Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P4b5Q268MRSC1BKUt6_Sh0_Kdd4.roa
File:                     P4b5Q268MRSC1BKUt6_Sh0_Kdd4.roa (raw, json)
Hash identifier:          JhOCL79167U771Lu0jb/tiNZiFRC/favmcCMoZN2VhI=
Subject key identifier:   3F:86:F9:43:6E:BC:31:14:82:D4:12:94:B7:AF:D2:87:4F:CA:75:DE
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018921A1FA67BB72F441C3CE60B138CB5840
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P4b5Q268MRSC1BKUt6_Sh0_Kdd4.roa
Signing time:             Tue 04 Jul 2023 16:00:10 +0000
ROA not before:           Tue 04 Jul 2023 16:00:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199340
IP address blocks:        2a0c:9a40:8c70::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:21:a1:fa:67:bb:72:f4:41:c3:ce:60:b1:38:cb:58:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jul  4 16:00:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f86f9436ebc311482d41294b7afd2874fca75de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ff:35:55:64:82:dd:3e:e9:8d:ae:14:56:68:
                    45:27:1d:fc:6e:38:34:6c:c5:49:ae:5b:91:95:61:
                    09:24:7d:95:d2:e2:27:1c:0a:67:6a:3d:d4:d0:a1:
                    a2:d8:70:4b:0a:2a:c5:c5:4e:f9:38:ff:20:78:85:
                    96:90:fc:1a:7e:21:27:fc:2a:7a:dd:83:fc:70:d1:
                    d1:59:db:02:e6:e2:33:ce:e0:3e:96:ca:2b:58:df:
                    61:dd:82:7c:63:e5:23:5f:91:32:d1:11:21:8d:21:
                    7b:47:2f:9c:62:6a:d5:6d:8e:db:8b:2f:09:9d:95:
                    e6:02:fd:60:2f:21:de:eb:a2:db:03:6b:a9:00:f8:
                    ba:9f:6a:78:c2:cb:ff:8a:2b:e7:71:d1:9b:80:3a:
                    b9:bf:5e:2c:34:65:77:88:c6:96:4e:bd:34:81:1a:
                    50:e5:5c:b4:a1:a7:3e:ed:c5:fe:22:24:8c:c5:d2:
                    e1:04:e1:74:37:92:ba:dc:b4:9f:76:45:10:36:85:
                    da:3d:8d:2f:38:a0:d6:c0:61:d8:10:aa:0f:3d:46:
                    6a:ac:66:a2:04:f9:33:42:ba:89:96:10:48:d6:7f:
                    9e:44:4c:a1:5e:a6:d5:fb:46:bf:b7:e7:ba:22:49:
                    a1:2d:51:9c:0f:79:b7:81:01:c5:0c:da:a1:72:33:
                    b9:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:86:F9:43:6E:BC:31:14:82:D4:12:94:B7:AF:D2:87:4F:CA:75:DE
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P4b5Q268MRSC1BKUt6_Sh0_Kdd4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8c70::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:1c:29:4a:5f:cd:eb:f9:63:d2:08:dc:19:ba:bb:c4:cc:29:
         bb:dd:a1:4a:a0:bc:36:bf:7b:73:e0:f9:5d:5b:b2:6f:dd:b0:
         7a:7c:d7:be:ec:05:69:a9:f0:dc:87:56:a9:f0:18:6c:b8:ed:
         39:6b:00:5c:c6:6b:21:35:5a:00:9d:7f:2a:89:7f:00:f6:42:
         f9:52:94:4e:02:72:7a:b4:17:4c:c3:d2:d3:b0:19:e7:8f:e7:
         91:86:86:cb:ca:fd:eb:17:68:f3:d8:bb:a5:b6:40:e1:b5:bc:
         fa:1b:a1:eb:f6:be:99:4e:33:66:56:9b:c4:26:10:45:2a:c0:
         10:61:04:0b:2a:9f:37:ce:8e:f5:e5:ec:f2:2c:a6:b5:21:0c:
         c4:b5:46:7a:57:8c:c4:b1:9e:5f:15:06:39:f1:15:57:ae:63:
         12:e2:14:ff:38:76:e2:e0:66:cf:4b:d7:97:ce:c7:a6:4a:ae:
         a4:e8:53:48:1f:ab:63:f3:57:b9:b1:05:ba:c0:7d:ec:94:a3:
         5b:d3:d8:bf:97:87:00:a2:6a:80:37:6f:68:81:25:af:34:b8:
         3a:64:b4:c0:d3:b8:35:de:c1:35:52:ea:b6:f9:dc:cf:5b:dd:
         f8:67:63:be:ef:7f:89:f1:e7:cb:65:f1:69:10:0c:c2:b0:e2:
         60:0f:e7:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYkhofpnu3L0QcPOYLE4y1hAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwNzA0MTYwMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjg2Zjk0MzZlYmMzMTE0ODJkNDEyOTRiN2FmZDI4NzRmY2E3NWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/81VWSC3T7pja4UVmhFJx38bjg0
bMVJrluRlWEJJH2V0uInHApnaj3U0KGi2HBLCirFxU75OP8geIWWkPwafiEn/Cp6
3YP8cNHRWdsC5uIzzuA+lsorWN9h3YJ8Y+UjX5Ey0REhjSF7Ry+cYmrVbY7biy8J
nZXmAv1gLyHe66LbA2upAPi6n2p4wsv/iivncdGbgDq5v14sNGV3iMaWTr00gRpQ
5Vy0oac+7cX+IiSMxdLhBOF0N5K63LSfdkUQNoXaPY0vOKDWwGHYEKoPPUZqrGai
BPkzQrqJlhBI1n+eREyhXqbV+0a/t+e6IkmhLVGcD3m3gQHFDNqhcjO5fQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD+G+UNuvDEUgtQSlLev0odPynXeMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUDRiNVEyNjhNUlNDMUJLVXQ2X1NoMF9LZGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIxw
MA0GCSqGSIb3DQEBCwUAA4IBAQB6HClKX83r+WPSCNwZurvEzCm73aFKoLw2v3tz
4PldW7Jv3bB6fNe+7AVpqfDch1ap8BhsuO05awBcxmshNVoAnX8qiX8A9kL5UpRO
AnJ6tBdMw9LTsBnnj+eRhobLyv3rF2jz2LultkDhtbz6G6Hr9r6ZTjNmVpvEJhBF
KsAQYQQLKp83zo715ezyLKa1IQzEtUZ6V4zEsZ5fFQY58RVXrmMS4hT/OHbi4GbP
S9eXzsemSq6k6FNIH6tj81e5sQW6wH3slKNb09i/l4cAomqAN29ogSWvNLg6ZLTA
07g13sE1Uuq2+dzPW934Z2O+73+J8efLZfFpEAzCsOJgD+fO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org