Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/qD_tDPO8HLBqtZqS0eOq5cNzkGw.roa
File:                     qD_tDPO8HLBqtZqS0eOq5cNzkGw.roa (raw, json)
Hash identifier:          iPJW8o1mxCBTVSYfgS4nMLeKMkbMo7oh4w+fYz2e5wY=
Subject key identifier:   A8:3F:ED:0C:F3:BC:1C:B0:6A:B5:9A:92:D1:E3:AA:E5:C3:73:90:6C
Certificate issuer:       /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial:       018CC5012ABA963BFAADA12EA67B1EB0A8EC
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/qD_tDPO8HLBqtZqS0eOq5cNzkGw.roa
Signing time:             Mon 01 Jan 2024 12:30:37 +0000
ROA not before:           Mon 01 Jan 2024 12:30:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1239
IP address blocks:        45.94.139.0/24 maxlen: 24
                          45.94.136.0/24 maxlen: 24
                          45.81.160.0/24 maxlen: 24
                          2.56.32.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 08 Feb 2024 22:08:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:2a:ba:96:3b:fa:ad:a1:2e:a6:7b:1e:b0:a8:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
        Validity
            Not Before: Jan  1 12:30:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a83fed0cf3bc1cb06ab59a92d1e3aae5c373906c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:86:5a:42:58:bf:69:a5:c7:93:ad:a5:59:c7:
                    ac:12:e4:2a:ab:2f:8d:4f:fe:03:f9:be:c0:54:3a:
                    73:a6:14:ce:8e:a3:11:39:20:30:f3:af:07:cd:0b:
                    df:6b:6b:23:11:a7:67:09:ee:03:fa:a7:0d:94:cf:
                    53:d8:39:d5:8a:7e:7c:24:77:11:6d:7d:76:44:b1:
                    4a:37:c5:e1:7b:a6:46:b5:23:26:06:1f:d3:64:6a:
                    1d:8a:5f:96:3b:4c:94:88:11:bc:43:fb:33:b8:75:
                    eb:8b:e7:eb:bd:31:8f:b4:f4:90:86:07:8e:1b:ae:
                    bd:64:68:a1:d7:31:2b:78:bd:9e:0d:b4:af:0c:fc:
                    64:7c:d9:9c:53:bd:f9:f0:03:fb:0e:76:62:a5:99:
                    d8:cd:22:52:ec:34:79:45:00:dc:f0:5c:32:43:5a:
                    b2:64:cc:af:d5:3e:a8:79:2f:45:e7:6d:74:7f:98:
                    70:98:b4:d0:55:e6:5d:df:7d:74:66:2a:41:d0:d6:
                    63:ba:21:7e:98:65:fa:de:74:58:af:2a:07:94:eb:
                    8e:6b:12:cc:bd:2e:d7:a8:6d:20:60:ce:5c:74:48:
                    cf:ce:44:8d:9e:f5:6e:8f:e1:1f:ca:82:3d:92:0f:
                    c1:e3:2b:8d:f1:88:12:39:a9:11:2a:dd:3f:c1:f5:
                    c1:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:3F:ED:0C:F3:BC:1C:B0:6A:B5:9A:92:D1:E3:AA:E5:C3:73:90:6C
            X509v3 Authority Key Identifier:
                keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/qD_tDPO8HLBqtZqS0eOq5cNzkGw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.32.0/22
                  45.81.160.0/24
                  45.94.136.0/24
                  45.94.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:3d:4d:e7:ee:4d:3a:e3:78:90:93:4a:61:1d:fd:dc:d4:ea:
         8d:79:f4:af:d3:e4:90:dd:eb:73:10:5c:9a:4b:d6:f9:e4:d4:
         54:f0:fe:0e:30:e7:34:35:ff:4d:77:4c:0a:13:17:48:7f:ed:
         a0:68:14:c2:53:f4:e3:10:03:dc:7b:15:57:5e:ac:84:5c:18:
         a9:06:40:b2:b7:c1:3e:42:1e:82:02:86:d7:6a:e3:4d:18:39:
         64:b9:bb:87:2e:c3:04:d9:f2:b5:c0:c1:bd:dc:f1:aa:02:27:
         5d:1f:e8:79:cc:50:2c:74:57:b9:e5:25:5c:35:9e:2b:88:9c:
         08:ef:6f:61:80:b2:39:37:bd:b3:56:35:a3:31:ef:15:8a:c5:
         62:54:d3:85:d7:02:cd:27:64:08:7d:42:47:5e:11:12:7c:e5:
         f4:50:e2:8c:d9:b3:e5:64:42:2b:5f:e3:ed:79:a2:f0:fd:f1:
         b9:6e:f5:48:e9:e3:0c:c0:d9:b4:e1:32:59:d5:ec:a9:2d:e1:
         3d:6d:fc:e4:3a:cd:49:c8:2e:5d:47:dc:c8:c8:15:2a:33:06:
         a9:74:56:8b:32:1d:0e:bd:df:e3:54:cd:f9:2b:83:b6:bc:93:
         b0:63:e5:b3:19:02:db:1a:28:d3:f9:70:97:cc:40:f2:39:01:
         88:8b:d8:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFASq6ljv6raEupnsesKjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODNmZWQwY2YzYmMxY2IwNmFiNTlhOTJkMWUzYWFlNWMzNzM5MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4ZaQli/aaXHk62lWcesEuQqqy+N
T/4D+b7AVDpzphTOjqMROSAw868HzQvfa2sjEadnCe4D+qcNlM9T2DnVin58JHcR
bX12RLFKN8Xhe6ZGtSMmBh/TZGodil+WO0yUiBG8Q/szuHXri+frvTGPtPSQhgeO
G669ZGih1zEreL2eDbSvDPxkfNmcU7358AP7DnZipZnYzSJS7DR5RQDc8FwyQ1qy
ZMyv1T6oeS9F5210f5hwmLTQVeZd3310ZipB0NZjuiF+mGX63nRYryoHlOuOaxLM
vS7XqG0gYM5cdEjPzkSNnvVuj+EfyoI9kg/B4yuN8YgSOakRKt0/wfXB7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKg/7QzzvBywarWaktHjquXDc5BsMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvcURfdERQTzhITEJxdFpxUzBlT3E1Y056a0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjggAwQA
LVGgAwQALV6IAwQALV6LMA0GCSqGSIb3DQEBCwUAA4IBAQB1PU3n7k0643iQk0ph
Hf3c1OqNefSv0+SQ3etzEFyaS9b55NRU8P4OMOc0Nf9Nd0wKExdIf+2gaBTCU/Tj
EAPcexVXXqyEXBipBkCyt8E+Qh6CAobXauNNGDlkubuHLsME2fK1wMG93PGqAidd
H+h5zFAsdFe55SVcNZ4riJwI729hgLI5N72zVjWjMe8VisViVNOF1wLNJ2QIfUJH
XhESfOX0UOKM2bPlZEIrX+PteaLw/fG5bvVI6eMMwNm04TJZ1eypLeE9bfzkOs1J
yC5dR9zIyBUqMwapdFaLMh0Ovd/jVM35K4O2vJOwY+WzGQLbGijT+XCXzEDyOQGI
i9hg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org