Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fcd516-88f5-4e48-9ab4-93df45003e7e/1/lXASNOtBNNfRMobo9uZk4rQDzzo.roa
File:                     lXASNOtBNNfRMobo9uZk4rQDzzo.roa (raw, json)
Hash identifier:          wMZwpSEMuy0uHnD/CE7yjfZspveTatv/DHv62qRQM3M=
Subject key identifier:   95:70:12:34:EB:41:34:D7:D1:32:86:E8:F6:E6:64:E2:B4:03:CF:3A
Certificate issuer:       /CN=6ac72a734392f6cf792b3d0c3ed11820286f19f4
Certificate serial:       01856E0AEA42AF5B48D8F7D9A0DB5AF33DD7
Authority key identifier: 6A:C7:2A:73:43:92:F6:CF:79:2B:3D:0C:3E:D1:18:20:28:6F:19:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ascqc0OS9s95Kz0MPtEYIChvGfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/fcd516-88f5-4e48-9ab4-93df45003e7e/1/lXASNOtBNNfRMobo9uZk4rQDzzo.roa
Signing time:             Sun 01 Jan 2023 15:54:47 +0000
ROA not before:           Sun 01 Jan 2023 15:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212574
IP address blocks:        185.153.232.0/24 maxlen: 24
                          2a10:7240::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:0a:ea:42:af:5b:48:d8:f7:d9:a0:db:5a:f3:3d:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ac72a734392f6cf792b3d0c3ed11820286f19f4
        Validity
            Not Before: Jan  1 15:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95701234eb4134d7d13286e8f6e664e2b403cf3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:87:0e:43:3a:b0:d4:c2:f7:fe:81:37:c5:2e:
                    7a:9b:da:c5:19:a7:33:88:ff:b8:b5:32:1d:61:bd:
                    73:37:f2:8e:c8:26:b2:d8:1d:65:75:23:ad:cc:b4:
                    80:e9:cd:d2:34:8b:9c:56:63:c2:77:3b:15:6f:0d:
                    11:b8:56:e7:69:84:be:e4:ae:e5:f6:33:31:99:d6:
                    a3:0a:04:00:07:40:b3:56:33:42:13:75:95:f2:45:
                    9d:2e:2b:17:bd:c8:80:c9:53:e1:e0:cc:2f:0a:8e:
                    f4:30:63:c7:1d:c7:7a:a3:6c:1a:77:41:43:15:f9:
                    92:70:66:32:c6:b9:a3:b9:c0:cd:2b:c0:29:30:eb:
                    30:60:fb:8d:4c:65:b9:9d:19:ee:53:d7:70:ef:e5:
                    a7:f3:c7:a4:d3:e9:b3:d5:de:7b:df:5c:a6:db:08:
                    33:01:48:13:fe:5f:19:c6:30:8a:1f:b0:74:6a:ba:
                    95:6d:e9:b7:73:d4:2a:3d:2f:7f:cc:55:82:ee:05:
                    6c:e3:24:ff:0d:c8:f9:0f:a6:14:a9:c4:48:2d:4e:
                    93:5f:02:8f:85:a5:d9:0a:7d:37:cf:5a:e0:92:49:
                    22:3b:e4:28:3c:4a:7d:6c:6f:06:46:d0:ae:03:a4:
                    03:c2:af:85:e1:bb:ab:ab:95:47:34:b8:a5:f9:38:
                    e8:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:70:12:34:EB:41:34:D7:D1:32:86:E8:F6:E6:64:E2:B4:03:CF:3A
            X509v3 Authority Key Identifier:
                keyid:6A:C7:2A:73:43:92:F6:CF:79:2B:3D:0C:3E:D1:18:20:28:6F:19:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ascqc0OS9s95Kz0MPtEYIChvGfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fcd516-88f5-4e48-9ab4-93df45003e7e/1/lXASNOtBNNfRMobo9uZk4rQDzzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fcd516-88f5-4e48-9ab4-93df45003e7e/1/ascqc0OS9s95Kz0MPtEYIChvGfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.153.232.0/24
                IPv6:
                  2a10:7240::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:d1:94:3f:9a:c4:6c:38:9f:2d:f2:31:8d:90:26:ff:cc:84:
         fd:98:4a:32:16:37:d1:1c:0a:ad:07:68:49:4c:de:73:7b:0e:
         f7:ce:ff:86:de:bf:f7:d6:19:87:7f:43:fa:95:3f:d4:90:6f:
         8e:bd:1f:68:50:be:55:e1:43:a0:79:3d:db:19:24:87:ba:7c:
         18:5f:8e:8d:d6:7f:44:bd:8a:b0:e8:77:d8:b0:30:91:22:74:
         5b:fc:3a:2a:75:ec:85:ff:eb:cb:a1:63:89:08:07:ef:05:54:
         bf:19:62:a7:ea:d3:11:ec:c7:46:70:1a:e6:69:f3:15:46:9b:
         87:36:56:78:6d:62:3e:eb:da:0b:84:05:a4:c1:9c:dc:74:ba:
         50:c5:69:52:ea:b7:f4:1f:9b:97:d6:8f:9a:7b:94:c8:e4:94:
         14:82:96:87:87:82:e7:28:3e:cc:e2:30:a4:d5:ff:16:b3:a0:
         7c:32:e0:c3:91:fa:fa:1f:e6:f7:29:60:de:49:53:5b:32:b3:
         a1:27:79:0c:b5:ff:71:34:e9:4b:cd:3c:9b:ec:55:a2:7f:3a:
         10:60:1d:3e:c1:d1:75:38:4c:dc:86:fd:88:b7:1d:f5:a0:01:
         b0:b2:45:ad:02:34:af:4e:5a:9e:ec:1d:7a:e8:9c:f4:7b:50:
         b9:c9:3d:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuCupCr1tI2PfZoNta8z3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYzcyYTczNDM5MmY2Y2Y3OTJiM2QwYzNlZDExODIwMjg2
ZjE5ZjQwHhcNMjMwMTAxMTU1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTcwMTIzNGViNDEzNGQ3ZDEzMjg2ZThmNmU2NjRlMmI0MDNjZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4cOQzqw1ML3/oE3xS56m9rFGacz
iP+4tTIdYb1zN/KOyCay2B1ldSOtzLSA6c3SNIucVmPCdzsVbw0RuFbnaYS+5K7l
9jMxmdajCgQAB0CzVjNCE3WV8kWdLisXvciAyVPh4MwvCo70MGPHHcd6o2wad0FD
FfmScGYyxrmjucDNK8ApMOswYPuNTGW5nRnuU9dw7+Wn88ek0+mz1d5731ym2wgz
AUgT/l8ZxjCKH7B0arqVbem3c9QqPS9/zFWC7gVs4yT/Dcj5D6YUqcRILU6TXwKP
haXZCn03z1rgkkkiO+QoPEp9bG8GRtCuA6QDwq+F4burq5VHNLil+TjoyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJVwEjTrQTTX0TKG6PbmZOK0A886MB8GA1UdIwQY
MBaAFGrHKnNDkvbPeSs9DD7RGCAobxn0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXNjcWMwT1M5czk1S3owTVB0RVlJQ2h2R2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mY2Q1MTYtODhmNS00ZTQ4LTlhYjQt
OTNkZjQ1MDAzZTdlLzEvbFhBU05PdEJOTmZSTW9ibzl1Wms0clFEenpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mY2Q1MTYtODhmNS00ZTQ4LTlhYjQtOTNkZjQ1MDAzZTdl
LzEvYXNjcWMwT1M5czk1S3owTVB0RVlJQ2h2R2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZnoMA0E
AgACMAcDBQAqEHJAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ0ZQ/msRsOJ8t8jGNkCb/
zIT9mEoyFjfRHAqtB2hJTN5zew73zv+G3r/31hmHf0P6lT/UkG+OvR9oUL5V4UOg
eT3bGSSHunwYX46N1n9EvYqw6HfYsDCRInRb/DoqdeyF/+vLoWOJCAfvBVS/GWKn
6tMR7MdGcBrmafMVRpuHNlZ4bWI+69oLhAWkwZzcdLpQxWlS6rf0H5uX1o+ae5TI
5JQUgpaHh4LnKD7M4jCk1f8Ws6B8MuDDkfr6H+b3KWDeSVNbMrOhJ3kMtf9xNOlL
zTyb7FWifzoQYB0+wdF1OEzchv2Itx31oAGwskWtAjSvTlqe7B166Jz0e1C5yT0X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:16 2024 by rpki-client on console-fra.rpki-client.org