Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C2W5xJU2ghBVzleDX-_uTd91NEY.roa
File:                     C2W5xJU2ghBVzleDX-_uTd91NEY.roa (raw, json)
Hash identifier:          t5J1293ow8YJ+WcaMylRrO6RUwz2gg3H+XyBahYT6CM=
Subject key identifier:   0B:65:B9:C4:95:36:82:10:55:CE:57:83:5F:EF:EE:4D:DF:75:34:46
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018C8E20BA960C796408468D0BF13DC9E0A7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C2W5xJU2ghBVzleDX-_uTd91NEY.roa
Signing time:             Thu 21 Dec 2023 20:45:58 +0000
ROA not before:           Thu 21 Dec 2023 20:45:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211975
IP address blocks:        164.40.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8e:20:ba:96:0c:79:64:08:46:8d:0b:f1:3d:c9:e0:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Dec 21 20:45:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0b65b9c49536821055ce57835fefee4ddf753446
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8c:a0:eb:69:29:fe:78:3e:04:ac:ef:92:2d:
                    96:57:80:05:f0:33:b5:75:57:a9:70:d1:b0:c7:73:
                    52:7f:e1:31:0e:55:da:9d:ca:83:e6:98:89:98:c3:
                    a1:9b:f2:b2:e7:21:a9:d7:ff:1a:9b:37:d8:6e:29:
                    0c:83:5c:e3:21:24:33:85:f3:8f:4c:2d:8b:19:d3:
                    2b:3d:d3:87:00:8d:c5:7f:2f:e1:1a:4e:85:06:61:
                    1b:c2:5e:eb:a8:8d:0a:a7:f8:c1:60:62:6f:47:cc:
                    c8:e0:b6:4c:ce:b1:2d:37:b2:35:b9:33:29:57:8c:
                    dd:44:c9:34:b2:0c:c2:c7:a2:18:a7:33:f9:3f:a3:
                    54:11:5c:71:f7:5b:ad:dc:04:26:39:21:ff:5b:9d:
                    9f:4c:a6:65:ff:51:1e:22:5b:24:3d:ab:93:12:87:
                    a5:9c:8a:0e:e8:00:a1:ac:ae:39:dd:bf:e7:d3:70:
                    a6:4f:3a:1d:02:42:3f:de:40:20:05:d3:c1:c7:af:
                    92:a6:37:6f:e0:70:6a:65:5f:9e:ee:8f:c6:74:fa:
                    15:59:6c:9e:87:91:2a:56:b0:1c:d4:66:ae:4c:7a:
                    3d:ca:3a:96:d3:ed:11:e6:48:53:50:28:e5:2b:a1:
                    fa:f6:be:c2:3d:cd:b8:88:6f:d9:17:59:2e:1a:61:
                    24:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:65:B9:C4:95:36:82:10:55:CE:57:83:5F:EF:EE:4D:DF:75:34:46
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C2W5xJU2ghBVzleDX-_uTd91NEY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.40.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:29:ae:f0:96:1b:84:0a:be:f3:40:9d:e7:8d:1a:5e:0d:2d:
         5b:e6:be:f7:ff:f4:d6:b7:15:86:81:22:e9:2a:1a:c3:ce:c6:
         b6:65:15:21:f0:8f:69:8b:dd:1a:1a:27:18:a5:6d:3f:57:e4:
         68:7d:3b:e0:30:7d:e0:9d:19:1a:69:8d:15:c7:d8:fa:c9:71:
         1a:75:0a:56:fb:c4:7d:e5:ce:71:98:f2:64:70:1d:b4:31:47:
         7b:80:c1:73:32:14:f2:91:29:5f:f3:fd:2c:83:f9:62:87:1f:
         69:a0:6c:61:b2:74:3d:84:e1:ce:cf:5e:a4:77:e5:6e:7c:d0:
         2d:c5:01:49:54:14:db:4c:e5:18:e2:a4:de:44:9c:4c:92:65:
         1f:59:56:d6:1a:d2:40:a8:cd:4a:df:e8:45:94:76:bd:1d:7f:
         00:dd:0f:56:54:99:20:42:8e:70:98:21:c4:24:a3:d9:21:7e:
         28:81:06:8c:1a:73:da:61:a5:b6:8b:16:ca:02:10:bd:65:b5:
         7f:28:bc:6d:26:9a:aa:ed:23:60:f2:14:22:6f:92:ad:db:df:
         4a:84:7d:e2:24:2e:38:f7:df:96:1a:d3:d9:05:e0:44:d0:ce:
         5b:d4:ac:31:0b:a1:c5:93:6f:06:9b:56:e5:23:1c:ae:96:a4:
         99:0d:9d:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyOILqWDHlkCEaNC/E9yeCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIxMjA0NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY1YjljNDk1MzY4MjEwNTVjZTU3ODM1ZmVmZWU0ZGRmNzUzNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloyg62kp/ng+BKzvki2WV4AF8DO1
dVepcNGwx3NSf+ExDlXancqD5piJmMOhm/Ky5yGp1/8amzfYbikMg1zjISQzhfOP
TC2LGdMrPdOHAI3Ffy/hGk6FBmEbwl7rqI0Kp/jBYGJvR8zI4LZMzrEtN7I1uTMp
V4zdRMk0sgzCx6IYpzP5P6NUEVxx91ut3AQmOSH/W52fTKZl/1EeIlskPauTEoel
nIoO6AChrK453b/n03CmTzodAkI/3kAgBdPBx6+Spjdv4HBqZV+e7o/GdPoVWWye
h5EqVrAc1GauTHo9yjqW0+0R5khTUCjlK6H69r7CPc24iG/ZF1kuGmEkAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtlucSVNoIQVc5Xg1/v7k3fdTRGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQzJXNXhKVTJnaEJWemxlRFgtX3VUZDkxTkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApCi5MA0G
CSqGSIb3DQEBCwUAA4IBAQChKa7wlhuECr7zQJ3njRpeDS1b5r73//TWtxWGgSLp
KhrDzsa2ZRUh8I9pi90aGicYpW0/V+RofTvgMH3gnRkaaY0Vx9j6yXEadQpW+8R9
5c5xmPJkcB20MUd7gMFzMhTykSlf8/0sg/lihx9poGxhsnQ9hOHOz16kd+VufNAt
xQFJVBTbTOUY4qTeRJxMkmUfWVbWGtJAqM1K3+hFlHa9HX8A3Q9WVJkgQo5wmCHE
JKPZIX4ogQaMGnPaYaW2ixbKAhC9ZbV/KLxtJpqq7SNg8hQib5Kt299KhH3iJC44
99+WGtPZBeBE0M5b1KwxC6HFk28Gm1blIxyulqSZDZ2J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:01 2024 by rpki-client on console-fra.rpki-client.org