Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/cpV2r6Oe3IYSeOlKOi7tTnaw1FE.roa
File:                     cpV2r6Oe3IYSeOlKOi7tTnaw1FE.roa (raw, json)
Hash identifier:          cP5JO5eVqSVO9gVQ3CQ74NHSZqRxIpQfmUw106SZ4xY=
Subject key identifier:   72:95:76:AF:A3:9E:DC:86:12:78:E9:4A:3A:2E:ED:4E:76:B0:D4:51
Certificate issuer:       /CN=2a0cc46301c8b1fd4639293018fba53653a265b2
Certificate serial:       01857014F92C61FB0A201F1D590665C9910F
Authority key identifier: 2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/cpV2r6Oe3IYSeOlKOi7tTnaw1FE.roa
Signing time:             Mon 02 Jan 2023 01:25:00 +0000
ROA not before:           Mon 02 Jan 2023 01:25:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39540
IP address blocks:        185.95.219.0/24 maxlen: 24
                          2a05:fc87::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:14:f9:2c:61:fb:0a:20:1f:1d:59:06:65:c9:91:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a0cc46301c8b1fd4639293018fba53653a265b2
        Validity
            Not Before: Jan  2 01:25:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=729576afa39edc861278e94a3a2eed4e76b0d451
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:3c:95:f1:71:22:b0:7d:b1:42:61:d9:5a:89:
                    cf:49:c0:91:4f:1f:0d:50:c3:d3:08:ef:e9:45:b4:
                    c4:49:34:35:1f:64:fd:5c:f5:21:e1:41:19:4e:79:
                    7d:95:db:bb:52:76:78:8c:91:35:21:0f:0e:55:01:
                    66:24:5f:77:c7:7e:28:e7:6d:46:99:9d:7b:f9:7f:
                    b3:cb:60:2d:c3:63:28:77:33:3d:a6:c2:8b:5b:91:
                    d7:1d:35:71:3d:38:ec:42:e7:57:a5:19:ab:c5:32:
                    86:07:94:4a:a2:d4:4c:75:3f:10:82:d5:d9:09:6b:
                    80:b2:a9:f5:be:d3:27:de:bb:b9:fc:8c:e7:8f:2f:
                    5b:96:b5:f5:ba:03:86:27:08:5f:20:ff:eb:02:c1:
                    52:30:ce:1e:79:f9:fb:6f:47:34:df:d9:5b:4e:72:
                    d0:ed:80:fd:a2:d8:01:92:9c:07:3e:86:49:33:19:
                    68:b9:3e:cf:20:13:98:ba:fc:f1:ea:da:83:63:55:
                    a4:40:2e:89:43:e9:71:41:a5:bc:16:c3:3d:8d:c4:
                    08:dc:5b:27:93:c2:c0:f5:37:e8:ec:8d:4c:23:cb:
                    db:4c:41:b7:a2:51:c9:78:05:9c:84:55:ad:25:c8:
                    fb:1a:44:c1:00:af:29:89:14:0b:30:58:8a:cf:a8:
                    e2:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:95:76:AF:A3:9E:DC:86:12:78:E9:4A:3A:2E:ED:4E:76:B0:D4:51
            X509v3 Authority Key Identifier:
                keyid:2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/cpV2r6Oe3IYSeOlKOi7tTnaw1FE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.219.0/24
                IPv6:
                  2a05:fc87::/32

    Signature Algorithm: sha256WithRSAEncryption
         be:da:6f:7c:61:94:de:f0:20:7e:31:9e:4b:e0:c2:28:01:bf:
         f2:cc:d7:b2:dd:97:c3:96:43:c7:35:90:f5:e5:e2:3d:e2:6d:
         95:4c:25:f5:c2:87:80:74:9e:c7:eb:34:be:4a:25:fd:a2:b2:
         a1:46:ae:16:84:ac:c7:77:15:0a:cf:c9:fd:5d:71:eb:53:2a:
         30:b8:25:5f:05:97:b8:18:b1:3f:86:3f:37:9d:70:65:cf:c2:
         67:7a:af:82:39:37:e6:98:df:b1:13:26:fe:45:f3:47:11:89:
         02:de:f6:80:da:45:14:9f:36:15:1f:d4:41:50:7a:bf:2e:4b:
         0f:3f:e6:8f:0f:ef:17:ed:eb:d2:a8:c7:15:59:13:f2:27:6f:
         81:67:ed:d8:43:7a:eb:a3:eb:10:56:2e:c7:6d:1a:7f:35:62:
         95:20:b6:92:6b:25:c1:34:fc:11:0d:61:0e:67:47:a7:75:b9:
         1a:11:77:86:b1:4f:84:e6:66:02:e1:88:f9:80:89:ce:04:4c:
         78:27:2f:fb:67:a2:d7:35:ef:fd:4c:88:96:83:72:cc:85:fd:
         c7:d3:25:64:e9:41:98:57:d5:94:e4:08:18:bc:f3:11:12:ae:
         fa:a1:a9:e8:f5:a7:76:3c:3e:5c:60:d3:b2:02:0c:f1:7e:96:
         84:b1:5f:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFPksYfsKIB8dWQZlyZEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMGNjNDYzMDFjOGIxZmQ0NjM5MjkzMDE4ZmJhNTM2NTNh
MjY1YjIwHhcNMjMwMTAyMDEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk1NzZhZmEzOWVkYzg2MTI3OGU5NGEzYTJlZWQ0ZTc2YjBkNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzyV8XEisH2xQmHZWonPScCRTx8N
UMPTCO/pRbTESTQ1H2T9XPUh4UEZTnl9ldu7UnZ4jJE1IQ8OVQFmJF93x34o521G
mZ17+X+zy2Atw2ModzM9psKLW5HXHTVxPTjsQudXpRmrxTKGB5RKotRMdT8QgtXZ
CWuAsqn1vtMn3ru5/Iznjy9blrX1ugOGJwhfIP/rAsFSMM4eefn7b0c039lbTnLQ
7YD9otgBkpwHPoZJMxlouT7PIBOYuvzx6tqDY1WkQC6JQ+lxQaW8FsM9jcQI3Fsn
k8LA9Tfo7I1MI8vbTEG3olHJeAWchFWtJcj7GkTBAK8piRQLMFiKz6jiQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHKVdq+jntyGEnjpSjou7U52sNRRMB8GA1UdIwQY
MBaAFCoMxGMByLH9RjkpMBj7pTZTomWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2d6RVl3SElzZjFHT1Nrd0dQdWxObE9pWmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yODYyZDEtMmNjOS00NTY1LTg2YzIt
MmJiNTU5N2EyNDM1LzEvY3BWMnI2T2UzSVlTZU9sS09pN3RUbmF3MUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yODYyZDEtMmNjOS00NTY1LTg2YzItMmJiNTU5N2EyNDM1
LzEvS2d6RVl3SElzZjFHT1Nrd0dQdWxObE9pWmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuV/bMA0E
AgACMAcDBQAqBfyHMA0GCSqGSIb3DQEBCwUAA4IBAQC+2m98YZTe8CB+MZ5L4MIo
Ab/yzNey3ZfDlkPHNZD15eI94m2VTCX1woeAdJ7H6zS+SiX9orKhRq4WhKzHdxUK
z8n9XXHrUyowuCVfBZe4GLE/hj83nXBlz8Jneq+COTfmmN+xEyb+RfNHEYkC3vaA
2kUUnzYVH9RBUHq/LksPP+aPD+8X7evSqMcVWRPyJ2+BZ+3YQ3rro+sQVi7HbRp/
NWKVILaSayXBNPwRDWEOZ0endbkaEXeGsU+E5mYC4Yj5gInOBEx4Jy/7Z6LXNe/9
TIiWg3LMhf3H0yVk6UGYV9WU5AgYvPMREq76oano9ad2PD5cYNOyAgzxfpaEsV+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:59 2024 by rpki-client on console-ams.rpki-client.org