Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207083.roa
File:                     AS207083.roa (raw, json)
Hash identifier:          2mgAMjN8Cy2ryxqiWlAoGafS5vHxis1a07Oi26+fjuY=
Subject key identifier:   66:FF:FC:4C:A1:37:66:79:5B:05:2F:DA:BC:64:9C:21:63:10:14:4C
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       5327FC3C30591AD92DEE87228FD5BDE9E06700DF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207083.roa
Signing time:             Tue 25 Jul 2023 11:00:10 +0000
ROA not before:           Tue 25 Jul 2023 10:55:10 +0000
ROA not after:            Tue 23 Jul 2024 11:00:10 +0000
asID:                     207083
IP address blocks:        191.101.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 10:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:27:fc:3c:30:59:1a:d9:2d:ee:87:22:8f:d5:bd:e9:e0:67:00:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Jul 25 10:55:10 2023 GMT
            Not After : Jul 23 11:00:10 2024 GMT
        Subject: CN=66FFFC4CA13766795B052FDABC649C216310144C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:7c:ed:0f:b6:6b:68:91:9c:37:3f:6a:46:1e:
                    47:ef:44:06:f4:97:5e:53:50:70:13:d5:85:53:62:
                    68:34:8f:d0:e8:68:c3:1d:33:7c:68:d4:ff:7e:c7:
                    43:20:58:e0:fd:5d:84:17:94:cf:8c:1a:f0:c6:51:
                    22:d8:21:2e:9a:d5:55:77:a5:73:dc:6b:6c:a3:a8:
                    83:3f:0f:0d:90:97:58:30:34:8e:44:bc:55:26:fc:
                    9d:96:1d:52:cf:9f:bc:cc:8a:53:cc:ee:93:eb:b7:
                    ef:28:e6:c7:be:27:04:42:d6:5a:45:da:ae:52:ed:
                    e5:aa:7f:c9:e3:6a:ac:05:24:2d:f3:95:dc:5c:bd:
                    ef:6b:6b:b4:b6:f4:e2:4a:dc:b3:30:71:01:80:09:
                    34:a0:b2:55:32:3b:58:88:10:3d:4f:a9:27:1d:65:
                    8b:6d:00:19:a8:6c:f1:c6:aa:12:f7:31:43:3d:dc:
                    7d:f4:cb:af:8b:5d:0c:8a:c8:92:ab:fc:9b:cc:60:
                    34:aa:49:8a:56:15:17:75:e4:47:76:e3:4d:c0:2f:
                    3f:fe:7b:a8:6a:9f:81:1e:04:72:6f:f0:52:24:44:
                    95:2f:7e:ee:20:fb:f5:5f:d9:a8:da:04:7a:a1:32:
                    43:39:40:ab:f3:99:ef:3c:51:b1:51:28:d3:92:eb:
                    ef:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:FF:FC:4C:A1:37:66:79:5B:05:2F:DA:BC:64:9C:21:63:10:14:4C
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207083.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.101.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:a9:92:b8:b7:2f:9a:45:9f:f9:50:b6:ad:c5:89:b1:eb:c6:
         da:59:b3:66:62:09:79:17:0a:6d:57:ec:1d:e2:5e:e9:8c:e4:
         79:46:e3:e7:c7:d9:95:3f:64:47:84:bc:cd:b0:da:18:4d:37:
         87:b0:91:10:b5:eb:d0:e0:9a:52:67:d9:61:30:8f:43:ea:63:
         4f:8e:fe:8a:3c:cd:2e:ee:ce:e4:82:36:82:10:50:d3:a3:60:
         65:a8:53:52:18:c6:1a:e6:07:1d:ff:25:6a:ec:d0:c2:48:8c:
         50:db:e9:e3:d1:b9:ba:bc:02:cf:2d:29:14:30:f7:b4:b3:2f:
         b8:06:2b:54:b2:0d:94:66:33:07:cd:23:21:6f:a6:2c:68:59:
         89:48:8d:9e:bf:f8:64:97:44:b4:bd:8c:02:52:6e:68:42:e2:
         d1:20:40:d0:dc:9c:ce:46:4c:8a:e0:9e:2a:4c:cb:08:a9:d3:
         26:9b:9d:60:5f:33:02:e2:37:6d:55:e6:5d:5a:1d:2c:93:3f:
         74:33:47:dd:15:f1:a2:ed:50:49:65:ee:15:3f:6b:34:a8:c4:
         e3:ba:0a:c6:73:fe:7d:ab:49:6d:cc:ab:34:8d:1b:48:95:b0:
         c6:a1:fb:90:56:7e:b7:a1:19:36:29:2f:6f:5d:9e:64:1d:bc:
         4d:28:e7:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUUyf8PDBZGtkt7ocij9W96eBnAN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA3MjUxMDU1MTBaFw0yNDA3MjMxMTAwMTBaMDMxMTAvBgNV
BAMTKDY2RkZGQzRDQTEzNzY2Nzk1QjA1MkZEQUJDNjQ5QzIxNjMxMDE0NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbfO0PtmtokZw3P2pGHkfvRAb0
l15TUHAT1YVTYmg0j9DoaMMdM3xo1P9+x0MgWOD9XYQXlM+MGvDGUSLYIS6a1VV3
pXPca2yjqIM/Dw2Ql1gwNI5EvFUm/J2WHVLPn7zMilPM7pPrt+8o5se+JwRC1lpF
2q5S7eWqf8njaqwFJC3zldxcve9ra7S29OJK3LMwcQGACTSgslUyO1iIED1PqScd
ZYttABmobPHGqhL3MUM93H30y6+LXQyKyJKr/JvMYDSqSYpWFRd15Ed2403ALz/+
e6hqn4EeBHJv8FIkRJUvfu4g+/Vf2ajaBHqhMkM5QKvzme88UbFRKNOS6+9NAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUZv/8TKE3ZnlbBS/avGScIWMQFEwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA3MDgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2X5
MA0GCSqGSIb3DQEBCwUAA4IBAQADqZK4ty+aRZ/5ULatxYmx68baWbNmYgl5Fwpt
V+wd4l7pjOR5RuPnx9mVP2RHhLzNsNoYTTeHsJEQtevQ4JpSZ9lhMI9D6mNPjv6K
PM0u7s7kgjaCEFDTo2BlqFNSGMYa5gcd/yVq7NDCSIxQ2+nj0bm6vALPLSkUMPe0
sy+4BitUsg2UZjMHzSMhb6YsaFmJSI2ev/hkl0S0vYwCUm5oQuLRIEDQ3JzORkyK
4J4qTMsIqdMmm51gXzMC4jdtVeZdWh0skz90M0fdFfGi7VBJZe4VP2s0qMTjugrG
c/59q0ltzKs0jRtIlbDGofuQVn63oRk2KS9vXZ5kHbxNKOdE
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:03 2024 by rpki-client on console-ams.rpki-client.org