Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dSGb15I54ccUXypqDnmvjs4gPEI.roa
File:                     dSGb15I54ccUXypqDnmvjs4gPEI.roa (raw, json)
Hash identifier:          y35to5YW0xWFtfaBcfV7PFrLld0aJhRG0nT3O5ZsyWY=
Subject key identifier:   75:21:9B:D7:92:39:E1:C7:14:5F:2A:6A:0E:79:AF:8E:CE:20:3C:42
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0191B12A922E71012BE26E883D81735F43EC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dSGb15I54ccUXypqDnmvjs4gPEI.roa
Signing time:             Mon 02 Sep 2024 05:17:22 +0000
ROA not before:           Mon 02 Sep 2024 05:17:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205007
IP address blocks:        193.108.115.0/24 maxlen: 24
                          194.87.43.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 04 Sep 2024 15:12:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:b1:2a:92:2e:71:01:2b:e2:6e:88:3d:81:73:5f:43:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep  2 05:17:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=75219bd79239e1c7145f2a6a0e79af8ece203c42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5d:29:37:fe:80:c7:31:1b:0d:3a:41:b2:7a:
                    76:d1:a1:de:34:cc:ea:5a:19:f7:57:d2:5a:2b:a8:
                    31:85:50:ba:a6:1b:46:25:be:c6:f6:6a:ea:85:f2:
                    86:6a:68:c1:5a:d6:60:90:8c:9a:ee:e6:ce:7c:f7:
                    8b:87:64:49:fa:60:c2:78:9f:a0:96:7e:44:07:0e:
                    53:8c:a2:0f:2b:bb:49:dd:3d:32:dc:b3:0e:82:6f:
                    ef:de:ef:68:6f:97:16:fd:8e:a2:a7:da:f8:07:8e:
                    4e:7a:b8:cd:09:88:d6:1d:36:89:cd:fd:0a:3e:08:
                    be:2b:99:c7:99:b6:54:b1:d4:4e:8a:d4:f8:d7:b8:
                    52:ce:91:52:ba:61:27:e3:2b:c8:f3:1a:a7:2b:fd:
                    47:31:fc:1e:98:1a:e9:55:15:e1:77:20:48:00:d6:
                    ec:2b:7b:af:c3:72:ed:ad:d9:3b:45:6e:3d:16:96:
                    17:c5:0e:62:4a:c5:c4:ae:cd:e4:aa:1a:3f:30:fd:
                    52:4a:8c:41:c9:73:0c:bf:21:4f:aa:ac:11:61:08:
                    1f:ef:70:92:4b:e6:fa:99:98:4a:c7:6c:d8:79:bf:
                    6a:bd:f7:25:06:c8:13:9b:58:90:9e:fc:53:72:49:
                    9c:2a:74:c8:3a:1f:ac:eb:08:3a:dc:6f:36:85:54:
                    fc:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:21:9B:D7:92:39:E1:C7:14:5F:2A:6A:0E:79:AF:8E:CE:20:3C:42
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dSGb15I54ccUXypqDnmvjs4gPEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.115.0/24
                  194.87.43.0/24
                  194.87.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:28:02:ee:dc:14:59:58:9a:6f:86:76:46:aa:00:5d:b9:71:
         8f:a0:ab:9e:bb:a9:e9:0c:a5:e7:76:0e:82:5e:52:78:a3:2e:
         b1:94:b1:77:a3:28:60:b0:f1:06:93:3a:6c:53:e2:c9:20:1c:
         e1:74:36:84:cf:a4:27:48:29:47:b4:c1:fd:d0:cd:c7:21:f9:
         50:3e:5a:32:82:1c:33:2e:dc:10:04:34:85:e0:d6:cf:c0:e8:
         89:f3:0b:a9:c8:2f:f4:52:ac:8e:2e:58:76:11:1b:fe:13:9b:
         ca:1d:82:e7:75:c2:98:b0:da:90:6b:76:3b:4a:e9:1e:b4:dd:
         5c:a0:e5:a4:60:8b:cc:ee:5e:df:7d:16:43:4f:5b:b8:fd:5e:
         5b:cd:07:48:de:ba:92:39:bb:8d:60:c1:db:e5:7e:78:75:5e:
         8a:d5:71:36:ad:47:07:91:8a:46:4a:9f:eb:a8:a8:03:99:c9:
         0f:98:12:02:2e:5a:e1:13:89:f2:89:a5:dd:aa:c4:7d:4d:b1:
         69:2f:32:75:90:ba:4c:76:ca:e2:67:db:91:1d:af:94:ec:b2:
         7b:27:6e:d3:f3:2d:74:8a:e4:36:60:31:bd:b2:5c:d7:1d:26:
         51:c6:6d:40:ac:19:a3:7d:26:80:54:fd:bf:47:a7:68:c8:1e:
         5d:1d:d0:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGxKpIucQEr4m6IPYFzX0PsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTAyMDUxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTIxOWJkNzkyMzllMWM3MTQ1ZjJhNmEwZTc5YWY4ZWNlMjAzYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV0pN/6AxzEbDTpBsnp20aHeNMzq
Whn3V9JaK6gxhVC6phtGJb7G9mrqhfKGamjBWtZgkIya7ubOfPeLh2RJ+mDCeJ+g
ln5EBw5TjKIPK7tJ3T0y3LMOgm/v3u9ob5cW/Y6ip9r4B45OerjNCYjWHTaJzf0K
Pgi+K5nHmbZUsdROitT417hSzpFSumEn4yvI8xqnK/1HMfwemBrpVRXhdyBIANbs
K3uvw3Ltrdk7RW49FpYXxQ5iSsXErs3kqho/MP1SSoxByXMMvyFPqqwRYQgf73CS
S+b6mZhKx2zYeb9qvfclBsgTm1iQnvxTckmcKnTIOh+s6wg63G82hVT8EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHUhm9eSOeHHFF8qag55r47OIDxCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZFNHYjE1STU0Y2NVWHlwcURubXZqczRnUEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwWxzAwQA
wlcrAwQAwlfwMA0GCSqGSIb3DQEBCwUAA4IBAQBGKALu3BRZWJpvhnZGqgBduXGP
oKueu6npDKXndg6CXlJ4oy6xlLF3oyhgsPEGkzpsU+LJIBzhdDaEz6QnSClHtMH9
0M3HIflQPloyghwzLtwQBDSF4NbPwOiJ8wupyC/0UqyOLlh2ERv+E5vKHYLndcKY
sNqQa3Y7SuketN1coOWkYIvM7l7ffRZDT1u4/V5bzQdI3rqSObuNYMHb5X54dV6K
1XE2rUcHkYpGSp/rqKgDmckPmBICLlrhE4nyiaXdqsR9TbFpLzJ1kLpMdsriZ9uR
Ha+U7LJ7J27T8y10iuQ2YDG9slzXHSZRxm1ArBmjfSaAVP2/R6doyB5dHdD9
-----END CERTIFICATE-----
Generated at Wed Sep 4 16:54:14 2024 by rpki-client on console-fra.rpki-client.org