Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2sifQELmCm0cHU9TK1mysvs4KZk.roa
File:                     2sifQELmCm0cHU9TK1mysvs4KZk.roa (raw, json)
Hash identifier:          YXoLdMkkyYcxA1znro9mu9CaXQz9QrWQbyP3Q0XUQi0=
Subject key identifier:   DA:C8:9F:40:42:E6:0A:6D:1C:1D:4F:53:2B:59:B2:B2:FB:38:29:99
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       0185727A440C18F188F5ED20C46B45665DFA
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2sifQELmCm0cHU9TK1mysvs4KZk.roa
Signing time:             Mon 02 Jan 2023 12:34:53 +0000
ROA not before:           Mon 02 Jan 2023 12:34:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        193.36.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:7a:44:0c:18:f1:88:f5:ed:20:c4:6b:45:66:5d:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Jan  2 12:34:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dac89f4042e60a6d1c1d4f532b59b2b2fb382999
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:25:d2:c6:b6:67:17:e3:12:a9:b7:0f:64:4c:
                    b0:b9:59:bd:63:7c:c5:b5:71:33:4b:31:55:87:a2:
                    5c:05:5c:42:f7:2b:8c:07:3f:be:e8:2e:c1:95:ac:
                    a8:73:1f:eb:66:e3:14:cd:b6:9b:14:39:c3:34:b8:
                    3d:1b:ca:3f:f0:3c:7d:1f:7a:27:99:be:bc:c5:a2:
                    58:05:cc:b7:28:6c:ba:a0:d9:22:a7:67:cb:1a:64:
                    bc:d5:f7:f7:56:73:08:22:c2:e5:a1:c6:17:e6:e2:
                    f0:b8:9a:76:32:f2:7a:08:84:ad:88:e2:3c:4b:cb:
                    94:70:f7:27:6f:b7:1a:78:9c:e8:43:7c:fd:8a:74:
                    7b:1b:ca:7c:de:80:14:dd:35:3f:32:9b:12:72:5e:
                    8c:ea:71:d8:df:8f:b2:f4:d4:0b:14:86:61:85:d5:
                    21:5e:82:31:87:04:22:fa:14:92:f1:11:7d:c5:10:
                    ae:7e:d4:35:65:a7:c7:33:b5:e2:24:03:2f:06:45:
                    d0:8a:6f:5e:84:af:7d:9a:2b:7c:5c:e6:b6:9c:e2:
                    20:e6:b7:1b:99:3b:85:c8:28:c6:39:f6:ee:62:9f:
                    ec:84:37:0a:f4:4b:d3:67:de:c4:d0:48:fb:6b:a3:
                    21:0e:b3:4d:73:68:39:11:f6:51:e9:76:5e:ff:1b:
                    50:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C8:9F:40:42:E6:0A:6D:1C:1D:4F:53:2B:59:B2:B2:FB:38:29:99
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2sifQELmCm0cHU9TK1mysvs4KZk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:4b:cd:72:58:0b:b7:5e:47:cc:fe:e2:f4:d1:cd:a5:c6:b1:
         f9:d6:7d:65:75:5f:f6:29:fb:44:4d:27:cb:53:85:ed:d4:69:
         ab:92:7c:63:b0:2c:99:bb:55:05:32:65:45:ad:61:76:5d:63:
         5c:53:bf:da:c2:8d:04:f2:1d:28:90:6b:d5:ca:e5:8f:f6:2b:
         a2:5e:11:28:86:89:7f:9a:10:73:3e:dc:c4:dd:79:68:f9:5d:
         38:43:43:5a:7f:76:cd:a0:f3:90:c2:5b:70:6b:09:6d:6e:98:
         36:22:32:bb:1d:4f:5e:13:ab:07:28:77:83:00:30:fc:a2:df:
         43:09:31:bf:d2:c1:db:9b:cd:13:0d:92:67:68:75:e6:63:04:
         a8:53:ba:c8:bb:60:08:f6:76:37:27:88:d4:e6:c1:bc:4f:23:
         93:42:bc:07:bb:03:73:8d:ed:f5:26:55:7e:7d:ac:90:ca:2a:
         41:19:29:08:71:d4:c4:55:db:5a:32:30:5e:54:13:18:70:b3:
         8b:4e:79:31:37:b6:ca:fc:4e:df:f6:88:83:28:4c:29:25:5b:
         cf:45:24:9f:e4:71:af:86:48:7a:99:cf:38:d2:00:3a:bf:84:
         a3:ab:f4:fe:e2:54:73:dd:79:4a:15:44:de:78:63:8a:7d:79:
         de:74:8a:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyekQMGPGI9e0gxGtFZl36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM4OWY0MDQyZTYwYTZkMWMxZDRmNTMyYjU5YjJiMmZiMzgyOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiXSxrZnF+MSqbcPZEywuVm9Y3zF
tXEzSzFVh6JcBVxC9yuMBz++6C7Blayocx/rZuMUzbabFDnDNLg9G8o/8Dx9H3on
mb68xaJYBcy3KGy6oNkip2fLGmS81ff3VnMIIsLlocYX5uLwuJp2MvJ6CIStiOI8
S8uUcPcnb7caeJzoQ3z9inR7G8p83oAU3TU/MpsScl6M6nHY34+y9NQLFIZhhdUh
XoIxhwQi+hSS8RF9xRCuftQ1ZafHM7XiJAMvBkXQim9ehK99mit8XOa2nOIg5rcb
mTuFyCjGOfbuYp/shDcK9EvTZ97E0Ej7a6MhDrNNc2g5EfZR6XZe/xtQ0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrIn0BC5gptHB1PUytZsrL7OCmZMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMnNpZlFFTG1DbTBjSFU5VEsxbXlzdnM0S1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSRJMA0G
CSqGSIb3DQEBCwUAA4IBAQDGS81yWAu3XkfM/uL00c2lxrH51n1ldV/2KftETSfL
U4Xt1GmrknxjsCyZu1UFMmVFrWF2XWNcU7/awo0E8h0okGvVyuWP9iuiXhEohol/
mhBzPtzE3Xlo+V04Q0Naf3bNoPOQwltwawltbpg2IjK7HU9eE6sHKHeDADD8ot9D
CTG/0sHbm80TDZJnaHXmYwSoU7rIu2AI9nY3J4jU5sG8TyOTQrwHuwNzje31JlV+
fayQyipBGSkIcdTEVdtaMjBeVBMYcLOLTnkxN7bK/E7f9oiDKEwpJVvPRSSf5HGv
hkh6mc840gA6v4Sjq/T+4lRz3XlKFUTeeGOKfXnedIqh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org