Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/XvnDJUsNyOn_Tifkmr16ND8cjNA.roa
File:                     XvnDJUsNyOn_Tifkmr16ND8cjNA.roa (raw, json)
Hash identifier:          ihXdTYeIFR5RKc0zAJEw2RutAGcVL/w3CnkZqcrg27U=
Subject key identifier:   5E:F9:C3:25:4B:0D:C8:E9:FF:4E:27:E4:9A:BD:7A:34:3F:1C:8C:D0
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       01856F42A1EFA2E3E88ADD42381BA7172D3D
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/XvnDJUsNyOn_Tifkmr16ND8cjNA.roa
Signing time:             Sun 01 Jan 2023 21:35:15 +0000
ROA not before:           Sun 01 Jan 2023 21:35:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211604
IP address blocks:        2a05:4140:375::/48 maxlen: 48
                          2a05:4140:335::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:a1:ef:a2:e3:e8:8a:dd:42:38:1b:a7:17:2d:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Jan  1 21:35:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ef9c3254b0dc8e9ff4e27e49abd7a343f1c8cd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:59:c1:ca:70:56:55:11:11:97:84:49:77:3c:
                    c1:53:e4:9c:18:bd:3c:0f:45:a4:5e:e7:c4:e4:af:
                    b9:59:39:3b:c2:0c:cc:e2:70:bf:46:d4:e0:28:e3:
                    cf:26:40:dd:de:f0:fb:bf:a8:27:5c:45:61:01:ab:
                    63:5e:ca:9a:6d:5a:59:48:15:f2:ab:8c:13:01:75:
                    af:3f:6f:92:df:b5:bf:c0:94:9f:1a:58:db:88:d1:
                    7d:56:58:97:2e:2f:a3:d5:98:e5:20:f6:65:bc:92:
                    e2:89:8a:24:72:3b:14:e7:04:3d:e9:7d:92:7e:52:
                    1b:3e:6e:db:66:cd:12:23:a6:dd:7b:9d:f0:7c:aa:
                    15:4c:35:2c:ce:ee:57:06:f4:2c:6d:48:1f:14:e9:
                    4e:14:1c:70:52:4a:df:f1:a2:3f:d8:2f:2f:41:ef:
                    76:59:68:d6:23:76:e4:26:77:d9:3a:ab:6c:f4:1f:
                    0b:7b:97:bd:d1:71:2a:ba:3c:0c:5c:c8:f1:33:ed:
                    82:1b:9d:48:bb:7b:6a:6a:a8:f4:86:6a:23:b7:0a:
                    be:bc:26:54:e6:97:1d:b8:41:9a:3b:2f:af:d3:3e:
                    f1:b5:75:a0:20:2d:d1:31:f8:ef:2a:dc:15:3e:ca:
                    27:3c:0d:ba:28:ea:32:f4:89:4f:a1:33:2c:3e:c1:
                    ed:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F9:C3:25:4B:0D:C8:E9:FF:4E:27:E4:9A:BD:7A:34:3F:1C:8C:D0
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/XvnDJUsNyOn_Tifkmr16ND8cjNA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:335::/48
                  2a05:4140:375::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:82:af:e0:04:f5:53:8b:bf:ea:39:37:9f:5e:da:12:eb:25:
         88:49:4a:1d:5d:60:ae:d9:09:a4:cb:7c:52:20:2a:57:29:7d:
         96:cb:e3:1c:b0:c4:68:d1:f0:0e:0d:bc:72:b7:8e:19:29:81:
         1c:eb:a9:c6:e8:36:75:46:76:9a:e8:ab:39:7c:c6:ad:77:99:
         cc:35:d4:a6:ce:47:a1:fd:af:67:68:45:3f:c9:d7:c2:ff:60:
         3f:f4:b0:4f:4c:80:6a:d6:c0:9c:6f:ee:e3:08:5c:74:7d:d8:
         fe:7e:63:e7:50:a2:78:d8:13:2c:68:9e:a0:1c:bf:c4:cb:2d:
         be:67:9d:6d:ee:f0:3e:8d:e3:1e:21:ba:d1:a2:98:94:51:49:
         09:d9:f5:06:8e:87:d5:50:c7:78:73:dd:c4:ca:d7:07:29:89:
         69:15:a4:6f:b3:5c:f3:3b:7e:7c:40:14:74:5f:0d:01:8e:c3:
         3a:f3:6e:11:9e:38:05:67:a8:79:4d:24:1f:8b:36:a2:8b:58:
         fa:47:c5:0d:34:eb:5c:bb:46:f8:bd:e9:05:6a:49:89:6e:9a:
         19:b1:2b:42:e2:b6:b8:58:d1:e5:ad:29:88:a7:dd:23:31:03:
         ba:1f:49:07:6c:e3:42:c7:3a:0a:ab:c4:2c:67:de:a2:0e:2f:
         65:9e:d9:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQqHvouPoit1COBunFy09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY5YzMyNTRiMGRjOGU5ZmY0ZTI3ZTQ5YWJkN2EzNDNmMWM4Y2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlnBynBWVRERl4RJdzzBU+ScGL08
D0WkXufE5K+5WTk7wgzM4nC/RtTgKOPPJkDd3vD7v6gnXEVhAatjXsqabVpZSBXy
q4wTAXWvP2+S37W/wJSfGljbiNF9VliXLi+j1ZjlIPZlvJLiiYokcjsU5wQ96X2S
flIbPm7bZs0SI6bde53wfKoVTDUszu5XBvQsbUgfFOlOFBxwUkrf8aI/2C8vQe92
WWjWI3bkJnfZOqts9B8Le5e90XEqujwMXMjxM+2CG51Iu3tqaqj0hmojtwq+vCZU
5pcduEGaOy+v0z7xtXWgIC3RMfjvKtwVPsonPA26KOoy9IlPoTMsPsHtbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF75wyVLDcjp/04n5Jq9ejQ/HIzQMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvWHZuREpVc055T25fVGlma21yMTZORDhjak5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgVBQAM1
AwcAKgVBQAN1MA0GCSqGSIb3DQEBCwUAA4IBAQBYgq/gBPVTi7/qOTefXtoS6yWI
SUodXWCu2Qmky3xSICpXKX2Wy+McsMRo0fAODbxyt44ZKYEc66nG6DZ1Rnaa6Ks5
fMatd5nMNdSmzkeh/a9naEU/ydfC/2A/9LBPTIBq1sCcb+7jCFx0fdj+fmPnUKJ4
2BMsaJ6gHL/Eyy2+Z51t7vA+jeMeIbrRopiUUUkJ2fUGjofVUMd4c93EytcHKYlp
FaRvs1zzO358QBR0Xw0BjsM6824RnjgFZ6h5TSQfizaii1j6R8UNNOtcu0b4vekF
akmJbpoZsStC4ra4WNHlrSmIp90jMQO6H0kHbONCxzoKq8QsZ96iDi9lntlv
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:26 2024 by rpki-client on console-fra.rpki-client.org