Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/i_ypht2m6uBe-GyHvBFkW5nAAUs.roa
File:                     i_ypht2m6uBe-GyHvBFkW5nAAUs.roa (raw, json)
Hash identifier:          L7puQXaEzUEEq3ohOz1h1rqlrBzeEij5fK0Rs6eQQgw=
Subject key identifier:   8B:FC:A9:86:DD:A6:EA:E0:5E:F8:6C:87:BC:11:64:5B:99:C0:01:4B
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       0185E6AD45128A328C8D633B13532ECAC418
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/i_ypht2m6uBe-GyHvBFkW5nAAUs.roa
Signing time:             Wed 25 Jan 2023 02:06:33 +0000
ROA not before:           Wed 25 Jan 2023 02:06:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207326
IP address blocks:        46.249.112.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 07:32:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e6:ad:45:12:8a:32:8c:8d:63:3b:13:53:2e:ca:c4:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Jan 25 02:06:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8bfca986dda6eae05ef86c87bc11645b99c0014b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fa:20:69:d1:91:b4:47:e0:2a:19:01:2f:74:
                    3c:d6:88:b0:01:ad:b5:80:b2:a3:54:35:48:f0:e4:
                    6b:84:3f:6b:1f:2f:2a:cf:40:62:c9:dc:3d:df:9a:
                    d1:7c:34:32:2d:85:57:51:da:ac:02:2f:e1:5f:5e:
                    45:66:d5:89:3d:51:3a:38:6a:2b:0e:86:40:70:19:
                    f4:4f:c6:5b:bf:a4:b7:f3:d3:82:d5:ee:20:7a:f2:
                    d1:38:a4:5a:60:1c:bf:78:96:d2:20:b3:91:8d:2d:
                    31:ca:67:5a:3a:81:0a:1d:0b:b8:26:8c:66:5b:f4:
                    93:fd:ce:ae:55:7f:88:e0:5f:21:72:7a:26:a3:6f:
                    9a:72:4b:6e:be:ff:79:10:8c:58:da:8a:37:8d:c1:
                    6a:c4:5b:f2:f8:61:a0:bc:a1:13:c4:24:4b:ba:9a:
                    a0:a4:68:c0:04:a5:0e:68:70:57:38:a0:96:90:66:
                    f6:a1:d9:06:4d:d1:68:3a:23:8b:fa:6e:3e:ce:fc:
                    29:53:8a:b4:38:6d:6b:9a:4c:ed:59:57:f5:b0:16:
                    8d:62:9a:1a:51:8c:df:22:a2:66:b7:25:b3:f4:29:
                    07:bd:52:8e:a4:ce:05:5b:da:35:ea:e1:c0:3f:b3:
                    2a:e2:a0:e7:e2:23:12:fc:7d:80:93:83:3e:23:74:
                    74:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:FC:A9:86:DD:A6:EA:E0:5E:F8:6C:87:BC:11:64:5B:99:C0:01:4B
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/i_ypht2m6uBe-GyHvBFkW5nAAUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.249.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d1:b7:34:79:7c:c6:1f:9b:48:30:cd:17:d6:52:8e:42:5d:50:
         12:31:43:69:3a:39:c7:a6:b3:f0:a7:b5:98:b2:79:14:ea:d4:
         fa:1d:5d:51:32:05:20:85:e8:93:8c:88:78:fc:6e:ea:81:15:
         fa:c0:7b:92:5b:e6:5f:b5:40:ba:ef:8d:b8:b7:9a:63:c3:e1:
         91:b9:50:6f:cd:a2:0c:d4:ef:76:39:02:5b:3e:3f:e6:41:ee:
         49:a1:ae:14:5d:c8:37:11:09:c8:b3:87:2a:a6:a8:2c:05:c1:
         b3:a6:2d:9d:3f:2f:ed:48:09:3b:31:ba:bc:93:77:42:11:d8:
         11:2b:50:e6:02:e7:70:dc:d7:33:78:30:49:fb:45:fb:7c:a9:
         85:26:55:e1:36:ba:be:d4:62:98:ed:c8:22:2b:65:2e:59:13:
         a4:a9:be:19:4e:ff:4a:ad:49:4b:36:38:37:d9:aa:74:ee:43:
         f4:b4:16:f7:2b:c9:91:e8:0b:f6:dd:55:e2:db:8f:ef:5c:40:
         c3:2c:c6:f1:90:4f:c6:e3:17:7c:ec:a3:e5:02:8d:06:cc:a3:
         3b:e6:ed:a2:53:15:fc:5c:8d:3d:de:8c:ff:fc:f9:26:be:85:
         2b:7d:09:b2:b4:d0:3c:38:a4:c1:23:0e:d3:22:1d:bd:a6:49:
         6b:0b:4b:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXmrUUSijKMjWM7E1MuysQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTI1MDIwNjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmZjYTk4NmRkYTZlYWUwNWVmODZjODdiYzExNjQ1Yjk5YzAwMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfogadGRtEfgKhkBL3Q81oiwAa21
gLKjVDVI8ORrhD9rHy8qz0Biydw935rRfDQyLYVXUdqsAi/hX15FZtWJPVE6OGor
DoZAcBn0T8Zbv6S389OC1e4gevLROKRaYBy/eJbSILORjS0xymdaOoEKHQu4Joxm
W/ST/c6uVX+I4F8hcnomo2+acktuvv95EIxY2oo3jcFqxFvy+GGgvKETxCRLupqg
pGjABKUOaHBXOKCWkGb2odkGTdFoOiOL+m4+zvwpU4q0OG1rmkztWVf1sBaNYpoa
UYzfIqJmtyWz9CkHvVKOpM4FW9o16uHAP7Mq4qDn4iMS/H2Ak4M+I3R09wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIv8qYbdpurgXvhsh7wRZFuZwAFLMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvaV95cGh0Mm02dUJlLUd5SHZCRmtXNW5BQVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLvlwMA0G
CSqGSIb3DQEBCwUAA4IBAQDRtzR5fMYfm0gwzRfWUo5CXVASMUNpOjnHprPwp7WY
snkU6tT6HV1RMgUgheiTjIh4/G7qgRX6wHuSW+ZftUC67424t5pjw+GRuVBvzaIM
1O92OQJbPj/mQe5Joa4UXcg3EQnIs4cqpqgsBcGzpi2dPy/tSAk7Mbq8k3dCEdgR
K1DmAudw3NczeDBJ+0X7fKmFJlXhNrq+1GKY7cgiK2UuWROkqb4ZTv9KrUlLNjg3
2ap07kP0tBb3K8mR6Av23VXi24/vXEDDLMbxkE/G4xd87KPlAo0GzKM75u2iUxX8
XI093oz//PkmvoUrfQmytNA8OKTBIw7TIh29pklrC0t4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org