Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200954.roa
File:                     AS200954.roa (raw, json)
Hash identifier:          WRnQMULADlrAImJQHjsBz560tKhuXMRlkm8RfLu8/Tg=
Subject key identifier:   47:14:11:DF:5D:08:DD:FB:42:49:61:13:D1:16:D5:2B:18:40:3D:76
Certificate issuer:       /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial:       0942CFC36C926D35AF56EE3850E9F823DDC07767
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200954.roa
Signing time:             Sun 05 Nov 2023 04:07:11 +0000
ROA not before:           Sun 05 Nov 2023 04:02:11 +0000
ROA not after:            Sun 03 Nov 2024 04:07:11 +0000
asID:                     200954
IP address blocks:        2a0a:6040:e300::/40 maxlen: 48

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 10:07:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:42:cf:c3:6c:92:6d:35:af:56:ee:38:50:e9:f8:23:dd:c0:77:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
        Validity
            Not Before: Nov  5 04:02:11 2023 GMT
            Not After : Nov  3 04:07:11 2024 GMT
        Subject: CN=471411DF5D08DDFB42496113D116D52B18403D76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7e:c1:27:8e:f5:42:16:78:07:e0:72:00:cd:
                    4a:33:45:0b:5b:5b:ce:e3:0d:67:ff:80:4b:fc:ba:
                    55:8d:21:07:36:51:66:fa:ac:34:fa:4e:5d:c6:0f:
                    c5:f6:58:36:1b:b3:8d:e7:0c:31:80:23:55:af:4c:
                    f9:be:3d:e0:71:7b:ae:81:26:f8:bd:39:a6:e0:f9:
                    52:f4:c2:20:62:52:08:f1:c8:19:91:d7:7c:f7:71:
                    d3:12:eb:f4:5a:29:9c:22:d6:6f:43:bc:fd:9d:a4:
                    02:ba:58:07:f9:98:c4:ff:98:ae:a0:17:10:7e:f8:
                    7a:12:85:a0:34:67:30:0b:4a:04:6a:fd:fa:24:00:
                    f0:3b:5b:bb:89:b8:1f:5a:1f:cc:11:e6:fc:90:b3:
                    bf:5f:c6:69:b3:3d:dc:a2:26:a1:a9:f7:bc:fe:50:
                    87:9d:5b:b3:7f:8b:41:81:af:95:70:3d:33:30:0b:
                    d2:1b:1c:7b:6c:ce:93:80:1d:2d:c0:80:f4:84:6a:
                    4f:45:61:b0:65:a6:87:ff:a8:fc:f0:3f:87:dc:2e:
                    60:39:9a:4c:83:f4:f9:8d:f2:05:a1:4a:21:67:9f:
                    e6:0e:43:46:0d:21:7e:8f:cc:9e:be:ca:90:bc:35:
                    01:fe:79:48:57:f3:4d:fa:0c:c6:49:1f:fa:99:b5:
                    f4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:14:11:DF:5D:08:DD:FB:42:49:61:13:D1:16:D5:2B:18:40:3D:76
            X509v3 Authority Key Identifier:
                keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200954.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:e300::/40

    Signature Algorithm: sha256WithRSAEncryption
         81:ea:30:49:4d:45:ae:ef:0c:53:4b:71:5b:47:91:60:b3:9c:
         85:0e:e3:45:67:7a:a4:37:17:0c:3b:13:f6:f0:61:5d:0d:59:
         b5:f2:23:17:4c:38:9b:cb:45:31:02:7c:22:6e:d5:fe:79:a7:
         65:0f:1e:80:cc:0f:9d:8f:20:09:bd:ff:4f:ce:3c:3b:43:3a:
         4f:80:be:58:9c:6e:37:c6:0e:26:66:49:e6:59:12:fc:30:9c:
         60:84:c5:9b:97:6a:03:61:4f:ed:27:f2:e3:ff:ae:26:4f:3e:
         4a:54:dd:d4:3e:79:a0:ad:dd:ba:42:2d:9d:47:f3:8f:cd:d4:
         bc:d8:58:34:43:f3:5e:20:62:92:f7:4f:79:97:58:f7:ba:d3:
         1e:f2:4b:ec:76:46:12:ba:91:e3:2e:91:53:78:9e:67:c9:7a:
         a7:4e:93:2d:6f:5b:03:af:9a:a4:a8:06:9e:27:84:3a:d6:d1:
         5f:63:1a:35:75:de:ff:42:1c:74:4d:8c:62:ce:19:8e:9b:ec:
         78:fa:52:7f:e4:1b:a9:ed:0c:99:85:5e:44:d7:92:67:a4:f4:
         92:ea:57:aa:6e:b8:ac:1c:7d:0d:7e:ae:c7:11:b8:87:fa:1a:
         9b:9d:dd:0d:75:8a:ee:a2:d8:c5:dc:4b:65:18:2c:d2:34:ea:
         4b:35:cb:80
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUCULPw2ySbTWvVu44UOn4I93Ad2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yMzExMDUwNDAyMTFaFw0yNDExMDMwNDA3MTFaMDMxMTAvBgNV
BAMTKDQ3MTQxMURGNUQwOERERkI0MjQ5NjExM0QxMTZENTJCMTg0MDNENzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fsEnjvVCFngH4HIAzUozRQtb
W87jDWf/gEv8ulWNIQc2UWb6rDT6Tl3GD8X2WDYbs43nDDGAI1WvTPm+PeBxe66B
Jvi9Oabg+VL0wiBiUgjxyBmR13z3cdMS6/RaKZwi1m9DvP2dpAK6WAf5mMT/mK6g
FxB++HoShaA0ZzALSgRq/fokAPA7W7uJuB9aH8wR5vyQs79fxmmzPdyiJqGp97z+
UIedW7N/i0GBr5VwPTMwC9IbHHtszpOAHS3AgPSEak9FYbBlpof/qPzwP4fcLmA5
mkyD9PmN8gWhSiFnn+YOQ0YNIX6PzJ6+ypC8NQH+eUhX8036DMZJH/qZtfQrAgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQURxQR310I3ftCSWET0RbVKxhAPXYwHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD
MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w
L0FTMjAwOTU0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQOMwDQYJKoZIhvcNAQELBQADggEBAIHq
MElNRa7vDFNLcVtHkWCznIUO40VneqQ3Fww7E/bwYV0NWbXyIxdMOJvLRTECfCJu
1f55p2UPHoDMD52PIAm9/0/OPDtDOk+AvlicbjfGDiZmSeZZEvwwnGCExZuXagNh
T+0n8uP/riZPPkpU3dQ+eaCt3bpCLZ1H84/N1LzYWDRD814gYpL3T3mXWPe60x7y
S+x2RhK6keMukVN4nmfJeqdOky1vWwOvmqSoBp4nhDrW0V9jGjV13v9CHHRNjGLO
GY6b7Hj6Un/kG6ntDJmFXkTXkmek9JLqV6puuKwcfQ1+rscRuIf6Gpud3Q11iu6i
2MXcS2UYLNI06ks1y4A=
-----END CERTIFICATE-----
Generated at Wed Sep 11 13:24:04 2024 by rpki-client on console-ams.rpki-client.org