Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_qz85TF0soASMPcj6x-hoOs-5iM.roa
File:                     _qz85TF0soASMPcj6x-hoOs-5iM.roa (raw, json)
Hash identifier:          6ihrlhZlEV15MvJiC6NV6wZ+4He88n+3nCLdU9y1bYM=
Subject key identifier:   FE:AC:FC:E5:31:74:B2:80:12:30:F7:23:EB:1F:A1:A0:EB:3E:E6:23
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018712E62A8F5F86429F892E2224AFD53486
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_qz85TF0soASMPcj6x-hoOs-5iM.roa
Signing time:             Fri 24 Mar 2023 09:14:46 +0000
ROA not before:           Fri 24 Mar 2023 09:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        77.83.39.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          77.83.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Apr 2023 06:51:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:12:e6:2a:8f:5f:86:42:9f:89:2e:22:24:af:d5:34:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Mar 24 09:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=feacfce53174b2801230f723eb1fa1a0eb3ee623
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:a0:d1:4a:40:4c:22:7d:f7:d4:4d:ec:3e:c3:
                    8f:77:85:98:da:9a:3d:32:56:6d:75:d0:7b:2c:8f:
                    7b:f9:cc:c2:7f:7f:71:61:7f:14:c0:e0:b6:0c:ed:
                    d7:e8:89:39:b5:ec:62:b8:4b:08:f8:df:1c:a8:75:
                    34:3f:31:19:08:4f:14:ca:d7:e6:b4:1d:14:42:05:
                    f0:07:95:b6:aa:4b:a9:99:48:ca:47:b9:01:83:62:
                    0b:d6:37:9f:b7:63:40:58:7f:31:64:fd:a1:68:60:
                    d0:3e:e3:1f:6a:d6:92:c7:29:69:e2:d4:b1:75:23:
                    af:ee:c3:d1:c1:86:19:9f:71:0f:6a:1f:77:aa:11:
                    0d:fc:5e:6d:f3:8e:a6:09:bc:7d:fa:a0:86:34:2f:
                    d3:b8:e5:41:44:22:07:3b:e1:c0:21:82:b0:f1:af:
                    ea:26:38:c3:e9:b5:d9:97:10:72:3e:36:5f:5d:ec:
                    ea:5e:f2:f3:5b:78:17:26:53:96:35:4b:f5:7c:4d:
                    a1:ce:c8:a9:74:c2:c4:c2:d4:06:d2:1b:62:98:33:
                    43:fc:5e:da:d2:d5:74:5e:3e:89:8a:bc:9a:b9:c9:
                    4c:af:fc:6d:2f:a9:b3:fc:eb:c8:6d:43:a0:fa:f3:
                    33:6a:21:b4:d9:be:56:97:29:c0:b4:78:95:06:6f:
                    5f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:AC:FC:E5:31:74:B2:80:12:30:F7:23:EB:1F:A1:A0:EB:3E:E6:23
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_qz85TF0soASMPcj6x-hoOs-5iM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.171.0/24
                  77.83.38.0/23
                  85.209.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:88:1d:42:39:bf:f5:6c:25:33:03:18:58:b0:db:c7:0a:34:
         2e:94:89:e5:0c:2c:09:9d:ac:57:a1:f3:e6:bc:03:66:47:b0:
         23:0f:ee:c1:23:7a:bd:87:69:4b:73:b1:4c:56:df:bf:81:3b:
         9a:21:a0:04:01:db:c8:ab:6d:3a:c0:73:95:fd:f1:cb:6a:5d:
         27:86:87:87:86:0c:0e:d5:04:2b:63:39:07:c8:75:da:fa:25:
         e9:d7:3c:98:96:74:40:29:09:64:c6:79:38:ce:63:48:c7:01:
         2d:50:6a:8a:7e:ae:74:47:71:32:f9:81:50:fb:22:52:9f:ea:
         ad:c2:9a:86:73:81:6b:a8:be:58:18:d6:d3:56:d2:3f:f1:f0:
         82:21:72:e7:47:2f:bf:7e:a6:ba:b1:0d:ea:0d:fc:3b:dc:e5:
         7e:20:27:e7:b7:bc:47:35:45:a8:4f:a3:68:15:5e:99:51:6e:
         ac:f1:12:77:e8:18:86:ad:e5:0e:cc:01:ca:36:8e:a2:bd:e8:
         63:58:c8:55:60:f5:54:de:36:46:f5:7a:bf:f2:70:9b:b4:db:
         ec:9d:5f:8a:12:ab:12:75:83:de:fd:59:bf:a7:2e:26:65:96:
         f6:f9:a6:86:38:e3:81:ce:dc:88:73:2a:ef:3c:34:e1:e4:c8:
         35:a6:55:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcS5iqPX4ZCn4kuIiSv1TSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMzI0MDkxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWFjZmNlNTMxNzRiMjgwMTIzMGY3MjNlYjFmYTFhMGViM2VlNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6DRSkBMIn331E3sPsOPd4WY2po9
MlZtddB7LI97+czCf39xYX8UwOC2DO3X6Ik5texiuEsI+N8cqHU0PzEZCE8Uytfm
tB0UQgXwB5W2qkupmUjKR7kBg2IL1jeft2NAWH8xZP2haGDQPuMfataSxylp4tSx
dSOv7sPRwYYZn3EPah93qhEN/F5t846mCbx9+qCGNC/TuOVBRCIHO+HAIYKw8a/q
JjjD6bXZlxByPjZfXezqXvLzW3gXJlOWNUv1fE2hzsipdMLEwtQG0htimDND/F7a
0tV0Xj6JiryauclMr/xtL6mz/OvIbUOg+vMzaiG02b5WlynAtHiVBm9ftQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP6s/OUxdLKAEjD3I+sfoaDrPuYjMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvX3F6ODVURjBzb0FTTVBjajZ4LWhvT3MtNWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV6rAwQB
TVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQCViB1COb/1bCUzAxhYsNvHCjQu
lInlDCwJnaxXofPmvANmR7AjD+7BI3q9h2lLc7FMVt+/gTuaIaAEAdvIq206wHOV
/fHLal0nhoeHhgwO1QQrYzkHyHXa+iXp1zyYlnRAKQlkxnk4zmNIxwEtUGqKfq50
R3Ey+YFQ+yJSn+qtwpqGc4FrqL5YGNbTVtI/8fCCIXLnRy+/fqa6sQ3qDfw73OV+
ICfnt7xHNUWoT6NoFV6ZUW6s8RJ36BiGreUOzAHKNo6ivehjWMhVYPVU3jZG9Xq/
8nCbtNvsnV+KEqsSdYPe/Vm/py4mZZb2+aaGOOOBztyIcyrvPDTh5Mg1plWw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org