Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2GwE3Q5D0rAgk1jE7KzEHISgduc.roa
File:                     2GwE3Q5D0rAgk1jE7KzEHISgduc.roa (raw, json)
Hash identifier:          Z5206xV7OKtoOCWRBBxtVUn+M/seUT0IXWqhyUkTuFU=
Subject key identifier:   D8:6C:04:DD:0E:43:D2:B0:20:93:58:C4:EC:AC:C4:1C:84:A0:76:E7
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018C90D048D20E88A0782600F2845485CDD3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2GwE3Q5D0rAgk1jE7KzEHISgduc.roa
Signing time:             Fri 22 Dec 2023 09:16:58 +0000
ROA not before:           Fri 22 Dec 2023 09:16:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        87.120.68.0/23 maxlen: 24
                          93.123.74.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:90:d0:48:d2:0e:88:a0:78:26:00:f2:84:54:85:cd:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Dec 22 09:16:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d86c04dd0e43d2b0209358c4ecacc41c84a076e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5b:29:bb:ec:f8:eb:eb:f5:3e:67:20:e8:b4:
                    f5:3b:23:3c:6f:7f:f7:03:87:97:c6:82:8f:b3:d3:
                    d0:7a:94:f3:b6:70:53:dd:1e:56:0b:3d:11:a1:cb:
                    8c:f4:1a:9f:e0:5a:bb:66:ef:04:4c:51:96:12:c3:
                    8e:c3:5f:08:72:a3:7d:80:f3:a0:15:b8:06:1c:66:
                    2f:fc:28:41:a3:60:7b:25:cf:e5:65:5b:01:3d:b3:
                    c1:95:25:4b:48:42:dd:c6:28:e8:89:4e:80:7f:82:
                    76:70:50:7d:6a:74:98:67:e1:63:ee:81:3f:c1:b0:
                    98:87:9d:52:45:29:c3:3a:ba:81:7b:05:7c:bf:cd:
                    5b:61:46:01:d8:36:98:c4:d4:82:ed:f5:23:16:9a:
                    f5:e8:be:f2:ff:58:5e:10:3b:a0:67:16:89:5d:fe:
                    23:9d:6b:d8:2e:59:ba:89:fc:62:c5:af:7b:8e:62:
                    8e:07:04:ce:27:24:1e:b9:0a:63:d5:08:c3:78:17:
                    88:9b:cf:2b:d5:12:d8:36:f4:20:4c:da:17:35:85:
                    0f:2b:3b:a5:80:c5:75:4f:29:b5:23:72:cd:7b:d0:
                    f8:89:40:ca:cc:d9:de:83:f1:62:f7:80:ce:f0:ac:
                    ce:2a:03:4e:fe:f4:0a:b4:e2:19:95:38:52:8d:c1:
                    a5:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:6C:04:DD:0E:43:D2:B0:20:93:58:C4:EC:AC:C4:1C:84:A0:76:E7
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2GwE3Q5D0rAgk1jE7KzEHISgduc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.120.68.0/23
                  93.123.74.0/23

    Signature Algorithm: sha256WithRSAEncryption
         66:ef:9b:c2:00:d0:ad:76:9d:27:b4:87:c4:6c:2f:8f:ab:b1:
         6a:95:31:9a:24:cf:93:e4:58:1d:b2:a0:3e:a8:6f:f2:86:48:
         17:f8:e2:8e:90:7c:96:3f:94:05:d6:9a:6d:ea:43:80:1c:5a:
         ba:09:c3:0d:67:ce:ed:10:69:06:27:47:97:6b:e0:30:b7:15:
         6f:13:3d:19:d8:1e:8d:c3:14:19:6d:88:fa:df:ff:cc:dc:38:
         f8:c3:c6:76:04:11:ab:13:bb:b8:66:7c:08:5b:97:fd:5b:f5:
         37:eb:17:bb:0c:af:73:d1:8e:b5:43:4d:b2:43:62:11:b9:61:
         60:0f:8b:39:73:c6:75:4f:8b:1d:e2:5c:69:11:09:14:fd:5e:
         be:68:ea:ac:f5:d2:23:b7:d6:5c:fb:fc:a9:3b:5f:90:a3:eb:
         60:7b:e1:e4:21:2b:ec:0d:e0:b3:2f:f9:73:48:e0:21:29:65:
         21:05:36:1a:27:5a:c6:50:1b:4a:5c:e2:ee:b6:95:d2:2a:b4:
         66:68:6c:41:ad:bb:42:33:e9:ec:1c:ae:b1:b1:ce:b6:ad:cf:
         76:3e:27:0d:32:e9:33:d0:4e:c3:64:dc:6a:e6:84:2b:77:09:
         70:54:28:82:2a:18:02:b7:7e:a9:69:b9:f2:7d:d0:37:4d:0c:
         d1:02:fd:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyQ0EjSDoigeCYA8oRUhc3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIyMDkxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZjMDRkZDBlNDNkMmIwMjA5MzU4YzRlY2FjYzQxYzg0YTA3NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklspu+z46+v1Pmcg6LT1OyM8b3/3
A4eXxoKPs9PQepTztnBT3R5WCz0RocuM9Bqf4Fq7Zu8ETFGWEsOOw18IcqN9gPOg
FbgGHGYv/ChBo2B7Jc/lZVsBPbPBlSVLSELdxijoiU6Af4J2cFB9anSYZ+Fj7oE/
wbCYh51SRSnDOrqBewV8v81bYUYB2DaYxNSC7fUjFpr16L7y/1heEDugZxaJXf4j
nWvYLlm6ifxixa97jmKOBwTOJyQeuQpj1QjDeBeIm88r1RLYNvQgTNoXNYUPKzul
gMV1Tym1I3LNe9D4iUDKzNneg/Fi94DO8KzOKgNO/vQKtOIZlThSjcGlvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNhsBN0OQ9KwIJNYxOysxByEoHbnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMkd3RTNRNUQwckFnazFqRTdLekVISVNnZHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV3hEAwQB
XXtKMA0GCSqGSIb3DQEBCwUAA4IBAQBm75vCANCtdp0ntIfEbC+Pq7FqlTGaJM+T
5FgdsqA+qG/yhkgX+OKOkHyWP5QF1ppt6kOAHFq6CcMNZ87tEGkGJ0eXa+AwtxVv
Ez0Z2B6NwxQZbYj63//M3Dj4w8Z2BBGrE7u4ZnwIW5f9W/U36xe7DK9z0Y61Q02y
Q2IRuWFgD4s5c8Z1T4sd4lxpEQkU/V6+aOqs9dIjt9Zc+/ypO1+Qo+tge+HkISvs
DeCzL/lzSOAhKWUhBTYaJ1rGUBtKXOLutpXSKrRmaGxBrbtCM+nsHK6xsc62rc92
PicNMukz0E7DZNxq5oQrdwlwVCiCKhgCt36pabnyfdA3TQzRAv0z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:57 2024 by rpki-client on console-fra.rpki-client.org