Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-rsJQfXJ39ts5jhKPoa2xDgvSGQ.roa
File:                     1-rsJQfXJ39ts5jhKPoa2xDgvSGQ.roa (raw, json)
Hash identifier:          LQwQBIIcId+GbGpsWELN4w6AIIwzDvpbeIFg51uiiMw=
Subject key identifier:   FA:BB:09:41:F5:C9:DF:DB:6C:E6:38:4A:3E:86:B6:C4:38:2F:48:64
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018C6762F0A760F5719AF2AEC92E44AD584B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-rsJQfXJ39ts5jhKPoa2xDgvSGQ.roa
Signing time:             Thu 14 Dec 2023 08:13:06 +0000
ROA not before:           Thu 14 Dec 2023 08:13:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207083
IP address blocks:        2.59.254.0/24 maxlen: 24
                          192.145.28.0/24 maxlen: 24
                          192.145.31.0/24 maxlen: 24
                          192.145.30.0/24 maxlen: 24
                          192.145.29.0/24 maxlen: 24
                          85.31.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 12:28:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:67:62:f0:a7:60:f5:71:9a:f2:ae:c9:2e:44:ad:58:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Dec 14 08:13:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fabb0941f5c9dfdb6ce6384a3e86b6c4382f4864
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e5:75:30:ad:75:02:5f:b5:01:12:4c:ef:b0:
                    68:ae:73:9d:9b:39:bc:e0:a2:91:5c:9f:de:cd:ba:
                    6a:91:68:0a:29:2b:54:9d:c7:e6:0e:30:d2:95:2b:
                    18:b2:b9:e5:a1:cc:9f:4d:82:b1:3e:dc:c9:54:82:
                    4e:d0:49:41:82:51:77:61:fc:6e:94:19:5b:d4:44:
                    90:3c:d0:73:b8:90:fa:f3:2f:61:c8:b6:f8:fb:f4:
                    b7:dd:c9:d6:37:67:db:2d:2e:10:66:b9:4b:2a:82:
                    82:e4:73:7d:67:d2:3b:4f:a8:86:68:bf:55:a7:f1:
                    bb:ae:ca:3e:27:1c:22:1a:6c:68:b2:87:77:5b:16:
                    58:ca:8f:8d:25:57:28:f3:87:cf:8f:b3:f0:ca:42:
                    ab:34:dc:58:0c:b2:11:c1:15:df:fe:42:a8:09:a5:
                    c6:05:f6:e0:cd:5c:e4:1f:97:6c:5f:2e:18:50:bc:
                    1a:00:16:1f:19:5d:af:49:05:bd:77:ce:14:23:0e:
                    df:96:8d:31:8d:8f:27:1e:73:f3:91:1e:c8:55:c0:
                    c3:29:6d:ef:a9:b3:b5:08:82:8b:d0:4c:55:d3:5d:
                    14:3f:92:2b:13:dc:db:5a:e4:0f:ba:d2:c2:6c:77:
                    2c:68:56:30:78:8c:f2:b2:db:56:dd:58:e0:da:78:
                    0f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:BB:09:41:F5:C9:DF:DB:6C:E6:38:4A:3E:86:B6:C4:38:2F:48:64
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-rsJQfXJ39ts5jhKPoa2xDgvSGQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.254.0/24
                  85.31.45.0/24
                  192.145.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:05:37:d9:b7:84:a6:b1:e8:d0:5d:ae:83:f1:2e:38:fa:4c:
         ca:45:78:27:d7:9c:1a:9f:9c:64:15:b5:34:27:66:59:f1:37:
         aa:d0:8a:6e:86:9f:7e:39:14:a3:98:dc:bd:81:05:c0:c9:df:
         2c:d1:a3:8d:5c:0b:a2:17:2e:03:89:66:0f:3c:dc:16:ea:3e:
         43:1e:71:55:a8:cd:74:a7:0a:0a:42:cb:50:f4:0f:1d:fb:36:
         42:4a:60:2b:d1:4f:87:c7:2f:89:f3:ec:63:4f:44:d7:9e:4d:
         e6:84:21:3a:7c:1a:7d:74:c7:8a:50:48:b8:e6:0e:82:f3:fc:
         dd:5b:2f:af:79:57:66:7b:96:84:82:db:00:c4:c2:28:6a:d5:
         6b:97:4f:0d:a7:af:99:52:c5:80:33:ef:08:59:6d:c0:2f:54:
         03:7f:51:f9:8e:e9:b6:49:9b:f2:33:85:9d:c5:ad:70:49:13:
         40:9a:78:68:b5:f1:ce:79:27:f5:87:c2:6e:4c:eb:24:77:d6:
         4c:74:f2:59:21:11:14:c7:be:73:ef:7b:35:87:02:b1:ac:6b:
         db:3f:02:13:78:a1:ff:8a:7c:34:f8:bd:5e:cf:b0:75:40:27:
         1a:2d:33:84:2b:eb:3b:d1:55:11:8b:77:c6:91:b3:9d:fb:9c:
         4c:f1:a0:dd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYxnYvCnYPVxmvKuyS5ErVhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjE0MDgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWJiMDk0MWY1YzlkZmRiNmNlNjM4NGEzZTg2YjZjNDM4MmY0ODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOV1MK11Al+1ARJM77BornOdmzm8
4KKRXJ/ezbpqkWgKKStUncfmDjDSlSsYsrnlocyfTYKxPtzJVIJO0ElBglF3Yfxu
lBlb1ESQPNBzuJD68y9hyLb4+/S33cnWN2fbLS4QZrlLKoKC5HN9Z9I7T6iGaL9V
p/G7rso+JxwiGmxosod3WxZYyo+NJVco84fPj7PwykKrNNxYDLIRwRXf/kKoCaXG
BfbgzVzkH5dsXy4YULwaABYfGV2vSQW9d84UIw7flo0xjY8nHnPzkR7IVcDDKW3v
qbO1CIKL0ExV010UP5IrE9zbWuQPutLCbHcsaFYweIzysttW3Vjg2ngPlwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPq7CUH1yd/bbOY4Sj6GtsQ4L0hkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1yc0pRZlhKMzl0czVqaEtQb2EyeERndlNHUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAAI7/gME
AFUfLQMEAsCRHDANBgkqhkiG9w0BAQsFAAOCAQEAQgU32beEprHo0F2ug/EuOPpM
ykV4J9ecGp+cZBW1NCdmWfE3qtCKboaffjkUo5jcvYEFwMnfLNGjjVwLohcuA4lm
DzzcFuo+Qx5xVajNdKcKCkLLUPQPHfs2QkpgK9FPh8cvifPsY09E155N5oQhOnwa
fXTHilBIuOYOgvP83Vsvr3lXZnuWhILbAMTCKGrVa5dPDaevmVLFgDPvCFltwC9U
A39R+Y7ptkmb8jOFncWtcEkTQJp4aLXxznkn9YfCbkzrJHfWTHTyWSERFMe+c+97
NYcCsaxr2z8CE3ih/4p8NPi9Xs+wdUAnGi0zhCvrO9FVEYt3xpGznfucTPGg3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:22 2024 by rpki-client on console-ams.rpki-client.org