Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1u-PhUxozHOmoRcIZDG3jE3Bab0.roa
File:                     1u-PhUxozHOmoRcIZDG3jE3Bab0.roa (raw, json)
Hash identifier:          W9Vj/d2yoO559o2XTFN8LpUN3dVCmcgo12jGXOxAJ/o=
Subject key identifier:   D6:EF:8F:85:4C:68:CC:73:A6:A1:17:08:64:31:B7:8C:4D:C1:69:BD
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       0185727A3C8EC7B2E28B9004D580618D49D3
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1u-PhUxozHOmoRcIZDG3jE3Bab0.roa
Signing time:             Mon 02 Jan 2023 12:34:51 +0000
ROA not before:           Mon 02 Jan 2023 12:34:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     141167
IP address blocks:        82.115.22.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:7a:3c:8e:c7:b2:e2:8b:90:04:d5:80:61:8d:49:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Jan  2 12:34:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6ef8f854c68cc73a6a117086431b78c4dc169bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:18:f4:54:c0:c0:02:b6:41:1b:ae:b3:9a:21:
                    20:d0:8b:49:f6:89:e8:35:47:90:e9:c3:a8:4a:ce:
                    da:f4:89:e3:ec:92:c1:49:e9:46:34:57:54:ef:94:
                    d5:27:82:16:c2:61:d8:52:9a:e1:77:77:85:62:44:
                    20:d2:9d:9a:da:ad:b0:48:b5:67:5e:41:51:5d:6a:
                    ba:0f:7f:a8:9e:c6:9e:26:3a:67:35:ff:a2:98:f9:
                    3c:85:51:46:0d:f5:33:98:38:ae:6a:23:62:7f:97:
                    a0:31:8f:89:0d:aa:be:2e:5e:dd:74:a2:2c:67:c7:
                    65:87:f4:7d:2e:b9:cb:00:2b:bc:65:91:cf:29:19:
                    06:c8:21:b1:c1:c2:6e:68:de:2b:5d:cb:86:b9:3a:
                    53:14:a5:2c:9a:55:a1:e2:88:c6:70:df:f6:b0:50:
                    c1:96:ea:0f:06:ab:09:53:c8:a6:4d:2d:3c:04:d4:
                    5a:61:17:3f:19:e5:1c:d7:92:a3:f8:1d:ae:e0:c5:
                    2d:37:0c:59:e2:46:e8:38:4f:87:43:61:60:e1:d5:
                    59:c6:e0:bb:54:11:4f:68:f4:05:3c:0b:db:89:9a:
                    39:f9:16:60:6d:d7:1b:b1:b1:d4:73:13:f3:00:42:
                    fd:36:80:0b:08:09:72:c1:24:3d:79:6b:41:68:2d:
                    97:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:EF:8F:85:4C:68:CC:73:A6:A1:17:08:64:31:B7:8C:4D:C1:69:BD
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1u-PhUxozHOmoRcIZDG3jE3Bab0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:10:68:fe:43:b1:2a:cb:16:ca:f2:d3:6d:6d:d2:ab:00:58:
         4d:ff:99:60:4c:d3:45:20:be:c4:dd:8c:1e:7b:e0:5d:55:07:
         6b:f1:15:84:d1:de:8e:ff:7f:25:f6:04:73:3d:10:d2:c3:b5:
         2f:f3:75:3b:79:c2:5f:8f:48:25:f5:e8:5c:fd:01:a6:ec:0b:
         25:63:6c:99:b5:70:21:48:c4:95:14:99:a9:28:28:c0:c5:17:
         15:61:bb:a5:ab:39:1f:a9:59:29:67:62:c8:b1:c0:14:e3:3b:
         fc:ef:dd:32:a0:b9:92:7c:c3:2e:11:69:eb:68:32:03:da:1a:
         69:25:b8:54:04:92:a0:e9:71:3d:d5:73:1c:bc:42:2e:8c:8c:
         b1:ec:03:1f:ad:09:5c:47:67:15:2d:5c:fa:d3:57:66:b3:dc:
         aa:97:ad:bf:a8:4a:68:79:d4:04:20:31:c6:46:f8:1b:d6:55:
         41:77:a3:4d:78:9e:f7:0f:7e:3c:b5:c9:89:3d:f6:b3:d5:90:
         65:98:17:37:10:eb:5b:64:aa:fe:84:21:74:ff:9f:a9:b4:d0:
         b1:1c:c3:28:4e:33:0b:54:57:9f:e6:a1:92:38:4c:5f:5c:5e:
         51:e5:39:01:77:db:da:3c:f5:58:00:3c:70:63:94:0c:05:fd:
         3b:49:d7:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyejyOx7Lii5AE1YBhjUnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmVmOGY4NTRjNjhjYzczYTZhMTE3MDg2NDMxYjc4YzRkYzE2OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBj0VMDAArZBG66zmiEg0ItJ9ono
NUeQ6cOoSs7a9Inj7JLBSelGNFdU75TVJ4IWwmHYUprhd3eFYkQg0p2a2q2wSLVn
XkFRXWq6D3+onsaeJjpnNf+imPk8hVFGDfUzmDiuaiNif5egMY+JDaq+Ll7ddKIs
Z8dlh/R9LrnLACu8ZZHPKRkGyCGxwcJuaN4rXcuGuTpTFKUsmlWh4ojGcN/2sFDB
luoPBqsJU8imTS08BNRaYRc/GeUc15Kj+B2u4MUtNwxZ4kboOE+HQ2Fg4dVZxuC7
VBFPaPQFPAvbiZo5+RZgbdcbsbHUcxPzAEL9NoALCAlywSQ9eWtBaC2XkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbvj4VMaMxzpqEXCGQxt4xNwWm9MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMXUtUGhVeG96SE9tb1JjSVpERzNqRTNCYWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUnMWMA0G
CSqGSIb3DQEBCwUAA4IBAQCMEGj+Q7EqyxbK8tNtbdKrAFhN/5lgTNNFIL7E3Ywe
e+BdVQdr8RWE0d6O/38l9gRzPRDSw7Uv83U7ecJfj0gl9ehc/QGm7AslY2yZtXAh
SMSVFJmpKCjAxRcVYbulqzkfqVkpZ2LIscAU4zv8790yoLmSfMMuEWnraDID2hpp
JbhUBJKg6XE91XMcvEIujIyx7AMfrQlcR2cVLVz601dms9yql62/qEpoedQEIDHG
Rvgb1lVBd6NNeJ73D348tcmJPfaz1ZBlmBc3EOtbZKr+hCF0/5+ptNCxHMMoTjML
VFef5qGSOExfXF5R5TkBd9vaPPVYADxwY5QMBf07SdfA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org