Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/szrOIotDiWVPuNCiNIyifIuuEk4.roa
File:                     szrOIotDiWVPuNCiNIyifIuuEk4.roa (raw, json)
Hash identifier:          maXD90RFo+vp/1FITxKaWL4WaVv4pKmHqqFh6YAIVvk=
Subject key identifier:   B3:3A:CE:22:8B:43:89:65:4F:B8:D0:A2:34:8C:A2:7C:8B:AE:12:4E
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       018A73F731378FFB463657F3996AC033BE47
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/szrOIotDiWVPuNCiNIyifIuuEk4.roa
Signing time:             Fri 08 Sep 2023 08:44:54 +0000
ROA not before:           Fri 08 Sep 2023 08:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199691
IP address blocks:        2a0e:8f02:f055::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:73:f7:31:37:8f:fb:46:36:57:f3:99:6a:c0:33:be:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Sep  8 08:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b33ace228b4389654fb8d0a2348ca27c8bae124e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4c:ce:a9:25:3a:63:93:85:1c:84:e0:07:86:
                    a9:1c:71:49:df:20:17:d6:7c:f4:79:7a:92:90:a9:
                    c5:e0:31:f5:c6:60:32:eb:b1:3c:b1:2a:24:d8:26:
                    9b:42:07:cc:0a:a0:ea:b6:55:a2:b2:c4:59:44:8f:
                    c0:ba:58:75:4d:01:69:76:17:6b:3b:5d:d7:fa:4d:
                    1b:74:7f:1f:54:1c:46:a5:9d:60:87:22:19:56:6e:
                    88:b2:1e:31:f6:71:bd:12:ca:75:6d:49:b5:9c:24:
                    92:f1:4b:d0:df:99:65:54:52:7b:59:30:bd:9a:19:
                    25:21:1a:e2:35:3f:d4:c8:e8:97:9c:aa:cb:62:1e:
                    9a:d6:36:7d:1e:04:a5:a8:31:88:e4:1b:48:d5:90:
                    c5:bc:d7:36:31:05:ec:e0:72:b3:53:bd:4a:0a:75:
                    e8:be:bb:60:65:63:d3:cb:45:a3:6f:16:37:b9:92:
                    20:ac:c9:72:73:8e:28:2a:66:8f:69:63:3c:8a:c2:
                    41:ed:dc:38:ba:c8:0a:ee:6b:dc:45:84:5b:69:e3:
                    77:db:08:0a:31:84:53:3c:76:0d:8f:41:01:a6:e1:
                    62:c4:02:2e:ef:b5:25:d0:72:34:d6:d9:c2:b7:24:
                    05:14:bb:94:36:a7:0b:8a:8f:ed:17:13:f6:b4:42:
                    ed:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:3A:CE:22:8B:43:89:65:4F:B8:D0:A2:34:8C:A2:7C:8B:AE:12:4E
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/szrOIotDiWVPuNCiNIyifIuuEk4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f055::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:c8:ef:6b:6a:94:92:2a:b2:a9:3a:9f:51:66:e2:76:89:f1:
         f8:1f:58:c6:5f:6b:0b:cc:94:45:71:bc:41:5c:66:47:d3:35:
         24:9c:03:b9:a0:bb:a0:6f:5a:90:03:d2:de:e3:ad:7a:42:56:
         d2:29:76:54:21:83:40:56:33:cc:c3:c7:ea:f4:cf:8a:20:50:
         c7:78:be:49:8d:37:2d:7d:d9:31:6c:8c:b0:a5:bf:fb:f0:1d:
         d5:cd:e5:23:d1:c9:57:fa:ef:9c:83:2b:2a:f5:2e:c2:bb:e4:
         d0:e5:f3:f2:40:fd:60:3e:2f:d6:6a:29:8c:1c:61:50:ce:58:
         42:40:16:1d:45:a9:43:83:d4:b3:47:ff:8f:ba:18:80:fd:71:
         0e:3f:7d:2c:1f:91:9e:50:7c:ea:0f:ab:bb:72:9e:8c:0d:62:
         e7:69:a9:c4:57:ac:6a:77:aa:33:4d:ad:f6:0b:5c:33:0f:6f:
         b2:68:e1:1d:43:fe:73:f1:42:cb:3b:f0:7f:01:4b:0b:fd:0a:
         bd:d2:ca:7a:4d:21:ae:1a:da:02:1b:99:fe:b8:9e:d2:18:c5:
         71:4a:70:ec:ee:43:2f:6c:b5:e6:a1:87:1d:0d:b0:e3:f7:75:
         03:2c:45:46:a6:05:5b:fa:96:9a:ef:df:66:f6:99:d9:c1:26:
         1d:85:65:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYpz9zE3j/tGNlfzmWrAM75HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwOTA4MDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNhY2UyMjhiNDM4OTY1NGZiOGQwYTIzNDhjYTI3YzhiYWUxMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkzOqSU6Y5OFHITgB4apHHFJ3yAX
1nz0eXqSkKnF4DH1xmAy67E8sSok2CabQgfMCqDqtlWissRZRI/Aulh1TQFpdhdr
O13X+k0bdH8fVBxGpZ1ghyIZVm6Ish4x9nG9Esp1bUm1nCSS8UvQ35llVFJ7WTC9
mhklIRriNT/UyOiXnKrLYh6a1jZ9HgSlqDGI5BtI1ZDFvNc2MQXs4HKzU71KCnXo
vrtgZWPTy0WjbxY3uZIgrMlyc44oKmaPaWM8isJB7dw4usgK7mvcRYRbaeN32wgK
MYRTPHYNj0EBpuFixAIu77Ul0HI01tnCtyQFFLuUNqcLio/tFxP2tELtAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLM6ziKLQ4llT7jQojSMonyLrhJOMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvc3pyT0lvdERpV1ZQdU5DaU5JeWlmSXV1RWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBV
MA0GCSqGSIb3DQEBCwUAA4IBAQAByO9rapSSKrKpOp9RZuJ2ifH4H1jGX2sLzJRF
cbxBXGZH0zUknAO5oLugb1qQA9Le4616QlbSKXZUIYNAVjPMw8fq9M+KIFDHeL5J
jTctfdkxbIywpb/78B3VzeUj0clX+u+cgysq9S7Cu+TQ5fPyQP1gPi/WaimMHGFQ
zlhCQBYdRalDg9SzR/+PuhiA/XEOP30sH5GeUHzqD6u7cp6MDWLnaanEV6xqd6oz
Ta32C1wzD2+yaOEdQ/5z8ULLO/B/AUsL/Qq90sp6TSGuGtoCG5n+uJ7SGMVxSnDs
7kMvbLXmoYcdDbDj93UDLEVGpgVb+paa799m9pnZwSYdhWWi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org