Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/xdzJJ25B-EWZO2fu0VfI85IVHPc.roa
File:                     xdzJJ25B-EWZO2fu0VfI85IVHPc.roa (raw, json)
Hash identifier:          Xuy52diQgWt6C9d7hblae4rvGvN16eXKD5hIEXGsylc=
Subject key identifier:   C5:DC:C9:27:6E:41:F8:45:99:3B:67:EE:D1:57:C8:F3:92:15:1C:F7
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       01856B5327346A868CE91D75AD6A50ECAEFA
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/xdzJJ25B-EWZO2fu0VfI85IVHPc.roa
Signing time:             Sun 01 Jan 2023 03:14:49 +0000
ROA not before:           Sun 01 Jan 2023 03:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35773
IP address blocks:        109.160.112.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:53:27:34:6a:86:8c:e9:1d:75:ad:6a:50:ec:ae:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Jan  1 03:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c5dcc9276e41f845993b67eed157c8f392151cf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:61:21:0c:b3:ec:31:89:5e:5b:f8:9c:8d:f2:
                    ed:ee:4a:7d:61:78:2a:28:58:09:29:0a:72:53:1a:
                    c6:04:70:dd:ea:36:06:88:a9:b6:0d:d0:24:56:b0:
                    b1:d5:f6:f5:d2:2f:7e:52:39:c6:8f:1c:2a:16:eb:
                    5a:84:60:5d:3c:c7:7e:19:8c:5d:64:e8:6c:2f:ff:
                    52:96:76:f7:3f:ee:a8:f1:3c:83:90:00:92:33:e5:
                    50:99:68:fc:4e:45:13:b4:9d:0b:f2:fa:23:17:81:
                    91:2b:1f:c0:69:c9:7f:4f:5c:cb:eb:80:1b:0a:b1:
                    81:bd:cb:16:51:63:7f:b5:7e:2d:3f:45:68:53:ae:
                    e2:7e:93:04:58:d4:98:c7:35:33:55:c9:9a:75:96:
                    5e:12:81:c9:c4:f9:d9:b9:55:bf:3b:91:da:4d:f1:
                    9c:d9:27:48:ea:f8:6d:f3:fc:bf:28:40:27:d6:a4:
                    1b:df:71:0c:1c:a3:d1:c0:b8:88:2d:65:62:66:f6:
                    b0:e8:4f:19:27:52:27:ac:5a:91:cd:c5:80:47:25:
                    ea:d2:52:ec:41:3a:c9:41:99:c4:67:4d:2c:09:56:
                    77:7c:8b:92:79:26:6f:54:98:03:a5:ff:e6:07:fc:
                    a5:8f:74:06:ea:fc:9d:00:bc:d2:21:2a:28:53:90:
                    8d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:DC:C9:27:6E:41:F8:45:99:3B:67:EE:D1:57:C8:F3:92:15:1C:F7
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/xdzJJ25B-EWZO2fu0VfI85IVHPc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.160.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:6d:c7:15:46:b1:e8:54:a8:27:eb:3a:92:df:54:ce:26:9d:
         f4:04:5f:5a:e7:c2:ca:e6:ed:6c:79:7f:9b:91:8e:47:6c:3a:
         8c:51:da:a6:a6:a7:77:45:73:c5:67:c7:21:fa:5a:71:61:92:
         dc:c0:91:60:09:1b:96:eb:eb:e0:c4:e6:5a:8e:ca:d1:d6:bf:
         77:c6:cd:03:2e:6d:19:7e:de:17:e0:0f:86:96:1f:2d:2f:19:
         3f:e0:46:5e:99:95:33:c0:b6:c3:a9:b0:ce:5e:28:05:bd:93:
         fb:47:90:2f:2f:31:34:79:ef:56:b1:aa:7d:83:a0:6c:3a:b4:
         46:f6:b3:bf:fc:a6:23:bd:26:dc:0b:0c:86:1d:c8:a5:0d:5f:
         b2:2c:e9:47:50:6d:8d:18:3a:1d:f7:22:b8:03:ce:31:b5:de:
         98:aa:22:58:3b:06:10:b7:54:29:e8:4c:86:92:3f:c4:59:76:
         e7:98:2e:3a:1b:56:24:67:a5:0f:d1:5d:6f:18:fa:41:43:b9:
         b6:f2:0b:13:8e:ea:9d:2c:5d:b4:5a:c7:ab:fa:02:60:18:3c:
         58:9c:b2:af:b9:b4:9d:7a:d5:d4:c1:42:e6:84:db:ee:19:db:
         b3:79:78:60:1d:25:9f:67:c4:eb:4d:99:01:0e:47:1e:19:ed:
         2d:1b:b0:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrUyc0aoaM6R11rWpQ7K76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwMTAxMDMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRjYzkyNzZlNDFmODQ1OTkzYjY3ZWVkMTU3YzhmMzkyMTUxY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGEhDLPsMYleW/icjfLt7kp9YXgq
KFgJKQpyUxrGBHDd6jYGiKm2DdAkVrCx1fb10i9+UjnGjxwqFutahGBdPMd+GYxd
ZOhsL/9Slnb3P+6o8TyDkACSM+VQmWj8TkUTtJ0L8vojF4GRKx/Aacl/T1zL64Ab
CrGBvcsWUWN/tX4tP0VoU67ifpMEWNSYxzUzVcmadZZeEoHJxPnZuVW/O5HaTfGc
2SdI6vht8/y/KEAn1qQb33EMHKPRwLiILWViZvaw6E8ZJ1InrFqRzcWARyXq0lLs
QTrJQZnEZ00sCVZ3fIuSeSZvVJgDpf/mB/ylj3QG6vydALzSISooU5CN4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXcySduQfhFmTtn7tFXyPOSFRz3MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEveGR6SkoyNUItRVdaTzJmdTBWZkk4NUlWSFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaBwMA0G
CSqGSIb3DQEBCwUAA4IBAQARbccVRrHoVKgn6zqS31TOJp30BF9a58LK5u1seX+b
kY5HbDqMUdqmpqd3RXPFZ8ch+lpxYZLcwJFgCRuW6+vgxOZajsrR1r93xs0DLm0Z
ft4X4A+Glh8tLxk/4EZemZUzwLbDqbDOXigFvZP7R5AvLzE0ee9Wsap9g6BsOrRG
9rO//KYjvSbcCwyGHcilDV+yLOlHUG2NGDod9yK4A84xtd6YqiJYOwYQt1Qp6EyG
kj/EWXbnmC46G1YkZ6UP0V1vGPpBQ7m28gsTjuqdLF20Wser+gJgGDxYnLKvubSd
etXUwULmhNvuGduzeXhgHSWfZ8TrTZkBDkceGe0tG7Ck
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:14 2024 by rpki-client on console-fra.rpki-client.org