Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/k0ppMO6yaJkwSED74nWeLmqbhpk.roa
File:                     k0ppMO6yaJkwSED74nWeLmqbhpk.roa (raw, json)
Hash identifier:          +8wQZr9BG2lrsqDdtzhWhWYtmv9r6Xlg5ZA6qJRM8jM=
Subject key identifier:   93:4A:69:30:EE:B2:68:99:30:48:40:FB:E2:75:9E:2E:6A:9B:86:99
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018CC42571459BF803B15CE4E8BC4E610BEE
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/k0ppMO6yaJkwSED74nWeLmqbhpk.roa
Signing time:             Mon 01 Jan 2024 08:30:37 +0000
ROA not before:           Mon 01 Jan 2024 08:30:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211617
IP address blocks:        185.186.67.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Jan 2024 15:24:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:71:45:9b:f8:03:b1:5c:e4:e8:bc:4e:61:0b:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 08:30:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=934a6930eeb26899304840fbe2759e2e6a9b8699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:84:b5:ec:9e:10:e0:e4:cb:7a:68:be:f4:cb:
                    7f:35:bc:df:06:87:a2:4c:63:55:f0:56:2e:86:0c:
                    9a:6e:1d:c9:53:5a:5d:6f:bc:c2:79:b8:73:11:ae:
                    b1:05:36:0a:22:55:0e:a0:eb:4b:06:f8:76:d2:23:
                    91:2f:30:5d:25:62:fb:5c:99:b1:74:0b:66:79:9e:
                    00:bd:56:9f:99:ed:71:e2:76:3f:4f:67:98:49:6a:
                    ac:9a:20:d7:90:d2:e8:ca:69:cc:a5:cf:0f:b3:07:
                    3c:8b:ec:1f:20:c9:04:f8:68:c8:0b:4c:1c:b6:5d:
                    b9:b7:c0:2d:d2:d0:88:81:0e:70:7a:36:e7:4f:ce:
                    e0:c2:86:ad:74:ee:31:59:4d:50:7d:5d:29:2b:6e:
                    8c:86:ca:83:32:54:a4:ac:61:8d:42:91:4c:1e:90:
                    14:e8:ed:0c:dd:1c:ec:c2:d8:ef:ae:cb:fd:24:2e:
                    61:44:f9:84:3d:cd:2b:64:3b:d8:71:67:f2:9c:73:
                    e5:b0:8d:59:71:61:3c:3f:8b:a6:82:76:98:a8:01:
                    16:d7:33:de:5b:8a:f9:c2:b4:f2:4f:d6:20:bc:4d:
                    8d:6d:3e:63:bd:94:2a:71:3f:ff:ff:aa:86:7b:ff:
                    f8:11:4f:13:00:da:58:6e:6d:81:ff:f1:c2:8a:72:
                    e4:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:4A:69:30:EE:B2:68:99:30:48:40:FB:E2:75:9E:2E:6A:9B:86:99
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/k0ppMO6yaJkwSED74nWeLmqbhpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:c3:8d:80:fa:bc:61:ff:b9:21:55:b5:de:a1:25:e5:97:93:
         41:a9:a1:ea:82:a7:29:6e:5e:79:4f:00:75:3f:35:33:bd:2a:
         5a:99:32:65:12:0c:17:4f:64:a4:65:ef:10:45:d5:6f:dd:d9:
         44:a2:80:2e:1c:07:7e:77:8f:2f:84:42:7d:c4:57:e5:42:99:
         94:37:78:1d:f3:65:81:fe:dd:33:50:ef:22:1c:5c:f6:38:a8:
         48:1f:4f:cc:af:72:dd:66:ab:70:20:30:21:bc:28:c7:db:16:
         f3:39:6b:f0:30:04:fa:a3:ee:64:79:10:2f:5e:90:b4:83:75:
         19:6c:43:24:fc:ac:60:4b:4b:5a:7d:82:f4:c0:95:84:ef:a8:
         c3:a3:35:9e:10:c9:94:f7:1c:9f:6a:0f:af:53:70:16:38:a6:
         02:b8:50:dc:7b:54:95:bb:11:4b:af:77:05:2a:bc:93:c0:d9:
         82:3d:12:84:8b:30:07:48:2b:16:96:d7:9d:6c:0f:de:d0:4d:
         7c:5f:81:2a:e9:2c:8a:00:ac:01:9a:6a:b6:19:e7:b3:86:94:
         25:fe:56:53:07:d7:48:77:64:24:e6:f8:02:43:3b:8c:cf:10:
         1d:40:81:db:02:96:b0:83:fe:7f:b5:73:93:bd:32:c0:6f:3e:
         11:44:35:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJXFFm/gDsVzk6LxOYQvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRhNjkzMGVlYjI2ODk5MzA0ODQwZmJlMjc1OWUyZTZhOWI4Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYS17J4Q4OTLemi+9Mt/NbzfBoei
TGNV8FYuhgyabh3JU1pdb7zCebhzEa6xBTYKIlUOoOtLBvh20iORLzBdJWL7XJmx
dAtmeZ4AvVafme1x4nY/T2eYSWqsmiDXkNLoymnMpc8Pswc8i+wfIMkE+GjIC0wc
tl25t8At0tCIgQ5wejbnT87gwoatdO4xWU1QfV0pK26MhsqDMlSkrGGNQpFMHpAU
6O0M3Rzswtjvrsv9JC5hRPmEPc0rZDvYcWfynHPlsI1ZcWE8P4umgnaYqAEW1zPe
W4r5wrTyT9YgvE2NbT5jvZQqcT///6qGe//4EU8TANpYbm2B//HCinLkrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNKaTDusmiZMEhA++J1ni5qm4aZMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvazBwcE1PNnlhSmt3U0VENzRuV2VMbXFiaHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubpDMA0G
CSqGSIb3DQEBCwUAA4IBAQAgw42A+rxh/7khVbXeoSXll5NBqaHqgqcpbl55TwB1
PzUzvSpamTJlEgwXT2SkZe8QRdVv3dlEooAuHAd+d48vhEJ9xFflQpmUN3gd82WB
/t0zUO8iHFz2OKhIH0/Mr3LdZqtwIDAhvCjH2xbzOWvwMAT6o+5keRAvXpC0g3UZ
bEMk/KxgS0tafYL0wJWE76jDozWeEMmU9xyfag+vU3AWOKYCuFDce1SVuxFLr3cF
KryTwNmCPRKEizAHSCsWltedbA/e0E18X4Eq6SyKAKwBmmq2GeezhpQl/lZTB9dI
d2Qk5vgCQzuMzxAdQIHbApawg/5/tXOTvTLAbz4RRDXo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org