Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/1P6pj7wnOGA3qmW2V2YPeY1Z_lw.roa
File:                     1P6pj7wnOGA3qmW2V2YPeY1Z_lw.roa (raw, json)
Hash identifier:          JNhUGI8EDObiZARyt+biU1Mx3QpHHUf2lhUWOGunAqw=
Subject key identifier:   D4:FE:A9:8F:BC:27:38:60:37:AA:65:B6:57:66:0F:79:8D:59:FE:5C
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       018CC9BC5F705D09DEB46DA6B3F7AA8B9FD4
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/1P6pj7wnOGA3qmW2V2YPeY1Z_lw.roa
Signing time:             Tue 02 Jan 2024 10:33:34 +0000
ROA not before:           Tue 02 Jan 2024 10:33:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58349
IP address blocks:        212.30.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Feb 2024 16:49:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:5f:70:5d:09:de:b4:6d:a6:b3:f7:aa:8b:9f:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Jan  2 10:33:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d4fea98fbc27386037aa65b657660f798d59fe5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:67:56:3c:15:6a:3d:08:75:7d:12:42:31:06:
                    e8:b1:20:85:69:af:0a:af:e6:4b:49:5b:15:1c:9a:
                    f2:77:13:75:86:49:24:b4:08:e8:66:13:5f:4a:05:
                    00:b8:cd:b9:ad:cc:13:10:0e:12:0c:f0:f3:e6:4f:
                    b5:ea:d5:f7:c1:b4:46:8e:c6:63:f9:87:d9:70:c5:
                    c1:df:73:a7:ef:f9:3b:2e:20:5f:9e:6e:e9:19:d0:
                    58:50:89:da:ec:46:54:72:00:d1:4c:4f:e4:a7:38:
                    aa:ea:0d:26:14:ef:81:e6:2f:ac:3d:49:5a:27:81:
                    f7:bc:98:75:d4:4b:4f:48:b0:eb:c3:57:03:7a:1d:
                    e7:ec:12:1f:09:7c:c8:7b:62:1c:19:3f:f6:66:d3:
                    1e:8a:0f:59:a5:b4:7e:8c:15:1e:48:13:80:44:69:
                    91:85:fd:a4:22:ba:99:23:b1:dd:5f:b7:a3:36:49:
                    95:67:f0:60:cb:b7:c5:fa:b5:38:ec:66:27:b8:34:
                    b1:29:2e:73:8c:1f:70:e8:53:7b:64:11:40:0b:db:
                    b0:17:a4:3a:96:3b:e2:f0:fa:ac:1b:16:4d:0d:3f:
                    65:10:3c:1f:63:6e:d8:2c:d2:b4:0d:e6:49:31:5c:
                    8a:c8:af:fc:cc:40:00:e5:0a:77:c6:60:40:61:32:
                    c3:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:FE:A9:8F:BC:27:38:60:37:AA:65:B6:57:66:0F:79:8D:59:FE:5C
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/1P6pj7wnOGA3qmW2V2YPeY1Z_lw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.30.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:fd:fa:8a:44:9f:62:8a:4d:9b:7c:10:90:b6:ca:a8:45:f6:
         c0:d2:cf:ab:2f:9d:df:b0:15:16:5b:3c:40:38:39:72:57:ef:
         de:e1:ea:0e:f3:50:84:05:44:2f:59:1d:4c:2c:59:ab:8e:c4:
         c5:74:ab:a8:1d:4b:89:d7:7f:b3:05:2e:05:ff:39:64:78:d1:
         07:8e:88:e5:78:13:dd:df:b8:6b:d6:c9:aa:2d:80:44:23:cb:
         ec:f5:95:86:54:7e:01:8e:3b:20:03:5f:41:8f:fc:59:83:67:
         1e:25:40:f0:5a:11:50:44:de:7b:24:7a:db:c5:7d:0c:b1:ef:
         bc:39:ce:8b:1c:c3:38:83:06:3a:bb:4c:47:b7:6f:7e:5f:0b:
         b0:66:96:83:41:b0:0c:32:b0:6f:ab:b6:4c:19:c2:03:ba:f1:
         5a:0f:c8:ba:15:e5:cc:27:76:4d:6f:9e:cb:92:a8:7c:18:b2:
         98:a4:d7:f8:e3:e9:51:30:6c:77:d2:18:4d:0e:2d:86:e7:6e:
         c1:c5:b0:52:1d:7f:e6:57:9e:5f:c2:1d:19:22:b8:8a:79:6f:
         3e:15:bc:6a:c0:6f:67:e8:73:c5:f0:b2:79:e3:48:0f:51:fe:
         ce:46:4d:58:40:8b:a8:f5:5f:32:42:05:9f:d8:89:ff:79:5e:
         26:1f:2c:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvF9wXQnetG2ms/eqi5/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMTAyMTAzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGZlYTk4ZmJjMjczODYwMzdhYTY1YjY1NzY2MGY3OThkNTlmZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWdWPBVqPQh1fRJCMQbosSCFaa8K
r+ZLSVsVHJrydxN1hkkktAjoZhNfSgUAuM25rcwTEA4SDPDz5k+16tX3wbRGjsZj
+YfZcMXB33On7/k7LiBfnm7pGdBYUIna7EZUcgDRTE/kpziq6g0mFO+B5i+sPUla
J4H3vJh11EtPSLDrw1cDeh3n7BIfCXzIe2IcGT/2ZtMeig9ZpbR+jBUeSBOARGmR
hf2kIrqZI7HdX7ejNkmVZ/Bgy7fF+rU47GYnuDSxKS5zjB9w6FN7ZBFAC9uwF6Q6
ljvi8PqsGxZNDT9lEDwfY27YLNK0DeZJMVyKyK/8zEAA5Qp3xmBAYTLD1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNT+qY+8JzhgN6pltldmD3mNWf5cMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvMVA2cGo3d25PR0EzcW1XMlYyWVBlWTFaX2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B4mMA0G
CSqGSIb3DQEBCwUAA4IBAQBu/fqKRJ9iik2bfBCQtsqoRfbA0s+rL53fsBUWWzxA
ODlyV+/e4eoO81CEBUQvWR1MLFmrjsTFdKuoHUuJ13+zBS4F/zlkeNEHjojleBPd
37hr1smqLYBEI8vs9ZWGVH4BjjsgA19Bj/xZg2ceJUDwWhFQRN57JHrbxX0Mse+8
Oc6LHMM4gwY6u0xHt29+XwuwZpaDQbAMMrBvq7ZMGcIDuvFaD8i6FeXMJ3ZNb57L
kqh8GLKYpNf44+lRMGx30hhNDi2G527BxbBSHX/mV55fwh0ZIriKeW8+FbxqwG9n
6HPF8LJ540gPUf7ORk1YQIuo9V8yQgWf2In/eV4mHyys
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:28 2024 by rpki-client on console-ams.rpki-client.org