Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/lYbe9Wtpu9dj9he1UpalOg6WpQs.roa
File:                     lYbe9Wtpu9dj9he1UpalOg6WpQs.roa (raw, json)
Hash identifier:          7QzBf8o1NrFMWGXzhGAmw9A7lzKcA5PtgwtKlr/LzPo=
Subject key identifier:   95:86:DE:F5:6B:69:BB:D7:63:F6:17:B5:52:96:A5:3A:0E:96:A5:0B
Certificate issuer:       /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial:       018C8C9AB6BF47F607019844F546D6C81566
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/lYbe9Wtpu9dj9he1UpalOg6WpQs.roa
Signing time:             Thu 21 Dec 2023 13:39:58 +0000
ROA not before:           Thu 21 Dec 2023 13:39:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212921
IP address blocks:        2.59.152.0/24 maxlen: 24
                          2.59.155.0/24 maxlen: 24
                          194.126.202.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Dec 2023 16:07:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8c:9a:b6:bf:47:f6:07:01:98:44:f5:46:d6:c8:15:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
        Validity
            Not Before: Dec 21 13:39:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9586def56b69bbd763f617b55296a53a0e96a50b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e7:c1:0a:b0:56:7b:16:1f:43:72:f3:84:5f:
                    2b:cd:78:8f:4c:6e:c4:48:ab:c8:da:d7:70:b3:06:
                    02:fb:1d:fe:1b:ad:f9:ea:9e:b5:c3:04:18:83:b3:
                    12:27:70:96:3c:4d:f1:97:9c:9b:00:50:c2:98:22:
                    90:c3:98:8c:d3:c7:c0:11:c6:95:a6:18:09:92:4f:
                    78:82:dc:27:87:a1:5b:a3:01:6a:36:d7:3a:36:ad:
                    64:c3:dd:c7:0d:cc:09:04:0e:63:09:ce:e3:b5:6c:
                    65:2c:9b:9f:4e:21:50:7e:6d:6a:b5:2e:c9:a8:a3:
                    63:dd:92:ee:55:73:19:12:a3:73:cf:5d:e0:53:89:
                    45:af:5b:72:06:6d:0c:47:db:54:eb:5a:de:60:be:
                    53:aa:3c:28:8e:1a:8f:5f:83:39:43:ce:b5:08:1a:
                    ce:cc:49:45:5a:34:8b:1e:cb:36:e0:5a:d6:c3:0b:
                    be:19:39:30:36:a2:8c:cd:9c:d3:54:6c:22:6b:48:
                    b3:ff:81:fd:61:aa:f0:b3:ce:fa:ea:6f:33:3c:26:
                    f2:b1:fa:30:af:ae:b5:ec:47:d4:c9:37:18:9a:4d:
                    18:9d:d9:a8:b9:6f:a3:ec:d1:4b:9c:b0:18:38:42:
                    ef:4a:26:ad:69:c0:33:09:66:e9:22:e2:dc:7e:ca:
                    c4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:86:DE:F5:6B:69:BB:D7:63:F6:17:B5:52:96:A5:3A:0E:96:A5:0B
            X509v3 Authority Key Identifier:
                keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/lYbe9Wtpu9dj9he1UpalOg6WpQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.152.0/24
                  2.59.155.0/24
                  194.126.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:2a:53:08:c0:4e:2c:c4:dc:da:ec:d3:70:87:f0:8c:01:e8:
         be:15:12:c5:1f:8f:eb:8b:1b:6c:db:ae:25:16:9e:78:d2:c8:
         41:50:7f:9b:07:7d:95:da:70:bc:64:2f:a5:78:be:f8:4e:99:
         7a:e6:51:d6:26:61:12:ed:18:e1:10:5c:7a:a3:7e:ac:98:57:
         9d:b0:29:28:16:67:17:76:31:f6:0d:bd:6c:c7:05:11:9b:32:
         6c:a3:76:23:c5:0a:16:ab:ec:b1:45:4b:11:91:bd:a6:1c:2c:
         9d:4f:b3:b2:bf:53:76:c7:dd:a8:25:a4:b1:ad:af:a4:0c:44:
         23:85:8d:3c:f3:f1:d0:19:de:2d:16:ce:9e:ef:a5:b0:54:0f:
         73:98:84:15:df:5e:67:04:8b:b6:43:14:75:ec:0a:fb:34:4f:
         69:67:e9:f3:d4:43:b6:b6:bf:ad:7f:75:71:6d:85:29:31:dc:
         d9:dc:a9:d1:95:ca:5d:bb:d0:70:b9:d6:f9:7b:a7:d6:bb:b2:
         15:5a:93:62:07:04:61:89:be:00:ee:9e:a9:93:a6:ea:01:12:
         18:f3:3e:c8:fa:77:a5:d6:4c:8c:52:0b:4c:4b:92:ec:3c:b0:
         da:8c:71:29:87:cf:d4:50:c5:f7:b8:16:a4:c0:80:3c:0d:0d:
         9d:d3:f1:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyMmra/R/YHAZhE9UbWyBVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjIxMTMzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg2ZGVmNTZiNjliYmQ3NjNmNjE3YjU1Mjk2YTUzYTBlOTZhNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ufBCrBWexYfQ3LzhF8rzXiPTG7E
SKvI2tdwswYC+x3+G6356p61wwQYg7MSJ3CWPE3xl5ybAFDCmCKQw5iM08fAEcaV
phgJkk94gtwnh6FbowFqNtc6Nq1kw93HDcwJBA5jCc7jtWxlLJufTiFQfm1qtS7J
qKNj3ZLuVXMZEqNzz13gU4lFr1tyBm0MR9tU61reYL5TqjwojhqPX4M5Q861CBrO
zElFWjSLHss24FrWwwu+GTkwNqKMzZzTVGwia0iz/4H9Yarws8766m8zPCbysfow
r6617EfUyTcYmk0YndmouW+j7NFLnLAYOELvSiatacAzCWbpIuLcfsrEBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJWG3vVrabvXY/YXtVKWpToOlqULMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvbFliZTlXdHB1OWRqOWhlMVVwYWxPZzZXcFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjuYAwQA
AjubAwQAwn7KMA0GCSqGSIb3DQEBCwUAA4IBAQAQKlMIwE4sxNza7NNwh/CMAei+
FRLFH4/rixts264lFp540shBUH+bB32V2nC8ZC+leL74Tpl65lHWJmES7RjhEFx6
o36smFedsCkoFmcXdjH2Db1sxwURmzJso3YjxQoWq+yxRUsRkb2mHCydT7Oyv1N2
x92oJaSxra+kDEQjhY088/HQGd4tFs6e76WwVA9zmIQV315nBIu2QxR17Ar7NE9p
Z+nz1EO2tr+tf3VxbYUpMdzZ3KnRlcpdu9Bwudb5e6fWu7IVWpNiBwRhib4A7p6p
k6bqARIY8z7I+nel1kyMUgtMS5LsPLDajHEph8/UUMX3uBakwIA8DQ2d0/Hz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org