Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/28462c-2c23-4f95-8e8d-ade530d7c41b/1/OTWoBscZYgg-R9Qj7IN83SBZbQY.roa
File:                     OTWoBscZYgg-R9Qj7IN83SBZbQY.roa (raw, json)
Hash identifier:          wHX7w50tiEUc+bcvAuNFD9/92i2etsYFAhHL8KQaqv8=
Subject key identifier:   39:35:A8:06:C7:19:62:08:3E:47:D4:23:EC:83:7C:DD:20:59:6D:06
Certificate issuer:       /CN=c6bfbef279bf9ded6e3651e0628d39ba79294f78
Certificate serial:       018CC6B9080BB8D74E52D8BD16202BE413BF
Authority key identifier: C6:BF:BE:F2:79:BF:9D:ED:6E:36:51:E0:62:8D:39:BA:79:29:4F:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xr--8nm_ne1uNlHgYo05unkpT3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/28462c-2c23-4f95-8e8d-ade530d7c41b/1/OTWoBscZYgg-R9Qj7IN83SBZbQY.roa
Signing time:             Mon 01 Jan 2024 20:31:04 +0000
ROA not before:           Mon 01 Jan 2024 20:31:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203359
IP address blocks:        185.63.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jul 2024 14:21:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:08:0b:b8:d7:4e:52:d8:bd:16:20:2b:e4:13:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6bfbef279bf9ded6e3651e0628d39ba79294f78
        Validity
            Not Before: Jan  1 20:31:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3935a806c71962083e47d423ec837cdd20596d06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:82:a0:16:af:02:03:7d:a5:be:19:17:00:02:
                    39:ac:f1:5f:b7:3f:f4:f8:90:e3:20:94:6e:fb:a6:
                    c0:3d:41:8b:64:e0:63:53:9f:ba:47:d8:80:d5:21:
                    85:50:51:0c:b3:a8:a6:18:a7:16:0f:2f:d3:56:09:
                    91:bf:fe:ff:49:da:c3:44:97:67:7a:c7:a8:f6:fd:
                    22:58:be:c9:df:b3:ba:a1:35:3f:97:de:89:4f:14:
                    96:5e:3c:11:75:0b:08:ec:d8:1b:43:25:fd:ac:59:
                    d3:06:26:59:45:7c:3b:7b:29:07:04:b8:96:69:d9:
                    bd:53:e9:11:b8:b6:fd:96:aa:4c:2a:23:3d:5f:27:
                    f5:34:dc:d4:9e:cc:c1:bf:db:5d:ee:ea:98:2e:4b:
                    66:02:54:ce:68:c7:a4:33:ec:bd:e9:57:fb:5a:94:
                    4e:14:44:23:f7:31:80:72:f2:83:a6:42:da:88:b3:
                    c7:28:dc:25:c7:05:97:e7:e3:22:69:6a:7f:6e:83:
                    88:c9:59:e4:1f:b6:0c:5f:b2:09:e4:66:43:4a:74:
                    47:49:50:71:6c:eb:fb:f7:7c:5c:0e:17:45:f0:13:
                    3b:eb:9a:2c:04:bb:35:60:ba:be:ee:bc:b6:35:9b:
                    f9:14:ac:de:bb:29:32:4a:13:9c:08:6c:33:6d:7e:
                    3f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:35:A8:06:C7:19:62:08:3E:47:D4:23:EC:83:7C:DD:20:59:6D:06
            X509v3 Authority Key Identifier:
                keyid:C6:BF:BE:F2:79:BF:9D:ED:6E:36:51:E0:62:8D:39:BA:79:29:4F:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xr--8nm_ne1uNlHgYo05unkpT3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/28462c-2c23-4f95-8e8d-ade530d7c41b/1/OTWoBscZYgg-R9Qj7IN83SBZbQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/28462c-2c23-4f95-8e8d-ade530d7c41b/1/xr--8nm_ne1uNlHgYo05unkpT3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.63.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:22:4d:09:c7:7f:76:e5:7b:e1:70:82:07:16:7c:1e:b6:3f:
         23:09:d6:a1:11:13:ad:f0:52:63:a3:5d:3c:6c:ba:f6:6d:ff:
         1a:52:e1:e4:6a:36:07:d2:ff:e3:03:2b:75:af:de:ee:40:c3:
         84:ad:1c:ed:54:a5:cf:29:67:9d:67:78:2d:a3:01:0d:8a:cb:
         df:21:b9:76:0e:a7:e1:32:b8:96:dd:d5:6c:f2:74:b2:e8:8a:
         dd:0a:c9:08:93:56:46:a3:91:07:43:32:21:c6:c3:9d:84:84:
         8b:0f:38:7f:06:ee:a0:36:82:17:d0:16:7b:b1:3a:12:f2:95:
         36:56:9c:6e:6b:e0:7c:a6:bd:58:13:e6:88:bd:cc:f1:8a:10:
         d5:5a:56:fc:bf:3f:4c:dd:33:d8:8a:de:75:97:5c:ee:d0:7b:
         e2:03:1a:82:3b:f5:d7:d2:d9:13:48:3a:d1:c6:b3:71:98:14:
         e8:a6:d8:89:93:83:80:73:cf:1c:1c:5b:90:c1:a0:df:81:74:
         4b:53:1e:a5:e3:d4:75:82:37:5d:51:7e:00:4e:f9:74:f9:c1:
         e9:c3:72:4e:60:25:d4:2d:d3:74:5f:2d:81:a4:02:cd:9f:2d:
         f7:39:ae:64:aa:5d:94:80:0f:44:4f:35:5f:55:83:35:aa:14:
         d4:4a:14:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuQgLuNdOUti9FiAr5BO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YmZiZWYyNzliZjlkZWQ2ZTM2NTFlMDYyOGQzOWJhNzky
OTRmNzgwHhcNMjQwMTAxMjAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTM1YTgwNmM3MTk2MjA4M2U0N2Q0MjNlYzgzN2NkZDIwNTk2ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4KgFq8CA32lvhkXAAI5rPFftz/0
+JDjIJRu+6bAPUGLZOBjU5+6R9iA1SGFUFEMs6imGKcWDy/TVgmRv/7/SdrDRJdn
eseo9v0iWL7J37O6oTU/l96JTxSWXjwRdQsI7NgbQyX9rFnTBiZZRXw7eykHBLiW
adm9U+kRuLb9lqpMKiM9Xyf1NNzUnszBv9td7uqYLktmAlTOaMekM+y96Vf7WpRO
FEQj9zGAcvKDpkLaiLPHKNwlxwWX5+MiaWp/boOIyVnkH7YMX7IJ5GZDSnRHSVBx
bOv793xcDhdF8BM765osBLs1YLq+7ry2NZv5FKzeuykyShOcCGwzbX4/IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk1qAbHGWIIPkfUI+yDfN0gWW0GMB8GA1UdIwQY
MBaAFMa/vvJ5v53tbjZR4GKNObp5KU94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHItLThubV9uZTF1TmxIZ1lvMDV1bmtwVDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yODQ2MmMtMmMyMy00Zjk1LThlOGQt
YWRlNTMwZDdjNDFiLzEvT1RXb0JzY1pZZ2ctUjlRajdJTjgzU0JaYlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yODQ2MmMtMmMyMy00Zjk1LThlOGQtYWRlNTMwZDdjNDFi
LzEveHItLThubV9uZTF1TmxIZ1lvMDV1bmtwVDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT9fMA0G
CSqGSIb3DQEBCwUAA4IBAQBFIk0Jx3925XvhcIIHFnwetj8jCdahEROt8FJjo108
bLr2bf8aUuHkajYH0v/jAyt1r97uQMOErRztVKXPKWedZ3gtowENisvfIbl2Dqfh
MriW3dVs8nSy6IrdCskIk1ZGo5EHQzIhxsOdhISLDzh/Bu6gNoIX0BZ7sToS8pU2
Vpxua+B8pr1YE+aIvczxihDVWlb8vz9M3TPYit51l1zu0HviAxqCO/XX0tkTSDrR
xrNxmBToptiJk4OAc88cHFuQwaDfgXRLUx6l49R1gjddUX4ATvl0+cHpw3JOYCXU
LdN0Xy2BpALNny33Oa5kql2UgA9ETzVfVYM1qhTUShQs
-----END CERTIFICATE-----
Generated at Tue Jul 16 18:33:28 2024 by rpki-client on console-ams.rpki-client.org