Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sMCB0-DrLXvXUaJs9E358Y6tjxs.roa
File:                     sMCB0-DrLXvXUaJs9E358Y6tjxs.roa (raw, json)
Hash identifier:          U0/r/T+tvlptDI+BJ815dMbJPc9MVSg0i48YhkqqN5Q=
Subject key identifier:   B0:C0:81:D3:E0:EB:2D:7B:D7:51:A2:6C:F4:4D:F9:F1:8E:AD:8F:1B
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018871888463BCF1FF02D664351D35E865E4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sMCB0-DrLXvXUaJs9E358Y6tjxs.roa
Signing time:             Wed 31 May 2023 11:19:12 +0000
ROA not before:           Wed 31 May 2023 11:19:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43072
IP address blocks:        194.135.18.0/24 maxlen: 24
                          193.124.44.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 13:27:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:71:88:84:63:bc:f1:ff:02:d6:64:35:1d:35:e8:65:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 31 11:19:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0c081d3e0eb2d7bd751a26cf44df9f18ead8f1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f9:b1:35:2b:ef:c0:23:18:e5:f2:cb:28:52:
                    98:08:41:d1:6a:88:4f:05:a7:08:a4:18:ed:01:88:
                    13:30:bf:8b:98:8a:11:10:a4:65:04:13:c6:0e:1f:
                    1c:93:6d:8f:4d:97:99:85:63:ac:14:ab:b9:95:d4:
                    0a:10:d0:bd:d7:3c:67:91:23:64:ad:f6:d5:c8:fa:
                    f2:08:9c:29:bb:8c:5a:a4:3c:a5:ce:15:47:54:c6:
                    fe:32:d6:dd:86:21:08:67:cf:c3:e9:69:5f:0e:55:
                    27:b8:e1:08:8e:fe:36:22:1b:f3:e6:52:16:8c:b0:
                    fa:56:2c:8a:d4:07:15:76:88:f0:26:6a:b4:d7:13:
                    a5:3a:a3:6b:25:a3:5c:a6:c7:aa:cf:dd:71:67:ee:
                    98:1c:c1:8b:94:9f:60:17:43:98:79:ee:e9:8c:8b:
                    ea:07:d2:9d:b9:24:28:44:d9:2a:09:15:44:bb:e2:
                    b9:3b:94:48:23:29:66:d9:27:20:d4:06:09:b8:d1:
                    fd:45:1c:d8:7c:9f:8a:19:f7:cb:12:16:00:41:e0:
                    ca:c0:b0:b8:4d:fc:73:37:5c:f8:d6:0c:ac:f4:52:
                    ef:c8:fa:08:86:d1:42:0c:78:f2:95:14:8e:ed:2a:
                    ee:01:e8:2d:63:44:39:c5:f6:d8:4d:90:69:52:c7:
                    34:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:C0:81:D3:E0:EB:2D:7B:D7:51:A2:6C:F4:4D:F9:F1:8E:AD:8F:1B
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sMCB0-DrLXvXUaJs9E358Y6tjxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.44.0/24
                  194.135.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:8c:69:f3:56:a0:76:22:58:47:ba:7e:d4:83:c8:87:37:75:
         10:27:3b:95:fd:ad:ee:b4:10:b3:67:20:d5:f9:49:24:f8:8d:
         7c:2b:a3:3c:73:3f:9c:aa:cb:af:a8:52:15:9a:5e:06:fd:14:
         ac:bd:6f:dd:2a:51:21:76:de:f4:74:35:ef:5b:75:09:03:1d:
         c9:64:53:cb:a7:9a:4d:84:c3:e2:84:fe:00:3d:40:7d:56:45:
         b3:d9:07:7d:eb:2f:e6:47:69:c2:fc:7c:3a:6f:e5:81:9e:1e:
         ae:6d:9b:df:13:a3:2c:9a:5d:dc:a4:f8:ff:0e:65:08:fa:33:
         2b:19:d4:53:37:ea:d1:bb:85:52:6f:c4:46:01:2b:7b:2c:08:
         43:5c:00:88:48:da:99:0a:25:32:44:ca:9e:13:3c:f9:9e:b9:
         7b:5d:cb:24:31:52:52:36:01:e0:29:29:f1:49:7f:3d:a2:8c:
         43:0b:d2:67:89:3c:b4:d0:ca:1f:d6:90:02:00:80:9e:19:c2:
         63:fd:3f:90:6d:de:3b:ec:36:87:33:fb:bb:9c:74:97:da:79:
         0a:46:53:4e:f2:a1:b7:0b:b5:ce:40:2c:c5:e8:ca:32:d6:94:
         c1:77:75:4a:69:4e:f3:a7:c5:14:9a:cf:c7:87:3c:34:ea:20:
         18:c3:e3:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhxiIRjvPH/AtZkNR016GXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTMxMTExOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGMwODFkM2UwZWIyZDdiZDc1MWEyNmNmNDRkZjlmMThlYWQ4ZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPmxNSvvwCMY5fLLKFKYCEHRaohP
BacIpBjtAYgTML+LmIoREKRlBBPGDh8ck22PTZeZhWOsFKu5ldQKENC91zxnkSNk
rfbVyPryCJwpu4xapDylzhVHVMb+MtbdhiEIZ8/D6WlfDlUnuOEIjv42Ihvz5lIW
jLD6ViyK1AcVdojwJmq01xOlOqNrJaNcpseqz91xZ+6YHMGLlJ9gF0OYee7pjIvq
B9KduSQoRNkqCRVEu+K5O5RIIylm2Scg1AYJuNH9RRzYfJ+KGffLEhYAQeDKwLC4
TfxzN1z41gys9FLvyPoIhtFCDHjylRSO7SruAegtY0Q5xfbYTZBpUsc0QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLDAgdPg6y1711GibPRN+fGOrY8bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc01DQjAtRHJMWHZYVWFKczlFMzU4WTZ0anhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXwsAwQA
wocSMA0GCSqGSIb3DQEBCwUAA4IBAQAUjGnzVqB2IlhHun7Ug8iHN3UQJzuV/a3u
tBCzZyDV+Ukk+I18K6M8cz+cqsuvqFIVml4G/RSsvW/dKlEhdt70dDXvW3UJAx3J
ZFPLp5pNhMPihP4APUB9VkWz2Qd96y/mR2nC/Hw6b+WBnh6ubZvfE6Msml3cpPj/
DmUI+jMrGdRTN+rRu4VSb8RGASt7LAhDXACISNqZCiUyRMqeEzz5nrl7XcskMVJS
NgHgKSnxSX89ooxDC9JniTy00Mof1pACAICeGcJj/T+Qbd477DaHM/u7nHSX2nkK
RlNO8qG3C7XOQCzF6Moy1pTBd3VKaU7zp8UUms/Hhzw06iAYw+MX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org