Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dccgo9qSPW-BlZmYgKtx16UcUn4.roa
File:                     dccgo9qSPW-BlZmYgKtx16UcUn4.roa (raw, json)
Hash identifier:          WhMkp0H0ext0Q852KNcwox8pMZB+p0koJxUhC5ZPstw=
Subject key identifier:   75:C7:20:A3:DA:92:3D:6F:81:95:99:98:80:AB:71:D7:A5:1C:52:7E
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018AAD58C3542DD1B8AE53B5E6734C00FCBF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dccgo9qSPW-BlZmYgKtx16UcUn4.roa
Signing time:             Tue 19 Sep 2023 12:09:50 +0000
ROA not before:           Tue 19 Sep 2023 12:09:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142019
IP address blocks:        46.249.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Sep 2023 14:47:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ad:58:c3:54:2d:d1:b8:ae:53:b5:e6:73:4c:00:fc:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Sep 19 12:09:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=75c720a3da923d6f8195999880ab71d7a51c527e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:0d:cd:9b:fd:c8:56:82:8f:75:45:41:a6:7a:
                    14:14:75:2d:a1:36:01:b1:15:2d:1b:c7:8c:ae:af:
                    ef:82:9f:66:b6:bd:f8:90:67:86:ec:71:c7:55:2e:
                    e6:fd:46:25:47:b9:0e:ba:77:d7:fc:00:df:35:26:
                    a8:f6:36:0b:85:c3:70:4a:66:48:72:bd:ed:a9:a1:
                    a4:51:36:a7:75:e6:54:67:69:28:0e:c9:77:14:7f:
                    e6:80:a5:1a:f6:07:a7:58:b7:ce:f9:f9:69:c0:e7:
                    44:46:c1:0f:b8:e9:f8:7e:3a:22:c0:30:2b:f8:09:
                    72:35:a6:84:43:27:e7:ea:c9:f6:64:a1:97:5c:1a:
                    a8:cb:e5:f1:56:e5:5b:3c:1f:63:9a:1d:bc:8d:fa:
                    b2:a1:54:a5:fe:ac:53:34:85:90:24:73:b4:6c:c6:
                    26:b2:7c:ec:19:cc:c7:b9:68:39:9a:0c:d8:33:80:
                    a7:d1:4e:ce:78:7b:97:fc:ac:7a:9a:06:f0:ba:c9:
                    ea:0c:d9:c0:92:fc:e8:a4:73:79:62:70:d0:57:17:
                    f5:8f:33:01:ee:b7:33:ed:6a:79:df:f6:f2:e9:7f:
                    13:7e:31:bd:32:b0:63:84:01:fc:25:70:22:0d:47:
                    00:56:c8:a6:e0:eb:6f:99:50:20:43:3d:81:91:c0:
                    b5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:C7:20:A3:DA:92:3D:6F:81:95:99:98:80:AB:71:D7:A5:1C:52:7E
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dccgo9qSPW-BlZmYgKtx16UcUn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.249.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:ed:f4:73:cb:94:e0:19:4e:c5:42:55:7b:7d:aa:3b:75:d2:
         60:06:8d:e0:50:fe:dc:13:f6:0e:59:44:04:81:2a:1b:60:1e:
         0c:2b:b5:6d:c5:69:7e:7e:d4:06:a5:bb:bb:f7:c2:af:1c:da:
         26:d0:41:05:d5:e7:49:c4:ef:97:92:9c:58:b9:84:d0:d5:e4:
         88:cc:dd:cf:65:f2:26:af:ad:25:34:9f:7c:61:40:bd:11:fc:
         72:0e:15:78:ce:70:85:b6:91:72:34:d7:94:aa:06:6c:86:cb:
         0a:26:66:23:d6:4d:9c:18:dc:31:a6:ad:2e:36:b0:c8:fe:ea:
         ca:c9:b9:43:6d:73:38:d8:a2:8d:75:fe:67:56:28:33:cd:8a:
         15:a2:c2:6e:76:a7:cd:8e:66:30:94:c7:a1:55:12:df:ab:01:
         5b:38:18:21:35:b3:63:f3:2f:26:60:cf:a5:96:8c:99:39:b3:
         a2:94:46:a5:6d:5f:8a:b1:1b:64:24:12:45:5b:bb:b3:5b:92:
         4f:19:34:2a:95:f6:ab:14:5f:ea:f1:9c:20:e9:44:0d:2e:4b:
         a0:71:f7:93:9b:4f:5f:e0:7f:d8:d5:c8:67:53:83:c6:68:38:
         56:cc:11:c8:36:8d:52:37:75:5f:a4:4b:e3:c9:9d:82:d9:a7:
         d5:fd:28:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqtWMNULdG4rlO15nNMAPy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwOTE5MTIwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWM3MjBhM2RhOTIzZDZmODE5NTk5OTg4MGFiNzFkN2E1MWM1MjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA3Nm/3IVoKPdUVBpnoUFHUtoTYB
sRUtG8eMrq/vgp9mtr34kGeG7HHHVS7m/UYlR7kOunfX/ADfNSao9jYLhcNwSmZI
cr3tqaGkUTandeZUZ2koDsl3FH/mgKUa9genWLfO+flpwOdERsEPuOn4fjoiwDAr
+AlyNaaEQyfn6sn2ZKGXXBqoy+XxVuVbPB9jmh28jfqyoVSl/qxTNIWQJHO0bMYm
snzsGczHuWg5mgzYM4Cn0U7OeHuX/Kx6mgbwusnqDNnAkvzopHN5YnDQVxf1jzMB
7rcz7Wp53/by6X8TfjG9MrBjhAH8JXAiDUcAVsim4OtvmVAgQz2BkcC1/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXHIKPakj1vgZWZmICrcdelHFJ+MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZGNjZ285cVNQVy1CbFptWWdLdHgxNlVjVW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvlqMA0G
CSqGSIb3DQEBCwUAA4IBAQDN7fRzy5TgGU7FQlV7fao7ddJgBo3gUP7cE/YOWUQE
gSobYB4MK7VtxWl+ftQGpbu798KvHNom0EEF1edJxO+XkpxYuYTQ1eSIzN3PZfIm
r60lNJ98YUC9EfxyDhV4znCFtpFyNNeUqgZshssKJmYj1k2cGNwxpq0uNrDI/urK
yblDbXM42KKNdf5nVigzzYoVosJudqfNjmYwlMehVRLfqwFbOBghNbNj8y8mYM+l
loyZObOilEalbV+KsRtkJBJFW7uzW5JPGTQqlfarFF/q8Zwg6UQNLkugcfeTm09f
4H/Y1chnU4PGaDhWzBHINo1SN3VfpEvjyZ2C2afV/SiY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org