Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/HQSoim5IaGEivhf7QlWieafFXkY.roa
File:                     HQSoim5IaGEivhf7QlWieafFXkY.roa (raw, json)
Hash identifier:          lRFlq5TrDHOJH/XVIOvSxYM0n0lkSDRcAteoiUIVXNg=
Subject key identifier:   1D:04:A8:8A:6E:48:68:61:22:BE:17:FB:42:55:A2:79:A7:C5:5E:46
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018C38EFE50CFAB2A0C41286BEB817D6E003
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/HQSoim5IaGEivhf7QlWieafFXkY.roa
Signing time:             Tue 05 Dec 2023 07:44:55 +0000
ROA not before:           Tue 05 Dec 2023 07:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200296
IP address blocks:        91.247.177.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:38:ef:e5:0c:fa:b2:a0:c4:12:86:be:b8:17:d6:e0:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Dec  5 07:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1d04a88a6e48686122be17fb4255a279a7c55e46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:74:63:7f:75:20:ed:1a:cc:18:79:12:fd:e2:
                    76:a2:4c:5a:32:52:b4:23:93:9a:aa:bf:58:2b:68:
                    47:3c:5a:3e:11:84:bc:56:67:33:80:46:3b:94:d4:
                    71:a7:16:bc:61:1e:66:f4:f2:3a:dd:10:93:bc:7c:
                    f5:bd:45:0f:93:ed:29:7a:60:36:65:4d:3a:84:85:
                    1a:51:06:00:b6:28:09:67:88:d6:f7:23:be:48:a7:
                    43:3c:59:33:9f:cf:74:56:11:41:e3:17:f8:dc:27:
                    3e:b4:02:de:fe:54:29:a2:58:e5:cb:6d:2b:1d:66:
                    9d:4d:6e:57:72:da:56:07:0f:0d:bb:72:d5:34:21:
                    85:59:58:c0:cc:84:f7:8f:b6:09:95:b7:ee:1d:86:
                    2b:6f:86:af:7b:2c:34:85:14:89:56:56:c4:9e:03:
                    fe:c9:23:7d:0a:83:74:c6:be:43:3b:01:f1:c2:44:
                    0e:31:60:14:e5:3a:40:5e:e1:0d:34:16:ea:e5:c5:
                    7b:91:0a:d7:0b:c3:14:89:f2:ec:a8:74:61:26:89:
                    45:5b:82:01:82:99:fa:ac:9f:62:93:b3:fb:da:42:
                    82:2d:ee:61:fd:b1:8d:5d:b5:1e:51:c8:1a:af:89:
                    b5:af:96:33:32:80:bb:a7:a9:61:35:07:40:c7:0e:
                    90:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:04:A8:8A:6E:48:68:61:22:BE:17:FB:42:55:A2:79:A7:C5:5E:46
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/HQSoim5IaGEivhf7QlWieafFXkY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.247.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:5d:4c:b2:e4:d4:d1:12:fa:ad:3f:75:ea:36:cf:e1:63:65:
         61:cf:4a:e5:cb:1a:e5:7a:39:65:4b:69:66:b3:6d:07:11:32:
         5e:da:2e:96:9c:ce:f8:93:9a:9e:8c:5f:25:b2:f1:b7:28:79:
         40:b7:31:33:b7:a5:a2:af:e0:60:73:47:00:cb:d3:e3:43:63:
         c5:1c:58:dc:92:5b:c0:b4:21:34:c9:7d:11:b8:8d:bc:f2:2d:
         40:ef:9e:94:75:b1:7e:76:b0:87:68:c9:2d:c1:91:b0:dc:91:
         46:72:0e:ae:8b:1e:cb:5b:0c:36:a2:ac:e9:2b:1a:23:02:83:
         59:9b:b0:61:9e:b2:53:01:4e:55:37:e4:27:72:ac:ad:7e:92:
         66:1d:aa:0c:cb:72:0e:36:d6:ff:7f:1d:ac:6f:bd:c1:8e:e8:
         6b:21:4f:66:53:1d:c9:57:d2:d3:0d:8c:58:53:bc:82:d6:2a:
         5b:35:a0:fd:b8:6c:e4:ef:27:cf:7f:0c:da:73:f7:56:00:02:
         3a:fb:de:72:6b:92:0d:4b:ca:e3:e9:f2:25:bc:32:63:35:de:
         10:bb:2f:9f:e0:6c:47:5f:c4:15:a8:2e:62:21:c0:ca:31:d1:
         55:14:1e:f1:e2:c7:a0:11:2b:2b:73:e3:94:f1:28:94:a6:3c:
         13:6f:d0:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw47+UM+rKgxBKGvrgX1uADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMjA1MDc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDA0YTg4YTZlNDg2ODYxMjJiZTE3ZmI0MjU1YTI3OWE3YzU1ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHRjf3Ug7RrMGHkS/eJ2okxaMlK0
I5Oaqr9YK2hHPFo+EYS8VmczgEY7lNRxpxa8YR5m9PI63RCTvHz1vUUPk+0pemA2
ZU06hIUaUQYAtigJZ4jW9yO+SKdDPFkzn890VhFB4xf43Cc+tALe/lQpoljly20r
HWadTW5XctpWBw8Nu3LVNCGFWVjAzIT3j7YJlbfuHYYrb4aveyw0hRSJVlbEngP+
ySN9CoN0xr5DOwHxwkQOMWAU5TpAXuENNBbq5cV7kQrXC8MUifLsqHRhJolFW4IB
gpn6rJ9ik7P72kKCLe5h/bGNXbUeUcgar4m1r5YzMoC7p6lhNQdAxw6Q1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0EqIpuSGhhIr4X+0JVonmnxV5GMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSFFTb2ltNUlhR0VpdmhmN1FsV2llYWZGWGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/exMA0G
CSqGSIb3DQEBCwUAA4IBAQDNXUyy5NTREvqtP3XqNs/hY2Vhz0rlyxrlejllS2lm
s20HETJe2i6WnM74k5qejF8lsvG3KHlAtzEzt6Wir+Bgc0cAy9PjQ2PFHFjcklvA
tCE0yX0RuI288i1A756UdbF+drCHaMktwZGw3JFGcg6uix7LWww2oqzpKxojAoNZ
m7BhnrJTAU5VN+QncqytfpJmHaoMy3IONtb/fx2sb73BjuhrIU9mUx3JV9LTDYxY
U7yC1ipbNaD9uGzk7yfPfwzac/dWAAI6+95ya5INS8rj6fIlvDJjNd4Quy+f4GxH
X8QVqC5iIcDKMdFVFB7x4segESsrc+OU8SiUpjwTb9Dg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org