Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lxvvPefYziimQI6jWK3AB4QGnT0.roa
File:                     lxvvPefYziimQI6jWK3AB4QGnT0.roa (raw, json)
Hash identifier:          3ZgNAC/3H3NhJ34CIZYrDUYmr914l/VEry/AHGgZ0/I=
Subject key identifier:   97:1B:EF:3D:E7:D8:CE:28:A6:40:8E:A3:58:AD:C0:07:84:06:9D:3D
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018680EACF1BD0AB12449B59DBBCC37E83F8
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lxvvPefYziimQI6jWK3AB4QGnT0.roa
Signing time:             Fri 24 Feb 2023 00:55:17 +0000
ROA not before:           Fri 24 Feb 2023 00:55:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39521
IP address blocks:        188.253.8.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Feb 2023 12:25:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:80:ea:cf:1b:d0:ab:12:44:9b:59:db:bc:c3:7e:83:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Feb 24 00:55:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=971bef3de7d8ce28a6408ea358adc00784069d3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9e:cb:6f:0d:e9:a2:ee:aa:58:4a:ee:fb:1b:
                    ac:79:5c:2b:9f:58:1a:d8:f6:a4:2a:bb:38:75:e3:
                    fb:36:8c:a7:0a:4b:a8:b2:ac:02:cd:50:ed:94:11:
                    40:45:93:39:79:0e:31:b5:d5:46:69:15:38:15:9f:
                    39:23:79:af:65:5d:9a:95:37:b3:7c:ac:e6:4f:8a:
                    38:2e:12:fd:f1:c1:f4:8d:a1:2d:88:45:3f:c7:74:
                    db:73:63:10:af:7c:7a:22:51:ba:71:a5:2f:8d:ac:
                    51:82:f4:9f:ed:05:fe:88:82:6f:32:23:4c:5c:a7:
                    48:e6:ce:3c:2d:de:0e:b3:fb:aa:19:8c:fa:25:92:
                    c2:05:59:d1:55:9e:a2:68:fe:78:90:db:19:ef:c6:
                    a7:8e:67:5e:0b:e7:67:2c:e7:01:96:19:a5:f9:85:
                    4c:08:ff:01:62:46:23:5e:5c:57:3e:23:07:41:b3:
                    b2:49:1b:d9:cb:c8:f4:d0:c1:bf:f5:91:65:2a:08:
                    85:62:8c:7b:01:d3:e5:b9:14:af:9a:57:dc:9a:b3:
                    3c:57:1e:f6:59:fa:22:a0:de:fc:07:d2:cb:79:43:
                    1a:b0:ac:f2:63:9c:d2:10:8d:3d:bd:93:24:89:3a:
                    ce:1d:5c:5b:60:57:dc:85:8d:46:84:89:2a:f4:25:
                    e5:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:1B:EF:3D:E7:D8:CE:28:A6:40:8E:A3:58:AD:C0:07:84:06:9D:3D
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lxvvPefYziimQI6jWK3AB4QGnT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.253.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         32:3e:70:ab:1f:ab:65:6b:18:2a:76:33:27:37:f1:a8:c3:28:
         55:1b:e3:39:87:1b:36:1b:2b:88:23:2a:ca:bd:a5:42:20:72:
         aa:0f:e8:ac:f7:a9:87:b3:bf:9b:2b:a5:e3:2b:af:c6:d8:92:
         b8:c2:02:29:a6:00:f6:ba:ed:14:21:f1:de:01:17:03:05:5f:
         1c:23:33:6c:e3:5d:fa:7d:f0:6e:6e:29:fd:c7:fc:de:68:32:
         d1:90:a3:29:0f:f8:72:5b:6a:a3:d9:9d:7c:c4:b3:7e:45:38:
         c4:c7:24:f4:94:f3:18:1b:60:d2:6b:9e:c6:4f:5c:70:48:4b:
         17:eb:0d:26:77:5d:ee:72:0c:f4:93:af:dc:ad:ac:1f:ea:4e:
         25:89:f3:96:14:34:10:2c:68:6d:39:62:3b:51:ab:cc:14:24:
         bc:21:ee:61:f3:2c:7d:cb:cc:ad:58:fe:e9:54:8c:ec:8c:54:
         f5:5b:1c:80:2a:31:12:cf:7e:e5:aa:79:2a:80:71:b3:17:ec:
         b3:97:7c:3e:b3:46:34:30:fc:9b:b4:2a:5d:ca:5c:52:9a:cc:
         05:98:fa:6d:e2:d1:9d:4b:40:c8:06:94:41:dc:b4:eb:7c:d6:
         73:22:72:ec:55:a7:7e:87:e9:be:02:5a:fc:fb:e1:aa:1c:9c:
         5b:5d:e6:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaA6s8b0KsSRJtZ27zDfoP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMjI0MDA1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzFiZWYzZGU3ZDhjZTI4YTY0MDhlYTM1OGFkYzAwNzg0MDY5ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ7Lbw3pou6qWEru+xuseVwrn1ga
2PakKrs4deP7NoynCkuosqwCzVDtlBFARZM5eQ4xtdVGaRU4FZ85I3mvZV2alTez
fKzmT4o4LhL98cH0jaEtiEU/x3Tbc2MQr3x6IlG6caUvjaxRgvSf7QX+iIJvMiNM
XKdI5s48Ld4Os/uqGYz6JZLCBVnRVZ6iaP54kNsZ78anjmdeC+dnLOcBlhml+YVM
CP8BYkYjXlxXPiMHQbOySRvZy8j00MG/9ZFlKgiFYox7AdPluRSvmlfcmrM8Vx72
WfoioN78B9LLeUMasKzyY5zSEI09vZMkiTrOHVxbYFfchY1GhIkq9CXlDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcb7z3n2M4opkCOo1itwAeEBp09MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbHh2dlBlZll6aWltUUk2aldLM0FCNFFHblQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvP0IMA0G
CSqGSIb3DQEBCwUAA4IBAQAyPnCrH6tlaxgqdjMnN/GowyhVG+M5hxs2GyuIIyrK
vaVCIHKqD+is96mHs7+bK6XjK6/G2JK4wgIppgD2uu0UIfHeARcDBV8cIzNs4136
ffBubin9x/zeaDLRkKMpD/hyW2qj2Z18xLN+RTjExyT0lPMYG2DSa57GT1xwSEsX
6w0md13ucgz0k6/crawf6k4lifOWFDQQLGhtOWI7UavMFCS8Ie5h8yx9y8ytWP7p
VIzsjFT1WxyAKjESz37lqnkqgHGzF+yzl3w+s0Y0MPybtCpdylxSmswFmPpt4tGd
S0DIBpRB3LTrfNZzInLsVad+h+m+Alr8++GqHJxbXeYE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org