Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Rkd171ZwEbjRYhX86uEkCL4_yU8.roa
File:                     Rkd171ZwEbjRYhX86uEkCL4_yU8.roa (raw, json)
Hash identifier:          U/Qe4TD9TfGcWkjjSm0wyesUqpS641b+H+cFo6TpBbM=
Subject key identifier:   46:47:75:EF:56:70:11:B8:D1:62:15:FC:EA:E1:24:08:BE:3F:C9:4F
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018752532A709BA115A25B34B78AC44F42E5
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Rkd171ZwEbjRYhX86uEkCL4_yU8.roa
Signing time:             Wed 05 Apr 2023 16:49:54 +0000
ROA not before:           Wed 05 Apr 2023 16:49:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60808
IP address blocks:        188.253.96.0/19 maxlen: 24
                          185.215.246.0/24 maxlen: 24
                          2a05:ec80::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 05:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:52:53:2a:70:9b:a1:15:a2:5b:34:b7:8a:c4:4f:42:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Apr  5 16:49:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=464775ef567011b8d16215fceae12408be3fc94f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:1b:9e:08:2a:92:71:b5:de:55:08:4e:f8:7d:
                    c2:ec:30:04:c3:f7:18:5f:2f:49:e6:a4:2b:d3:b5:
                    cc:22:3f:c9:23:26:4e:a0:09:b9:63:2f:01:b5:1d:
                    ab:96:ee:1f:fe:3d:69:17:89:2f:db:92:4e:17:8e:
                    48:a2:f5:10:e4:cc:6f:0f:b4:84:9a:fa:c6:a2:db:
                    af:2b:4a:7e:0e:38:22:dc:0a:e8:73:7a:26:bc:af:
                    04:3b:80:c6:0d:02:5d:ae:1c:67:e6:6a:3c:f4:f1:
                    ce:58:35:4b:36:b9:49:00:e1:f6:f8:57:2d:2b:2d:
                    00:e2:b9:a7:24:54:97:14:32:ab:7a:50:61:df:c2:
                    44:2e:1c:75:a2:42:cb:52:37:d1:9a:5c:8b:4b:43:
                    f2:1e:63:79:70:15:a0:43:ac:8f:72:d7:1d:fb:97:
                    98:4f:61:57:10:c2:20:9f:3b:db:e6:50:51:b5:b3:
                    ab:6a:23:53:f2:43:87:9b:26:c1:00:39:8b:7c:90:
                    ef:df:93:5f:a5:d4:68:9c:a1:f8:10:2d:e4:07:58:
                    e2:7c:ec:80:ca:04:4f:5e:65:2f:e6:2b:b1:e4:73:
                    46:7d:8f:a7:71:22:c0:09:a1:47:4e:72:de:60:a5:
                    08:ca:c5:89:f1:f5:f3:02:54:90:dd:f5:93:a7:5c:
                    c9:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:47:75:EF:56:70:11:B8:D1:62:15:FC:EA:E1:24:08:BE:3F:C9:4F
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Rkd171ZwEbjRYhX86uEkCL4_yU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.215.246.0/24
                  188.253.96.0/19
                IPv6:
                  2a05:ec80::/29

    Signature Algorithm: sha256WithRSAEncryption
         9c:1e:ef:a6:0d:28:38:44:d9:6b:e1:ca:ce:67:30:ed:a2:84:
         74:d4:b4:41:1d:83:26:23:08:c6:c6:8b:78:33:c1:41:bc:c2:
         94:66:86:01:27:ee:99:c1:16:1c:7b:5d:3d:6c:e0:7e:7c:55:
         64:5b:7c:f0:a5:9a:71:ee:26:d6:16:1c:ca:2a:de:5c:bb:c5:
         91:6e:08:71:0b:99:78:7c:70:4a:56:bc:9c:d2:66:e9:c5:9b:
         a0:1d:d2:7f:db:f8:59:3b:5d:1f:8e:14:ff:ec:49:cb:9b:70:
         0c:e1:34:42:26:9d:6e:35:2c:65:0c:3b:ca:f0:6e:15:7d:49:
         ca:af:06:ea:ba:82:8d:95:6a:7c:b8:21:6b:43:6b:5c:af:13:
         d0:ed:bd:4f:a3:2d:5b:96:49:da:dc:45:f8:6b:94:38:e8:2c:
         6d:c1:1c:d0:03:20:3f:0b:f2:63:53:67:08:c0:b6:7f:4c:3c:
         4d:d3:dd:06:86:58:75:aa:07:f0:6d:24:18:96:12:0d:0a:fb:
         fc:a2:88:42:a5:0f:46:ab:ed:3f:12:9a:ac:19:bb:02:73:30:
         00:92:3f:2f:7c:80:44:34:f2:56:a8:69:d0:b1:b1:b4:7e:78:
         fc:f3:c5:53:98:28:05:7b:47:de:88:67:b0:bc:5e:3b:6f:ba:
         25:00:b0:ba
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYdSUypwm6EVols0t4rET0LlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNDA1MTY0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjQ3NzVlZjU2NzAxMWI4ZDE2MjE1ZmNlYWUxMjQwOGJlM2ZjOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBueCCqScbXeVQhO+H3C7DAEw/cY
Xy9J5qQr07XMIj/JIyZOoAm5Yy8BtR2rlu4f/j1pF4kv25JOF45IovUQ5MxvD7SE
mvrGotuvK0p+Djgi3Aroc3omvK8EO4DGDQJdrhxn5mo89PHOWDVLNrlJAOH2+Fct
Ky0A4rmnJFSXFDKrelBh38JELhx1okLLUjfRmlyLS0PyHmN5cBWgQ6yPctcd+5eY
T2FXEMIgnzvb5lBRtbOraiNT8kOHmybBADmLfJDv35NfpdRonKH4EC3kB1jifOyA
ygRPXmUv5iux5HNGfY+ncSLACaFHTnLeYKUIysWJ8fXzAlSQ3fWTp1zJ3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEZHde9WcBG40WIV/OrhJAi+P8lPMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvUmtkMTcxWndFYmpSWWhYODZ1RWtDTDRfeVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAudf2AwQF
vP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IBAQCcHu+mDSg4RNlr
4crOZzDtooR01LRBHYMmIwjGxot4M8FBvMKUZoYBJ+6ZwRYce109bOB+fFVkW3zw
pZpx7ibWFhzKKt5cu8WRbghxC5l4fHBKVryc0mbpxZugHdJ/2/hZO10fjhT/7EnL
m3AM4TRCJp1uNSxlDDvK8G4VfUnKrwbquoKNlWp8uCFrQ2tcrxPQ7b1Poy1blkna
3EX4a5Q46CxtwRzQAyA/C/JjU2cIwLZ/TDxN090Ghlh1qgfwbSQYlhINCvv8oohC
pQ9Gq+0/EpqsGbsCczAAkj8vfIBENPJWqGnQsbG0fnj888VTmCgFe0feiGewvF47
b7olALC6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org