Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-toSafpP-p6scPSYS1nnjOkfUpw.roa
File:                     1-toSafpP-p6scPSYS1nnjOkfUpw.roa (raw, json)
Hash identifier:          +cQqE8TpsTb4DOFOeUXCexxIwanRgjKA/Rbv8VrTktE=
Subject key identifier:   FA:DA:12:69:FA:4F:FA:9E:AC:70:F4:98:4B:59:E7:8C:E9:1F:52:9C
Certificate issuer:       /CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Certificate serial:       01856BD37B3DB6ACF7ECA65ACB7A33C59D90
Authority key identifier: CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-toSafpP-p6scPSYS1nnjOkfUpw.roa
Signing time:             Sun 01 Jan 2023 05:34:59 +0000
ROA not before:           Sun 01 Jan 2023 05:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        51.149.8.0/24 maxlen: 24
                          51.149.14.0/24 maxlen: 24
                          51.149.252.0/24 maxlen: 24
                          51.149.250.0/24 maxlen: 24
                          51.149.251.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:d3:7b:3d:b6:ac:f7:ec:a6:5a:cb:7a:33:c5:9d:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
        Validity
            Not Before: Jan  1 05:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fada1269fa4ffa9eac70f4984b59e78ce91f529c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:89:42:34:9a:67:47:50:89:36:89:95:53:e7:
                    95:d5:d4:1e:6d:6d:c6:71:30:31:f3:ae:80:3d:dd:
                    e5:9e:ea:c4:c0:08:b8:f0:df:75:3e:24:ba:c6:ad:
                    86:a9:10:b4:31:72:f9:7e:75:5b:66:ef:ff:8c:9a:
                    2a:37:ee:5a:d2:30:c5:67:b1:b4:49:33:62:4e:8c:
                    d9:1c:13:4e:73:5a:75:01:34:1d:b3:a0:5d:48:a4:
                    8a:65:60:c1:fb:f5:70:ce:e2:00:12:22:99:60:98:
                    47:4d:44:c8:ba:a6:82:d1:49:a6:3b:52:10:65:a9:
                    cd:96:6c:b2:a5:bb:03:76:c1:bf:6f:75:5d:c9:01:
                    27:25:59:32:eb:4d:84:46:9f:f6:e7:5b:92:a3:e5:
                    ae:93:b8:a7:af:3a:d1:52:6d:75:ba:68:cf:ed:76:
                    63:fd:2d:ee:2c:5f:12:a2:6e:fb:c1:2b:45:57:39:
                    2f:04:ab:eb:1f:93:32:dc:25:25:46:be:c6:7d:fe:
                    c7:40:f1:a3:67:e2:34:77:59:d0:c0:b4:a3:3b:c9:
                    69:df:d3:3b:fe:a1:59:2a:e8:a8:0a:92:1c:46:34:
                    ff:d4:03:42:25:08:2d:87:7c:a7:fe:d9:79:1d:b5:
                    70:56:a4:a8:da:0c:f3:64:06:1f:57:18:67:2c:4a:
                    6c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:DA:12:69:FA:4F:FA:9E:AC:70:F4:98:4B:59:E7:8C:E9:1F:52:9C
            X509v3 Authority Key Identifier:
                keyid:CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-toSafpP-p6scPSYS1nnjOkfUpw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  51.149.8.0/24
                  51.149.14.0/24
                  51.149.250.0-51.149.252.255

    Signature Algorithm: sha256WithRSAEncryption
         85:f3:a0:6c:8c:63:27:48:2a:f8:d9:16:c7:8d:f1:26:18:8c:
         75:82:fa:22:8d:16:06:73:53:77:99:71:aa:b5:93:87:19:54:
         50:a7:c7:e6:f6:f1:db:37:af:8c:12:06:8b:a9:40:c0:7d:59:
         53:02:a3:fe:42:a3:c0:47:80:20:09:ec:19:20:1c:ab:87:aa:
         d0:14:b0:3d:ed:3e:d0:7c:70:10:5b:19:77:ac:4c:1a:4b:a6:
         59:70:91:d4:90:91:ef:d6:11:a2:58:a8:ea:cd:47:fa:93:82:
         39:da:92:de:02:e4:7d:53:64:83:eb:d2:08:8e:2f:6d:c2:13:
         48:d4:68:47:63:c2:cc:63:6d:37:bf:af:7e:83:5c:50:93:8f:
         23:30:c4:dd:24:4d:7e:2f:39:73:84:fa:54:3c:e5:ad:4d:06:
         24:c9:31:33:c3:2c:f4:f9:2e:c9:78:b2:d8:69:19:b0:d7:da:
         b4:64:ab:eb:02:91:f9:e4:cc:41:d9:3d:53:e6:74:25:d5:10:
         11:cd:1e:15:9b:eb:cf:99:d7:2d:d3:dd:ba:a1:2f:0f:f2:ab:
         6d:61:db:38:15:34:43:3d:44:66:6c:3a:6d:8f:90:57:d6:93:
         c0:80:61:d5:bd:91:20:74:1b:4c:9b:c6:39:6a:46:1c:64:bc:
         40:4c:1a:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVr03s9tqz37KZay3ozxZ2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDJkODAwZGM2YzMzYjY5ZmE0NzI5MWUyZjE1YjMzNWVh
MzYwMGYwHhcNMjMwMTAxMDUzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRhMTI2OWZhNGZmYTllYWM3MGY0OTg0YjU5ZTc4Y2U5MWY1MjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIlCNJpnR1CJNomVU+eV1dQebW3G
cTAx866APd3lnurEwAi48N91PiS6xq2GqRC0MXL5fnVbZu//jJoqN+5a0jDFZ7G0
STNiTozZHBNOc1p1ATQds6BdSKSKZWDB+/VwzuIAEiKZYJhHTUTIuqaC0UmmO1IQ
ZanNlmyypbsDdsG/b3VdyQEnJVky602ERp/251uSo+Wuk7inrzrRUm11umjP7XZj
/S3uLF8Som77wStFVzkvBKvrH5My3CUlRr7Gff7HQPGjZ+I0d1nQwLSjO8lp39M7
/qFZKuioCpIcRjT/1ANCJQgth3yn/tl5HbVwVqSo2gzzZAYfVxhnLEpscQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPraEmn6T/qerHD0mEtZ54zpH1KcMB8GA1UdIwQY
MBaAFM7S2ADcbDO2n6RykeLxWzNeo2APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYt
ZWQ0ZjA2NDNiZjI1LzEvMS10b1NhZnBQLXA2c2NQU1lTMW5uak9rZlVwdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmIvZjg4ODU3LWNjMDUtNGJkYi05MWU2LWVkNGYwNjQzYmYy
NS8xL3p0TFlBTnhzTTdhZnBIS1I0dkZiTTE2allBOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEADOVCAME
ADOVDjAMAwQBM5X6AwQAM5X8MA0GCSqGSIb3DQEBCwUAA4IBAQCF86BsjGMnSCr4
2RbHjfEmGIx1gvoijRYGc1N3mXGqtZOHGVRQp8fm9vHbN6+MEgaLqUDAfVlTAqP+
QqPAR4AgCewZIByrh6rQFLA97T7QfHAQWxl3rEwaS6ZZcJHUkJHv1hGiWKjqzUf6
k4I52pLeAuR9U2SD69IIji9twhNI1GhHY8LMY203v69+g1xQk48jMMTdJE1+Lzlz
hPpUPOWtTQYkyTEzwyz0+S7JeLLYaRmw19q0ZKvrApH55MxB2T1T5nQl1RARzR4V
m+vPmdct0926oS8P8qttYds4FTRDPURmbDptj5BX1pPAgGHVvZEgdBtMm8Y5akYc
ZLxATBpI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:04 2024 by rpki-client on console-ams.rpki-client.org