:16:27:F7:80:E1
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       01891F50B75B240932535D5F2B7E75D3362B
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4xPCB64cL1OGUb5eDKThFif3gOE.roa
Signing time:             Tue 04 Jul 2023 05:12:10 +0000
ROA not before:           Tue 04 Jul 2023 05:12:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        109.160.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 13:23:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1f:50:b7:5b:24:09:32:53:5d:5f:2b:7e:75:d3:36:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Jul  4 05:12:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e313c207ae1c2f538651be5e0ca4e11627f780e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:4d:82:f4:a9:75:f4:09:ce:50:81:5b:1d:5d:
                    4d:f1:02:f8:72:61:b7:25:fa:c7:d1:02:a3:26:bd:
                    e4:8c:e8:74:48:f3:4a:8e:cb:5e:1b:ca:94:0b:ec:
                    3f:23:4c:3b:e2:17:5f:46:65:11:b4:f4:4a:af:af:
                    00:47:4d:71:a5:9a:23:c9:d1:66:e7:2a:f5:5b:f2:
                    19:da:cd:5b:b9:ab:cc:dd:9c:5d:f3:d8:c6:c3:a9:
                    7b:04:6f:39:71:33:3f:a2:c5:3b:0a:ba:e1:88:bc:
                    28:47:25:f8:bb:99:53:e6:24:62:4c:c4:b2:01:f8:
                    aa:fb:1b:6e:5d:04:51:25:fc:60:aa:08:5c:c5:c7:
                    5e:0b:3d:63:fc:86:ea:a5:2d:c8:6d:db:78:a8:dc:
                    b2:09:dc:63:68:a7:54:03:78:dc:93:00:9d:e4:b4:
                    3a:6c:76:16:42:50:1d:df:3a:bb:76:ca:0e:09:bc:
                    ec:e4:3e:c7:f8:7c:fa:bb:ff:bf:c6:d6:14:69:70:
                    cf:55:67:a6:c3:6b:d5:cc:d8:a5:0e:c0:d4:2c:f6:
                    85:07:87:ff:8c:f3:9b:2a:2c:fe:2d:48:79:59:de:
                    6d:2b:c4:5c:45:2a:9a:6f:4d:dc:45:d9:60:5d:05:
                    57:ce:21:24:dd:87:60:ba:97:2f:84:d6:54:26:58:
                    0a:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:13:C2:07:AE:1C:2F:53:86:51:BE:5E:0C:A4:E1:16:27:F7:80:E1
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4xPCB64cL1OGUb5eDKThFif3gOE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.160.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:50:7a:a0:89:a9:15:53:77:70:db:cc:ef:85:c3:50:18:3e:
         3c:f7:db:e2:db:41:2f:68:d9:5c:fd:9b:a9:5e:fd:6c:4c:bd:
         1c:7a:a6:2e:38:07:c6:ea:24:21:80:8f:bd:a0:95:1a:50:18:
         16:72:8a:02:0d:32:af:dc:0e:b4:75:c8:55:28:be:6a:4c:b9:
         1e:cf:85:6c:8e:76:04:52:50:f6:c6:d3:04:5d:15:45:7a:8e:
         83:aa:a2:a5:7e:9e:96:96:34:8e:b6:84:05:ee:42:c0:43:fd:
         51:1c:92:e1:bb:c9:83:22:b3:fd:9c:81:ab:72:9c:72:26:d0:
         8f:f6:4b:cc:ce:31:52:47:a7:5f:6e:c1:31:6c:6b:24:09:3e:
         11:5f:f2:0f:44:97:46:11:20:c4:c3:ef:e1:63:d0:1f:1d:47:
         10:ad:3f:65:df:a3:07:07:9f:01:1e:27:52:ab:6d:89:05:fc:
         ff:67:b4:b8:95:1b:8e:28:29:1a:4a:b8:6d:80:0d:c5:38:ee:
         1d:a4:57:46:5e:44:53:ab:9a:03:75:c7:a5:f7:bb:0f:98:58:
         de:68:df:ac:51:27:bb:e8:c4:b4:f2:e1:51:a1:92:f4:09:11:
         e7:49:72:9b:dc:70:d9:cb:e3:b3:97:e8:2b:d3:28:25:5e:6e:
         de:6a:04:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkfULdbJAkyU11fK3510zYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwNzA0MDUxMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzEzYzIwN2FlMWMyZjUzODY1MWJlNWUwY2E0ZTExNjI3Zjc4MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0k2C9Kl19AnOUIFbHV1N8QL4cmG3
JfrH0QKjJr3kjOh0SPNKjsteG8qUC+w/I0w74hdfRmURtPRKr68AR01xpZojydFm
5yr1W/IZ2s1buavM3Zxd89jGw6l7BG85cTM/osU7CrrhiLwoRyX4u5lT5iRiTMSy
Afiq+xtuXQRRJfxgqghcxcdeCz1j/IbqpS3Ibdt4qNyyCdxjaKdUA3jckwCd5LQ6
bHYWQlAd3zq7dsoOCbzs5D7H+Hz6u/+/xtYUaXDPVWemw2vVzNilDsDULPaFB4f/
jPObKiz+LUh5Wd5tK8RcRSqab03cRdlgXQVXziEk3YdgupcvhNZUJlgKQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMTwgeuHC9ThlG+Xgyk4RYn94DhMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvNHhQQ0I2NGNMMU9HVWI1ZURLVGhGaWYzZ09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaAoMA0G
CSqGSIb3DQEBCwUAA4IBAQClUHqgiakVU3dw28zvhcNQGD4899vi20EvaNlc/Zup
Xv1sTL0ceqYuOAfG6iQhgI+9oJUaUBgWcooCDTKv3A60dchVKL5qTLkez4VsjnYE
UlD2xtMEXRVFeo6DqqKlfp6WljSOtoQF7kLAQ/1RHJLhu8mDIrP9nIGrcpxyJtCP
9kvMzjFSR6dfbsExbGskCT4RX/IPRJdGESDEw+/hY9AfHUcQrT9l36MHB58BHidS
q22JBfz/Z7S4lRuOKCkaSrhtgA3FOO4dpFdGXkRTq5oDdcel97sPmFjeaN+sUSe7
6MS08uFRoZL0CRHnSXKb3HDZy+Ozl+gr0yglXm7eagQC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:27 2024 by rpki-client on console-ams.rpki-client.org