Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/712zhaGKfOTFAhKNpRWdnltV6xE.roa
File:                     712zhaGKfOTFAhKNpRWdnltV6xE.roa (raw, json)
Hash identifier:          6G4nKTqpNDlQXLkjeaBtI2wdIb1SWZM5ZNeECHbDIvw=
Subject key identifier:   EF:5D:B3:85:A1:8A:7C:E4:C5:02:12:8D:A5:15:9D:9E:5B:55:EB:11
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       018CC56EDE02FF807718D5510F2A191B4316
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/712zhaGKfOTFAhKNpRWdnltV6xE.roa
Signing time:             Mon 01 Jan 2024 14:30:26 +0000
ROA not before:           Mon 01 Jan 2024 14:30:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        77.74.231.0/24 maxlen: 24
                          109.105.197.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 10:18:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:de:02:ff:80:77:18:d5:51:0f:2a:19:1b:43:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jan  1 14:30:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ef5db385a18a7ce4c502128da5159d9e5b55eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:04:24:d3:cd:90:8e:0a:02:da:c9:4d:bb:98:
                    dd:8f:91:66:7a:2f:4a:1b:4e:08:71:d7:e0:cd:9b:
                    5f:e5:79:38:e9:7c:11:3b:0d:a3:49:61:52:6a:16:
                    53:46:90:7e:27:cf:1d:e9:5a:eb:09:b5:d6:65:9b:
                    49:d2:a8:b4:b2:ae:51:53:a2:fa:df:13:cb:56:82:
                    92:17:fb:f1:38:d1:0c:b9:a7:26:f3:af:4b:cd:0e:
                    a5:bc:36:c5:a4:82:ff:bb:e8:31:54:a4:48:51:0d:
                    29:14:fc:e5:04:84:f7:4e:a9:23:c8:85:b8:b4:29:
                    7e:ce:80:56:59:ee:fd:c8:a3:28:a8:ca:f3:d6:99:
                    dd:0a:90:11:3a:09:3d:17:be:3e:7c:38:9d:29:12:
                    79:69:02:c8:e8:fd:95:0d:4c:4c:42:1a:6d:ba:7e:
                    6e:4f:15:5b:00:f0:34:20:dc:a3:c5:63:87:e9:08:
                    58:5f:cf:08:c6:f5:03:e0:cf:0d:6e:2c:2e:b9:35:
                    6b:ce:36:f6:53:54:3e:16:4b:39:d3:d5:c9:0d:52:
                    e6:fc:76:a6:27:a4:62:05:f5:b3:47:d8:1b:30:f6:
                    9a:fc:7c:8f:d4:6d:cf:66:2b:8b:34:b0:07:a6:ac:
                    9f:7b:31:d7:f5:93:e2:5f:62:a8:8e:de:28:73:f7:
                    41:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:5D:B3:85:A1:8A:7C:E4:C5:02:12:8D:A5:15:9D:9E:5B:55:EB:11
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/712zhaGKfOTFAhKNpRWdnltV6xE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.231.0/24
                  109.105.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:17:a3:64:4b:f6:34:b4:83:ec:d9:8d:bf:c2:52:64:1f:a7:
         5e:f5:37:35:06:e3:3e:92:68:79:d5:a7:62:1f:c7:8f:b6:de:
         41:52:7d:c8:e5:e0:c1:73:5b:b7:b8:5c:4e:fd:0a:de:19:4a:
         9c:fc:e0:a6:6e:fe:68:c3:7d:cc:d8:24:27:3e:04:15:19:08:
         d7:88:48:f1:b3:ea:50:2e:6c:26:5a:b3:36:36:8d:23:b0:09:
         be:16:76:69:45:2d:89:a0:89:95:1f:df:4a:8e:86:8d:d8:29:
         fd:54:ac:0a:a1:5f:4b:0f:a8:5c:37:ac:1e:41:40:f0:ae:32:
         49:fe:f7:df:ab:0b:d6:c4:83:bd:50:a9:89:68:ad:57:28:cd:
         e5:72:72:82:c7:ce:51:95:de:ab:16:fb:95:4b:2e:0e:76:a0:
         5e:5a:93:d7:e6:21:fb:29:6e:66:ac:da:b4:56:61:40:f1:fd:
         de:fb:da:cf:f8:57:91:fa:5a:50:45:9d:20:10:2d:8a:f3:0a:
         db:ab:f0:61:0a:31:42:38:fd:92:f3:ae:cd:0a:23:70:ac:a1:
         b9:e4:26:27:9e:be:47:ae:94:73:10:f7:bc:89:91:4c:20:9b:
         65:a4:e9:e4:06:42:80:8e:79:c9:ac:6c:d7:b6:12:e7:e9:5a:
         b3:33:4d:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbt4C/4B3GNVRDyoZG0MWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjVkYjM4NWExOGE3Y2U0YzUwMjEyOGRhNTE1OWQ5ZTViNTVlYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQQk082QjgoC2slNu5jdj5Fmei9K
G04IcdfgzZtf5Xk46XwROw2jSWFSahZTRpB+J88d6VrrCbXWZZtJ0qi0sq5RU6L6
3xPLVoKSF/vxONEMuacm869LzQ6lvDbFpIL/u+gxVKRIUQ0pFPzlBIT3TqkjyIW4
tCl+zoBWWe79yKMoqMrz1pndCpAROgk9F74+fDidKRJ5aQLI6P2VDUxMQhptun5u
TxVbAPA0INyjxWOH6QhYX88IxvUD4M8NbiwuuTVrzjb2U1Q+Fks509XJDVLm/Ham
J6RiBfWzR9gbMPaa/HyP1G3PZiuLNLAHpqyfezHX9ZPiX2Kojt4oc/dB0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO9ds4WhinzkxQISjaUVnZ5bVesRMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvNzEyemhhR0tmT1RGQWhLTnBSV2RubHRWNnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUrnAwQA
bWnFMA0GCSqGSIb3DQEBCwUAA4IBAQAzF6NkS/Y0tIPs2Y2/wlJkH6de9Tc1BuM+
kmh51adiH8ePtt5BUn3I5eDBc1u3uFxO/QreGUqc/OCmbv5ow33M2CQnPgQVGQjX
iEjxs+pQLmwmWrM2No0jsAm+FnZpRS2JoImVH99KjoaN2Cn9VKwKoV9LD6hcN6we
QUDwrjJJ/vffqwvWxIO9UKmJaK1XKM3lcnKCx85Rld6rFvuVSy4OdqBeWpPX5iH7
KW5mrNq0VmFA8f3e+9rP+FeR+lpQRZ0gEC2K8wrbq/BhCjFCOP2S867NCiNwrKG5
5CYnnr5HrpRzEPe8iZFMIJtlpOnkBkKAjnnJrGzXthLn6VqzM00n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org