Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/_nxsgewoC35xd2wSZr5h-qxWkes.roa
File:                     _nxsgewoC35xd2wSZr5h-qxWkes.roa (raw, json)
Hash identifier:          pnYkXRKgvzDHZp3kjzm/TM99f0eNNFpHIzfSuzK9jWU=
Subject key identifier:   FE:7C:6C:81:EC:28:0B:7E:71:77:6C:12:66:BE:61:FA:AC:56:91:EB
Certificate issuer:       /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial:       01856FA6EE3444924BA5B67DC27716BE6F9B
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/_nxsgewoC35xd2wSZr5h-qxWkes.roa
Signing time:             Sun 01 Jan 2023 23:24:48 +0000
ROA not before:           Sun 01 Jan 2023 23:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48205
IP address blocks:        178.175.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 01 Jul 2023 07:39:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a6:ee:34:44:92:4b:a5:b6:7d:c2:77:16:be:6f:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
        Validity
            Not Before: Jan  1 23:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe7c6c81ec280b7e71776c1266be61faac5691eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:d5:88:1e:b2:65:12:67:d7:44:19:b6:29:14:
                    62:ce:96:f2:bc:ea:42:4c:f5:7d:14:c0:45:d1:a0:
                    5f:3d:dd:77:32:c3:c3:49:87:c8:20:b1:b5:3d:bc:
                    e7:62:be:a5:91:ec:c6:4c:ec:6d:19:6e:f1:18:7a:
                    33:e1:ac:80:1a:af:2d:3b:38:fb:ff:a4:1a:e6:f1:
                    45:6e:93:13:78:12:31:39:68:9c:77:89:d4:0c:da:
                    2b:d7:13:a4:c0:6c:a6:51:2d:e3:26:3a:3c:8d:a2:
                    5f:a3:d6:ac:8c:0f:39:36:48:3c:42:3e:c0:6e:dd:
                    34:74:67:08:e2:29:e6:26:82:d4:79:c3:2e:4e:9e:
                    db:ca:d5:04:80:a0:f8:a0:e4:c5:af:b8:82:16:c8:
                    1a:93:d2:5d:d5:57:f7:ed:20:97:cb:fa:b3:4a:23:
                    75:57:ad:54:3d:7e:58:b6:fb:60:8d:8b:1f:aa:4a:
                    db:3b:1f:54:41:17:8e:e2:10:f7:8c:54:42:5d:46:
                    69:16:e4:ff:e1:cc:2b:7c:2b:92:a7:16:0c:72:74:
                    96:f6:b9:34:26:48:06:48:ee:92:ee:1e:9d:be:63:
                    93:3d:07:c2:99:91:2d:0c:4c:72:2d:60:a1:d9:78:
                    83:9b:9b:ca:14:fb:67:af:00:4b:02:cd:59:e2:02:
                    22:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:7C:6C:81:EC:28:0B:7E:71:77:6C:12:66:BE:61:FA:AC:56:91:EB
            X509v3 Authority Key Identifier:
                keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/_nxsgewoC35xd2wSZr5h-qxWkes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.175.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d1:45:ba:c2:cd:97:1b:37:d9:03:7d:82:50:f0:7b:e7:87:5c:
         4f:c9:b9:2c:5a:99:5b:84:1d:38:34:a3:14:bc:e9:c7:ae:de:
         8a:fb:56:27:f6:25:4a:63:b2:72:25:6c:71:fa:fe:18:33:10:
         97:00:f2:10:77:53:0b:8f:9b:79:e4:32:31:69:5d:32:ee:50:
         b7:af:5c:b2:cd:02:36:f4:69:63:7c:3c:49:4d:9c:d3:fb:0c:
         9a:91:18:0b:56:e2:05:c7:a4:ab:72:4b:d4:bc:64:5e:eb:cf:
         f1:32:af:8b:86:e7:46:0c:43:41:3e:21:44:17:15:f8:c0:cf:
         b1:1e:7d:7f:2f:cb:3e:7a:9f:7a:16:07:93:99:3b:3d:19:b9:
         61:77:45:c7:ea:9a:90:07:1d:72:42:cc:8d:74:ae:f3:94:e7:
         c6:87:65:27:32:27:29:5b:93:c0:76:1c:70:f0:58:67:6a:08:
         5a:38:f3:25:cb:e4:47:50:32:f2:b8:2f:1c:f0:78:ee:8e:74:
         e0:64:23:6a:d7:8e:a5:43:87:5f:89:c4:58:f8:b0:bc:7c:f4:
         bd:be:79:f2:b9:bd:e0:55:ec:38:24:e5:0b:95:9c:55:19:42:
         60:56:97:90:9a:88:63:66:57:6b:8a:5f:08:19:44:5e:b8:47:
         ad:68:b8:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpu40RJJLpbZ9wncWvm+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjMwMTAxMjMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTdjNmM4MWVjMjgwYjdlNzE3NzZjMTI2NmJlNjFmYWFjNTY5MWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNWIHrJlEmfXRBm2KRRizpbyvOpC
TPV9FMBF0aBfPd13MsPDSYfIILG1PbznYr6lkezGTOxtGW7xGHoz4ayAGq8tOzj7
/6Qa5vFFbpMTeBIxOWicd4nUDNor1xOkwGymUS3jJjo8jaJfo9asjA85Nkg8Qj7A
bt00dGcI4inmJoLUecMuTp7bytUEgKD4oOTFr7iCFsgak9Jd1Vf37SCXy/qzSiN1
V61UPX5YtvtgjYsfqkrbOx9UQReO4hD3jFRCXUZpFuT/4cwrfCuSpxYMcnSW9rk0
JkgGSO6S7h6dvmOTPQfCmZEtDExyLWCh2XiDm5vKFPtnrwBLAs1Z4gIiwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP58bIHsKAt+cXdsEma+YfqsVpHrMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvX254c2dld29DMzV4ZDJ3U1pyNWgtcXhXa2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsq+mMA0G
CSqGSIb3DQEBCwUAA4IBAQDRRbrCzZcbN9kDfYJQ8Hvnh1xPybksWplbhB04NKMU
vOnHrt6K+1Yn9iVKY7JyJWxx+v4YMxCXAPIQd1MLj5t55DIxaV0y7lC3r1yyzQI2
9GljfDxJTZzT+wyakRgLVuIFx6SrckvUvGRe68/xMq+LhudGDENBPiFEFxX4wM+x
Hn1/L8s+ep96FgeTmTs9Gblhd0XH6pqQBx1yQsyNdK7zlOfGh2UnMicpW5PAdhxw
8FhnaghaOPMly+RHUDLyuC8c8HjujnTgZCNq146lQ4dficRY+LC8fPS9vnnyub3g
Vew4JOULlZxVGUJgVpeQmohjZldril8IGUReuEetaLjq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:23 2024 by rpki-client on console-fra.rpki-client.org