Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XYNlfOTyczgvui8GJ-CZrwFAhTM.roa
File:                     XYNlfOTyczgvui8GJ-CZrwFAhTM.roa (raw, json)
Hash identifier:          EAfMetcgrsCoFHbRC3TAmPfAUyftcF9ynZLjVRMOhcQ=
Subject key identifier:   5D:83:65:7C:E4:F2:73:38:2F:BA:2F:06:27:E0:99:AF:01:40:85:33
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       0190E45BE075F8413412B538E8E96D9A94CA
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XYNlfOTyczgvui8GJ-CZrwFAhTM.roa
Signing time:             Wed 24 Jul 2024 10:49:04 +0000
ROA not before:           Wed 24 Jul 2024 10:49:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     399114
IP address blocks:        185.80.197.0/24 maxlen: 24
                          188.253.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Oct 2024 02:21:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:e4:5b:e0:75:f8:41:34:12:b5:38:e8:e9:6d:9a:94:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Jul 24 10:49:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5d83657ce4f273382fba2f0627e099af01408533
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:98:45:65:ef:4e:71:5a:46:cf:03:39:c2:da:
                    a7:08:00:45:24:39:ef:d3:82:25:77:51:7d:f2:ac:
                    72:e6:23:63:ec:2e:fb:f1:70:28:6c:fc:5e:12:9b:
                    85:2e:c7:d9:25:3c:9a:df:a1:e2:d6:92:c1:11:76:
                    ce:e5:c2:82:02:80:e8:18:6a:4a:73:2a:72:c1:4a:
                    86:b5:40:db:f8:42:be:50:4b:58:3a:c2:2f:b1:98:
                    77:a3:d0:93:f5:4d:82:81:04:ba:40:d7:53:82:e6:
                    42:f8:5f:ad:37:90:20:6b:ff:aa:e4:2c:f8:83:a3:
                    c8:71:1b:9b:77:cc:06:9e:9a:4e:22:ac:c2:74:1f:
                    f8:d3:c3:a9:fd:e4:82:ce:d0:de:16:ae:9e:81:a2:
                    d1:96:a9:2c:26:79:30:9c:19:af:55:3a:92:0a:86:
                    9c:e4:b8:1c:b0:93:45:07:02:4b:96:ea:81:78:03:
                    43:e8:c7:34:1e:d9:8f:a8:c3:8d:ed:6d:2f:fb:e2:
                    fd:54:50:01:80:2c:9d:71:84:c8:c2:13:30:dc:87:
                    30:a9:b5:7f:1e:e6:b7:69:2a:4c:ac:80:7c:df:3c:
                    6f:31:5c:9b:1b:98:ee:92:67:90:db:49:e2:16:2d:
                    28:fc:75:01:fd:24:67:0e:69:3a:69:28:92:24:91:
                    63:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:83:65:7C:E4:F2:73:38:2F:BA:2F:06:27:E0:99:AF:01:40:85:33
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XYNlfOTyczgvui8GJ-CZrwFAhTM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.80.197.0/24
                  188.253.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:21:5c:b4:7e:da:57:51:ba:23:9a:c4:79:06:ca:47:c4:db:
         0f:e2:35:50:3d:ad:cd:b4:d4:65:3a:d2:6d:b9:eb:5d:a1:4f:
         df:91:66:71:3d:b9:12:74:be:d2:4e:86:25:c2:22:cc:7e:2b:
         6d:c1:a2:ef:ff:63:68:9c:8a:1e:5f:3b:3e:9e:1b:26:f4:33:
         5d:57:8d:82:9c:90:eb:cd:c6:c4:cf:cc:da:5d:2a:a1:7e:e3:
         ce:45:27:e6:5a:23:1d:ec:8d:75:ee:98:3e:ad:bc:62:e4:84:
         03:82:c7:67:6b:4d:13:26:3b:77:ff:16:0d:b9:40:9c:08:30:
         91:b2:fd:72:6b:c8:09:84:39:c8:af:36:fb:da:99:19:86:4e:
         6f:c4:df:42:50:f3:98:8e:b4:8b:f4:80:63:ae:a3:da:18:ec:
         a1:33:36:42:b3:9c:db:c5:8f:13:63:3c:38:94:9d:99:1b:ec:
         1e:63:5f:8e:25:38:02:0b:10:95:0e:40:38:8d:99:39:5c:dc:
         5a:7b:98:c4:b9:01:05:cf:b3:3f:51:d1:71:20:0f:29:3b:1b:
         4f:30:ba:9a:10:ee:38:fe:ec:3a:7f:10:57:84:ac:08:69:33:
         78:e9:cc:e9:13:0a:83:30:3c:2f:4c:9b:f9:56:b5:fe:30:23:
         ba:b9:e6:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDkW+B1+EE0ErU46OltmpTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNzI0MTA0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDgzNjU3Y2U0ZjI3MzM4MmZiYTJmMDYyN2UwOTlhZjAxNDA4NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJhFZe9OcVpGzwM5wtqnCABFJDnv
04Ild1F98qxy5iNj7C778XAobPxeEpuFLsfZJTya36Hi1pLBEXbO5cKCAoDoGGpK
cypywUqGtUDb+EK+UEtYOsIvsZh3o9CT9U2CgQS6QNdTguZC+F+tN5Aga/+q5Cz4
g6PIcRubd8wGnppOIqzCdB/408Op/eSCztDeFq6egaLRlqksJnkwnBmvVTqSCoac
5LgcsJNFBwJLluqBeAND6Mc0HtmPqMON7W0v++L9VFABgCydcYTIwhMw3IcwqbV/
Hua3aSpMrIB83zxvMVybG5jukmeQ20niFi0o/HUB/SRnDmk6aSiSJJFjMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF2DZXzk8nM4L7ovBifgma8BQIUzMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWFlObGZPVHljemd2dWk4R0otQ1pyd0ZBaFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVDFAwQA
vP0IMA0GCSqGSIb3DQEBCwUAA4IBAQC1IVy0ftpXUbojmsR5BspHxNsP4jVQPa3N
tNRlOtJtuetdoU/fkWZxPbkSdL7SToYlwiLMfittwaLv/2NonIoeXzs+nhsm9DNd
V42CnJDrzcbEz8zaXSqhfuPORSfmWiMd7I117pg+rbxi5IQDgsdna00TJjt3/xYN
uUCcCDCRsv1ya8gJhDnIrzb72pkZhk5vxN9CUPOYjrSL9IBjrqPaGOyhMzZCs5zb
xY8TYzw4lJ2ZG+weY1+OJTgCCxCVDkA4jZk5XNxae5jEuQEFz7M/UdFxIA8pOxtP
MLqaEO44/uw6fxBXhKwIaTN46czpEwqDMDwvTJv5VrX+MCO6ueYC
-----END CERTIFICATE-----
Generated at Mon Oct 7 06:38:32 2024 by rpki-client on console-ams.rpki-client.org