Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ihazjpGW5C879LlGqVQ1991yRPM.roa
File:                     ihazjpGW5C879LlGqVQ1991yRPM.roa (raw, json)
Hash identifier:          w28HuJna9hOB/PG7cFWXc23fdyw2GPstHRLpOe9GTWE=
Subject key identifier:   8A:16:B3:8E:91:96:E4:2F:3B:F4:B9:46:A9:54:35:F7:DD:72:44:F3
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B1F641B5CD4DCCA6BBA1DA21CAAAD5384
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ihazjpGW5C879LlGqVQ1991yRPM.roa
Signing time:             Wed 11 Oct 2023 15:38:56 +0000
ROA not before:           Wed 11 Oct 2023 15:38:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216394
IP address blocks:        194.87.130.0/24 maxlen: 24
                          194.87.27.0/24 maxlen: 24
                          212.192.222.0/24 maxlen: 24
                          195.133.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Oct 2023 11:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1f:64:1b:5c:d4:dc:ca:6b:ba:1d:a2:1c:aa:ad:53:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 11 15:38:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8a16b38e9196e42f3bf4b946a95435f7dd7244f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ce:31:f0:a9:d4:eb:a5:48:c8:40:cd:20:f2:
                    b8:23:0b:21:1c:03:59:d5:99:80:14:04:29:0c:e6:
                    1e:e7:ea:e0:1d:ec:06:f9:3a:ea:ae:9b:3d:b2:07:
                    0d:b5:19:98:83:90:2c:5f:12:31:5e:45:42:23:48:
                    eb:02:d3:6a:7d:eb:7b:b1:b6:f1:c6:35:d8:de:60:
                    ff:35:c4:4a:53:b1:b1:13:a3:7b:05:a0:57:72:95:
                    3e:f2:ae:89:df:e9:4a:ba:72:ec:c9:00:35:41:6c:
                    d8:19:76:65:18:e1:a2:bc:b6:34:5f:bd:94:89:58:
                    82:85:6f:a1:b2:1e:92:45:43:ea:6d:e9:5b:b2:08:
                    d5:36:92:5a:b6:4a:5f:c4:d3:8c:8c:f6:38:f3:ba:
                    1f:0e:ab:e6:fb:79:47:9e:35:ab:6a:d4:ec:7c:d2:
                    9c:9b:43:b8:7f:5a:8c:08:04:44:dd:af:03:4d:71:
                    85:17:94:6c:b0:d6:7d:d3:bb:f7:ed:cf:c6:b9:c9:
                    40:f8:2e:0f:c0:d5:9d:a1:84:e6:d1:b8:b8:5e:bf:
                    c5:96:74:91:75:75:1e:ea:e0:61:56:f6:fa:fc:10:
                    41:67:e7:63:24:16:3b:28:60:5a:24:23:38:85:d4:
                    c6:01:9e:a0:84:8b:71:ae:27:f0:f7:f3:12:e2:b6:
                    f1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:16:B3:8E:91:96:E4:2F:3B:F4:B9:46:A9:54:35:F7:DD:72:44:F3
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ihazjpGW5C879LlGqVQ1991yRPM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.27.0/24
                  194.87.130.0/24
                  195.133.43.0/24
                  212.192.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:1f:0b:47:33:0a:7f:6a:86:2b:77:f7:d9:32:e9:8a:9d:39:
         c7:06:2a:44:29:3c:ad:21:76:dd:66:84:e3:84:ff:e1:0f:6a:
         55:5a:e1:ba:dd:e2:e1:58:93:18:aa:b8:c3:f7:ed:a0:1a:75:
         c4:54:f9:b0:2d:86:9c:dd:b6:04:9f:1d:e6:0b:5d:2f:8e:3c:
         58:d1:a7:17:58:eb:79:8e:c7:77:2f:45:9c:dd:92:e0:19:76:
         00:99:53:5c:2b:ba:c4:4a:05:ea:d1:24:ac:76:c9:7b:ac:47:
         45:ef:a9:0a:a4:10:9a:1b:ba:97:40:6f:9a:68:1a:ef:fc:a9:
         6b:97:95:65:e2:17:5a:71:71:33:36:1a:31:b9:b3:8b:89:8c:
         7f:e7:3e:98:f4:70:32:c3:0a:25:b6:6e:24:32:8e:2a:d6:b0:
         37:bb:38:bd:01:59:6b:75:f3:cb:29:d4:eb:1e:72:35:30:73:
         5a:63:d1:34:38:58:32:c0:f7:7e:bf:66:34:69:e2:7e:f4:0e:
         ac:97:9e:d5:31:05:13:36:07:68:bd:97:77:05:36:16:6c:9a:
         8e:88:49:cd:27:38:2e:2a:2c:d2:ae:80:61:70:18:11:87:59:
         cc:c4:59:1c:25:49:b3:55:27:da:c6:81:89:61:33:9b:86:9a:
         c5:98:a6:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsfZBtc1NzKa7odohyqrVOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDExMTUzODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE2YjM4ZTkxOTZlNDJmM2JmNGI5NDZhOTU0MzVmN2RkNzI0NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws4x8KnU66VIyEDNIPK4IwshHANZ
1ZmAFAQpDOYe5+rgHewG+Trqrps9sgcNtRmYg5AsXxIxXkVCI0jrAtNqfet7sbbx
xjXY3mD/NcRKU7GxE6N7BaBXcpU+8q6J3+lKunLsyQA1QWzYGXZlGOGivLY0X72U
iViChW+hsh6SRUPqbelbsgjVNpJatkpfxNOMjPY487ofDqvm+3lHnjWratTsfNKc
m0O4f1qMCARE3a8DTXGFF5RssNZ907v37c/GuclA+C4PwNWdoYTm0bi4Xr/FlnSR
dXUe6uBhVvb6/BBBZ+djJBY7KGBaJCM4hdTGAZ6ghItxrifw9/MS4rbx9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIoWs46RluQvO/S5RqlUNffdckTzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaWhhempwR1c1Qzg3OUxsR3FWUTE5OTF5UlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlcbAwQA
wleCAwQAw4UrAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQCEHwtHMwp/aoYrd/fZ
MumKnTnHBipEKTytIXbdZoTjhP/hD2pVWuG63eLhWJMYqrjD9+2gGnXEVPmwLYac
3bYEnx3mC10vjjxY0acXWOt5jsd3L0Wc3ZLgGXYAmVNcK7rESgXq0SSsdsl7rEdF
76kKpBCaG7qXQG+aaBrv/Klrl5Vl4hdacXEzNhoxubOLiYx/5z6Y9HAywwoltm4k
Mo4q1rA3uzi9AVlrdfPLKdTrHnI1MHNaY9E0OFgywPd+v2Y0aeJ+9A6sl57VMQUT
NgdovZd3BTYWbJqOiEnNJzguKizSroBhcBgRh1nMxFkcJUmzVSfaxoGJYTObhprF
mKag
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org