Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/N58MRki1D-Aw80xgxXzGmU1Rr5Q.roa
File:                     N58MRki1D-Aw80xgxXzGmU1Rr5Q.roa (raw, json)
Hash identifier:          48C5tpuZgDSWy2i1AIzyXAuxbn1S2z+FKz0CfZYoqOI=
Subject key identifier:   37:9F:0C:46:48:B5:0F:E0:30:F3:4C:60:C5:7C:C6:99:4D:51:AF:94
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018B61D8BD3936B722D5B6CC98CD9BA8024E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/N58MRki1D-Aw80xgxXzGmU1Rr5Q.roa
Signing time:             Tue 24 Oct 2023 13:21:15 +0000
ROA not before:           Tue 24 Oct 2023 13:21:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        46.249.112.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 11 Nov 2023 09:11:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:61:d8:bd:39:36:b7:22:d5:b6:cc:98:cd:9b:a8:02:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Oct 24 13:21:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=379f0c4648b50fe030f34c60c57cc6994d51af94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:1a:c7:19:8d:89:33:4a:e5:2d:db:f9:10:b0:
                    1d:e9:bd:dc:f8:51:f2:c2:3e:75:2f:97:b7:aa:5b:
                    9b:d6:e9:ab:b7:ce:8d:0d:52:a6:e7:6f:d5:b9:7c:
                    6d:4b:b7:f5:7f:02:fc:c0:17:26:97:7f:a7:72:62:
                    71:a5:97:f1:70:2d:ec:8f:bf:5a:21:9d:4a:3e:40:
                    60:70:f4:ce:41:80:a8:43:de:f5:90:3c:5f:36:b0:
                    07:44:c2:4d:08:b2:e0:1b:32:35:e2:90:b2:7e:a3:
                    4f:cd:0e:91:30:f7:93:b2:f8:4b:d0:56:6c:e1:06:
                    94:e8:1e:36:a9:24:22:a2:20:3f:8d:c9:06:b2:18:
                    5c:56:3e:59:d1:bc:f4:60:bf:f7:7c:2a:c9:13:73:
                    35:cb:2c:d0:8b:c9:51:b6:ca:8a:da:bc:cb:1c:1a:
                    7d:c2:a3:6f:68:db:78:d7:57:ac:5f:66:95:09:f7:
                    b4:21:3d:2b:93:28:b5:57:b9:0e:ef:f3:c8:78:68:
                    75:d7:30:3d:bb:56:8d:6b:47:43:8f:3d:fe:36:f7:
                    ab:68:1e:2e:c9:24:e6:ff:7b:2e:2c:ae:17:de:a5:
                    e7:e2:dd:be:d3:89:6b:e6:4b:ff:67:97:4f:3f:82:
                    ca:0c:19:14:22:a8:d2:42:27:70:d3:7b:b1:1b:e1:
                    07:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:9F:0C:46:48:B5:0F:E0:30:F3:4C:60:C5:7C:C6:99:4D:51:AF:94
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/N58MRki1D-Aw80xgxXzGmU1Rr5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.249.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b5:c1:0b:90:da:0f:f0:56:93:44:27:a3:3d:58:4d:b2:9c:cb:
         1c:6d:aa:7f:9a:79:74:95:57:62:bc:af:38:0c:91:f8:18:d3:
         1e:7f:65:21:33:03:54:0c:78:b8:e9:cd:71:0b:73:9e:82:d9:
         ea:68:7c:d1:85:35:7f:3c:b9:35:d0:90:3e:23:db:59:5c:78:
         78:15:18:66:68:e8:a0:c9:53:4e:59:38:0f:42:8f:a8:51:a6:
         3d:12:4f:00:5c:45:6f:04:82:ac:ea:21:cb:81:fd:a7:ff:f0:
         da:ec:a2:11:36:51:5b:3e:04:1a:3d:cc:45:76:79:53:36:e7:
         28:aa:1d:8a:45:a5:7e:cf:be:5b:c0:1b:1c:c8:09:60:e7:1e:
         05:6c:1e:86:3e:2d:dd:82:dd:df:7e:6d:9d:56:ff:b6:31:d6:
         fa:e6:1a:79:4d:58:ee:f4:9f:c4:62:e7:57:7c:02:22:17:be:
         92:e6:69:f0:d3:05:fb:fe:4c:06:2f:74:a6:37:58:93:f1:47:
         eb:d7:39:69:55:cc:09:ca:25:e1:39:1f:2e:a0:34:b6:d1:2d:
         5b:53:92:60:b3:aa:78:f0:37:36:df:c4:45:db:ee:c9:09:3e:
         e2:02:87:e0:e7:49:38:2b:60:9c:11:ce:34:97:3c:e8:a2:23:
         11:57:7b:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYth2L05Nrci1bbMmM2bqAJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDI0MTMyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzlmMGM0NjQ4YjUwZmUwMzBmMzRjNjBjNTdjYzY5OTRkNTFhZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRrHGY2JM0rlLdv5ELAd6b3c+FHy
wj51L5e3qlub1umrt86NDVKm52/VuXxtS7f1fwL8wBcml3+ncmJxpZfxcC3sj79a
IZ1KPkBgcPTOQYCoQ971kDxfNrAHRMJNCLLgGzI14pCyfqNPzQ6RMPeTsvhL0FZs
4QaU6B42qSQioiA/jckGshhcVj5Z0bz0YL/3fCrJE3M1yyzQi8lRtsqK2rzLHBp9
wqNvaNt411esX2aVCfe0IT0rkyi1V7kO7/PIeGh11zA9u1aNa0dDjz3+NveraB4u
ySTm/3suLK4X3qXn4t2+04lr5kv/Z5dPP4LKDBkUIqjSQidw03uxG+EH3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDefDEZItQ/gMPNMYMV8xplNUa+UMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvTjU4TVJraTFELUF3ODB4Z3hYekdtVTFScjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLvlwMA0G
CSqGSIb3DQEBCwUAA4IBAQC1wQuQ2g/wVpNEJ6M9WE2ynMscbap/mnl0lVdivK84
DJH4GNMef2UhMwNUDHi46c1xC3OegtnqaHzRhTV/PLk10JA+I9tZXHh4FRhmaOig
yVNOWTgPQo+oUaY9Ek8AXEVvBIKs6iHLgf2n//Da7KIRNlFbPgQaPcxFdnlTNuco
qh2KRaV+z75bwBscyAlg5x4FbB6GPi3dgt3ffm2dVv+2Mdb65hp5TVju9J/EYudX
fAIiF76S5mnw0wX7/kwGL3SmN1iT8Ufr1zlpVcwJyiXhOR8uoDS20S1bU5Jgs6p4
8Dc238RF2+7JCT7iAofg50k4K2CcEc40lzzooiMRV3sL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org