Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/XM2WNbkG-e8JAdFMd8VTyV0DOU0.roa
File:                     XM2WNbkG-e8JAdFMd8VTyV0DOU0.roa (raw, json)
Hash identifier:          g0YPO4lcAiowRGqMaFpzoBqXS6l5unoaltCOehHh/og=
Subject key identifier:   5C:CD:96:35:B9:06:F9:EF:09:01:D1:4C:77:C5:53:C9:5D:03:39:4D
Certificate issuer:       /CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
Certificate serial:       0188DFC8285B0901CAF7E09631ED60C9D3E5
Authority key identifier: 99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/XM2WNbkG-e8JAdFMd8VTyV0DOU0.roa
Signing time:             Wed 21 Jun 2023 21:06:56 +0000
ROA not before:           Wed 21 Jun 2023 21:06:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        195.184.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Sep 2023 19:49:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:df:c8:28:5b:09:01:ca:f7:e0:96:31:ed:60:c9:d3:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
        Validity
            Not Before: Jun 21 21:06:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ccd9635b906f9ef0901d14c77c553c95d03394d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f1:ab:cf:50:f3:9f:2c:eb:a2:7c:f9:e8:92:
                    c0:25:bd:c1:ba:d4:10:9f:7c:37:2e:f1:b2:23:7d:
                    e6:71:35:e8:50:68:b3:b7:f0:d8:d8:69:a1:2a:13:
                    84:e4:c4:68:67:6d:99:2f:df:de:f0:2d:91:63:31:
                    b1:4f:29:28:cf:3e:27:64:fe:38:d6:3b:be:a1:89:
                    ee:c5:e5:12:23:23:9c:7a:12:c8:e8:49:a8:31:02:
                    ae:91:88:0e:8f:98:34:31:fc:6b:6f:c4:d5:93:e0:
                    ea:f1:dd:0d:19:45:60:b4:c1:b7:73:35:47:df:4b:
                    dd:97:3e:18:57:1a:7b:50:e1:ad:c3:87:e2:d7:2b:
                    ab:e4:0d:45:6f:44:db:c2:bf:22:66:c3:51:26:33:
                    32:f0:1b:d2:3b:d4:16:50:9e:60:87:bf:e9:f3:f5:
                    97:77:44:1f:b3:94:d5:4a:1c:1f:3a:dc:5c:39:81:
                    99:55:2a:16:cd:1d:a5:d4:20:80:1d:2d:0f:6c:4b:
                    05:3d:ac:fc:80:19:c8:79:60:0f:e8:97:4c:3b:e1:
                    7b:1c:16:9d:14:0f:25:f2:79:27:80:c5:ff:02:2e:
                    b1:41:c1:87:b0:29:2d:c8:b5:ec:87:a8:de:d4:47:
                    55:f4:59:56:74:d8:47:9d:3c:9c:7f:f6:52:e1:b6:
                    2f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:CD:96:35:B9:06:F9:EF:09:01:D1:4C:77:C5:53:C9:5D:03:39:4D
            X509v3 Authority Key Identifier:
                keyid:99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/XM2WNbkG-e8JAdFMd8VTyV0DOU0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/mfrSUn6vqVIVqP7Weif608-y038.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.184.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:50:0e:b9:0b:04:cd:c7:31:c8:f1:5a:95:b7:29:7d:4b:b5:
         d9:b6:27:3a:aa:07:a1:53:41:34:13:0a:b8:f5:0c:a4:4a:13:
         03:db:42:0e:89:4e:4d:11:bb:34:3e:3d:2f:16:5a:d7:d8:9b:
         ca:fb:b9:72:4a:6b:5b:ba:ef:9b:a3:ad:ac:10:bf:6e:67:31:
         ac:20:9b:e6:95:5e:b6:01:87:23:a0:c6:ab:fb:24:1a:11:3c:
         1e:47:c4:a6:e5:8f:c2:3a:da:83:92:bb:8b:bb:08:48:c5:fc:
         63:87:43:80:74:3f:34:78:dc:29:cf:00:68:c5:67:44:53:35:
         f9:13:95:9b:9f:69:b9:96:c3:41:56:12:cc:4c:31:2a:8c:a1:
         d5:05:9b:51:fa:a3:61:af:17:d3:56:da:51:0b:e9:24:93:f5:
         11:f1:bd:87:db:fd:b8:bd:f5:6e:9e:1c:84:c0:ac:03:b0:ac:
         e5:2f:ee:c9:e7:dc:c5:be:fd:8e:7f:ad:3c:bc:8a:10:86:28:
         7b:36:cf:22:01:11:3c:6f:e8:47:56:02:22:46:7f:96:ba:a5:
         22:7a:13:ff:b6:e2:c3:7f:95:a5:fb:3f:56:be:19:c8:07:4c:
         c0:a0:ec:f1:0e:97:f3:e3:f7:6c:6a:3a:8f:64:ce:e4:a0:f5:
         a9:ab:75:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjfyChbCQHK9+CWMe1gydPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmFkMjUyN2VhZmE5NTIxNWE4ZmVkNjdhMjdmYWQzY2Zi
MmQzN2YwHhcNMjMwNjIxMjEwNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NkOTYzNWI5MDZmOWVmMDkwMWQxNGM3N2M1NTNjOTVkMDMzOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/Grz1Dznyzronz56JLAJb3ButQQ
n3w3LvGyI33mcTXoUGizt/DY2GmhKhOE5MRoZ22ZL9/e8C2RYzGxTykozz4nZP44
1ju+oYnuxeUSIyOcehLI6EmoMQKukYgOj5g0Mfxrb8TVk+Dq8d0NGUVgtMG3czVH
30vdlz4YVxp7UOGtw4fi1yur5A1Fb0Tbwr8iZsNRJjMy8BvSO9QWUJ5gh7/p8/WX
d0Qfs5TVShwfOtxcOYGZVSoWzR2l1CCAHS0PbEsFPaz8gBnIeWAP6JdMO+F7HBad
FA8l8nkngMX/Ai6xQcGHsCktyLXsh6je1EdV9FlWdNhHnTycf/ZS4bYv/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzNljW5BvnvCQHRTHfFU8ldAzlNMB8GA1UdIwQY
MBaAFJn60lJ+r6lSFaj+1non+tPPstN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMt
MDEwM2E4OTljMmRlLzEvWE0yV05ia0ctZThKQWRGTWQ4VlR5VjBET1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMtMDEwM2E4OTljMmRl
LzEvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7hMMA0G
CSqGSIb3DQEBCwUAA4IBAQA3UA65CwTNxzHI8VqVtyl9S7XZtic6qgehU0E0Ewq4
9QykShMD20IOiU5NEbs0Pj0vFlrX2JvK+7lySmtbuu+bo62sEL9uZzGsIJvmlV62
AYcjoMar+yQaETweR8Sm5Y/COtqDkruLuwhIxfxjh0OAdD80eNwpzwBoxWdEUzX5
E5Wbn2m5lsNBVhLMTDEqjKHVBZtR+qNhrxfTVtpRC+kkk/UR8b2H2/24vfVunhyE
wKwDsKzlL+7J59zFvv2Of608vIoQhih7Ns8iARE8b+hHVgIiRn+WuqUiehP/tuLD
f5Wl+z9WvhnIB0zAoOzxDpfz4/dsajqPZM7koPWpq3Uh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:16 2024 by rpki-client on console-ams.rpki-client.org