Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rsiJeGllN5mR4Gb49YLjCWUBCnw.roa
File:                     rsiJeGllN5mR4Gb49YLjCWUBCnw.roa (raw, json)
Hash identifier:          P2UkkoqtNYs1YyUWoSe6/LiW88DH/Vs3hxs1nnP9wrY=
Subject key identifier:   AE:C8:89:78:69:65:37:99:91:E0:66:F8:F5:82:E3:09:65:01:0A:7C
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018DAC55D276A564DC95810CE842D4B11DA7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rsiJeGllN5mR4Gb49YLjCWUBCnw.roa
Signing time:             Thu 15 Feb 2024 10:35:21 +0000
ROA not before:           Thu 15 Feb 2024 10:35:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49581
IP address blocks:        2a00:1c88::/29 maxlen: 29
                          2a01:57c0::/29 maxlen: 29
                          2a03:3ae0::/29 maxlen: 29
                          2a07:e4c0::/29 maxlen: 29
                          2a0c:ff40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 16 Feb 2024 12:11:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ac:55:d2:76:a5:64:dc:95:81:0c:e8:42:d4:b1:1d:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Feb 15 10:35:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=aec889786965379991e066f8f582e30965010a7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:64:3c:2d:49:de:10:17:9a:46:e0:d6:b1:08:
                    cb:8c:d8:39:5a:70:87:f1:7a:65:c3:2e:c3:98:66:
                    fc:11:30:06:cb:98:26:61:bf:9b:fd:41:f7:1f:3d:
                    a9:95:64:87:37:1a:60:81:3b:89:56:14:14:81:b3:
                    ea:cb:a6:16:96:20:32:cb:9f:d6:42:b0:20:43:bd:
                    23:3f:8c:04:dc:34:da:2c:ee:cb:4f:d2:78:eb:61:
                    98:02:53:92:c2:e7:9c:2c:d9:3c:1e:40:5d:42:ac:
                    c1:bb:4a:58:d2:d0:3b:2c:9a:b7:8b:e0:9d:2c:d7:
                    b7:a2:e5:6d:6a:3b:81:a5:45:69:89:87:c1:0e:f0:
                    15:11:bf:1d:12:9e:e6:a9:ff:fb:dc:5e:94:cf:5b:
                    ec:5c:1d:a4:15:fc:0b:9e:9c:31:22:83:48:72:ee:
                    89:2b:d8:85:c0:a1:cd:10:42:1e:92:e4:63:6d:0b:
                    af:1b:6b:25:09:bb:55:ca:3f:76:da:e8:69:0c:95:
                    88:40:25:89:a9:0d:8d:f9:0a:bc:eb:49:41:62:93:
                    4b:d7:9f:c5:a5:4f:60:58:ea:ce:27:46:44:86:72:
                    c5:04:4d:d6:7b:70:e4:fa:25:8e:47:3b:bf:bb:49:
                    5d:15:17:db:67:b2:08:a1:f6:5e:67:51:61:7b:a4:
                    e9:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:C8:89:78:69:65:37:99:91:E0:66:F8:F5:82:E3:09:65:01:0A:7C
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rsiJeGllN5mR4Gb49YLjCWUBCnw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:1c88::/29
                  2a01:57c0::/29
                  2a03:3ae0::/29
                  2a07:e4c0::/29
                  2a0c:ff40::/29

    Signature Algorithm: sha256WithRSAEncryption
         29:67:05:f2:d5:fc:ac:72:35:5e:63:8e:d1:bc:4f:4f:a1:73:
         24:6d:95:ba:0c:4e:60:0a:c8:b0:07:9e:d8:4b:0b:41:ca:9e:
         a4:72:65:bd:63:3f:22:b8:10:15:54:33:06:53:3b:f1:62:33:
         9f:10:e6:1e:67:6c:81:57:39:6b:36:b0:92:65:68:e2:a6:69:
         95:b7:fb:e1:74:58:fe:bd:35:e5:6b:82:2d:f8:f1:95:0d:23:
         64:7a:7f:35:c6:ba:ab:13:1e:73:6d:7a:51:d4:83:26:36:ae:
         55:ab:5c:f0:c3:76:ce:bf:0b:57:56:b6:31:65:e1:ea:ae:d3:
         06:98:4d:f6:95:7a:b5:86:17:3d:50:2c:05:43:49:e3:4f:e4:
         0f:cb:96:14:09:08:3e:a9:f5:28:e1:b0:ca:4e:5f:f9:70:35:
         7d:61:92:4c:92:a1:97:2f:2b:6a:01:f1:00:9c:5b:f7:01:f0:
         9a:e0:2c:59:8a:30:62:e1:a7:ce:f1:55:bd:dd:cd:c0:b6:7d:
         db:1b:77:27:d6:09:bd:db:ec:99:3c:c8:f0:12:e1:1a:c7:db:
         fc:b3:fd:5b:03:39:c2:77:29:cf:a1:75:fd:e3:30:a1:29:f5:
         1f:9a:52:24:be:9f:d1:94:3f:af:1c:a9:09:ae:f0:79:be:c7:
         b2:77:f3:5f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY2sVdJ2pWTclYEM6ELUsR2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjE1MTAzNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM4ODk3ODY5NjUzNzk5OTFlMDY2ZjhmNTgyZTMwOTY1MDEwYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGQ8LUneEBeaRuDWsQjLjNg5WnCH
8Xplwy7DmGb8ETAGy5gmYb+b/UH3Hz2plWSHNxpggTuJVhQUgbPqy6YWliAyy5/W
QrAgQ70jP4wE3DTaLO7LT9J462GYAlOSwuecLNk8HkBdQqzBu0pY0tA7LJq3i+Cd
LNe3ouVtajuBpUVpiYfBDvAVEb8dEp7mqf/73F6Uz1vsXB2kFfwLnpwxIoNIcu6J
K9iFwKHNEEIekuRjbQuvG2slCbtVyj922uhpDJWIQCWJqQ2N+Qq860lBYpNL15/F
pU9gWOrOJ0ZEhnLFBE3We3Dk+iWORzu/u0ldFRfbZ7IIofZeZ1Fhe6TpLwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFK7IiXhpZTeZkeBm+PWC4wllAQp8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcnNpSmVHbGxONW1SNEdiNDlZTGpDV1VCQ253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgAciAMF
AyoBV8ADBQMqAzrgAwUDKgfkwAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBACln
BfLV/KxyNV5jjtG8T0+hcyRtlboMTmAKyLAHnthLC0HKnqRyZb1jPyK4EBVUMwZT
O/FiM58Q5h5nbIFXOWs2sJJlaOKmaZW3++F0WP69NeVrgi348ZUNI2R6fzXGuqsT
HnNtelHUgyY2rlWrXPDDds6/C1dWtjFl4equ0waYTfaVerWGFz1QLAVDSeNP5A/L
lhQJCD6p9SjhsMpOX/lwNX1hkkySoZcvK2oB8QCcW/cB8JrgLFmKMGLhp87xVb3d
zcC2fdsbdyfWCb3b7Jk8yPAS4RrH2/yz/VsDOcJ3Kc+hdf3jMKEp9R+aUiS+n9GU
P68cqQmu8Hm+x7J3818=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org