Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cNscigfRlQhfZP8Abp7E7rxj03k.roa
File:                     cNscigfRlQhfZP8Abp7E7rxj03k.roa (raw, json)
Hash identifier:          rZAqZY98VYHrzwkvysgERlOWOOuNE3qTFYGOhomhTz4=
Subject key identifier:   70:DB:1C:8A:07:D1:95:08:5F:64:FF:00:6E:9E:C4:EE:BC:63:D3:79
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       01856BCA161D2088CBB72A8E9816271353C6
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cNscigfRlQhfZP8Abp7E7rxj03k.roa
Signing time:             Sun 01 Jan 2023 05:24:44 +0000
ROA not before:           Sun 01 Jan 2023 05:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3215
IP address blocks:        45.135.10.0/24 maxlen: 24
                          45.135.8.0/24 maxlen: 24
                          45.136.218.0/24 maxlen: 24
                          45.136.216.0/24 maxlen: 24
                          45.139.34.0/24 maxlen: 24
                          45.139.32.0/24 maxlen: 24
                          45.138.76.0/24 maxlen: 24
                          45.138.78.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 27 Jan 2023 11:26:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ca:16:1d:20:88:cb:b7:2a:8e:98:16:27:13:53:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Jan  1 05:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=70db1c8a07d195085f64ff006e9ec4eebc63d379
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:b9:a9:92:4d:1f:48:d6:5a:7a:a6:b9:2c:e5:
                    44:7c:bd:b0:d4:6c:e2:77:70:60:21:9e:e0:e1:05:
                    0d:5d:5f:a3:15:4a:05:88:fe:23:12:47:ab:dd:4c:
                    2c:22:be:72:72:d1:68:1e:0e:05:00:87:fe:c0:83:
                    de:17:37:0b:d1:04:4c:f2:00:54:9c:15:03:4c:5c:
                    e2:9f:28:02:39:7f:d8:d2:8d:87:0a:67:03:5c:69:
                    d4:9b:86:88:4a:ff:59:b4:da:06:5d:db:1a:7f:63:
                    df:2b:7f:01:49:8b:ab:86:f9:fd:4a:01:04:1b:2c:
                    93:cb:42:a3:36:c5:4f:28:75:d7:ac:ea:0b:38:6f:
                    67:54:fd:43:68:40:48:5e:f4:83:c8:2f:a1:6b:71:
                    b1:2f:09:a6:43:8e:02:a6:89:35:cc:30:01:45:5e:
                    66:aa:b2:2e:a8:7c:4a:df:94:c6:17:04:cd:12:01:
                    72:73:d3:26:b4:4b:cc:36:c7:6f:38:e0:b9:ba:ee:
                    67:bf:75:f7:db:38:24:96:6d:96:cb:a1:47:14:d3:
                    cb:d3:8f:b8:ec:1e:e8:cf:5a:21:26:cf:c4:17:f6:
                    5f:fd:c5:72:98:85:6a:9b:b6:0c:c0:df:3b:b0:46:
                    19:7d:7d:90:92:a2:53:4d:68:79:5d:c6:bf:d4:e7:
                    14:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:DB:1C:8A:07:D1:95:08:5F:64:FF:00:6E:9E:C4:EE:BC:63:D3:79
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cNscigfRlQhfZP8Abp7E7rxj03k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.8.0/24
                  45.135.10.0/24
                  45.136.216.0/24
                  45.136.218.0/24
                  45.138.76.0/24
                  45.138.78.0/24
                  45.139.32.0/24
                  45.139.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:ad:d4:a1:77:88:3a:7c:36:b8:a9:33:c9:43:53:1a:d6:8a:
         51:79:6a:0c:89:ef:09:96:64:ae:2c:c4:bd:78:b8:88:d0:8b:
         12:2e:6c:01:9c:84:36:74:8c:94:97:e1:36:07:6b:a5:5c:9d:
         cc:99:bc:77:64:2b:7c:ab:2e:c0:a0:07:58:1f:4f:77:42:c2:
         5c:f9:16:4b:16:eb:d7:25:5e:e2:6d:46:d8:ad:42:8b:c0:93:
         37:32:0b:f3:c1:51:30:e5:00:63:c9:ae:95:48:7b:03:13:1a:
         70:8b:9a:24:bd:46:e0:f7:07:ad:c2:c6:e4:ab:23:de:ed:c8:
         41:cd:d2:72:59:32:b2:80:cb:34:b4:1b:56:71:d2:79:5b:d7:
         16:fa:a7:9b:96:42:38:31:b7:2e:3a:a4:0a:1d:2b:08:12:5a:
         6d:b0:d4:09:d4:20:52:9a:29:12:6d:d8:4c:fb:24:ec:59:88:
         c5:d7:80:dd:15:de:97:16:0f:70:10:4d:aa:0a:cc:a7:57:f6:
         c1:49:80:43:9c:3d:ed:ae:b8:4d:7b:18:6d:3b:83:73:23:81:
         ea:e9:7e:d6:ac:09:58:5a:1a:95:82:54:1e:0e:d9:5d:13:eb:
         09:55:67:89:c5:42:94:2e:a3:7e:e0:85:e1:ad:63:93:31:18:
         72:db:72:99
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVryhYdIIjLtyqOmBYnE1PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRiMWM4YTA3ZDE5NTA4NWY2NGZmMDA2ZTllYzRlZWJjNjNkMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7mpkk0fSNZaeqa5LOVEfL2w1Gzi
d3BgIZ7g4QUNXV+jFUoFiP4jEker3UwsIr5yctFoHg4FAIf+wIPeFzcL0QRM8gBU
nBUDTFzinygCOX/Y0o2HCmcDXGnUm4aISv9ZtNoGXdsaf2PfK38BSYurhvn9SgEE
GyyTy0KjNsVPKHXXrOoLOG9nVP1DaEBIXvSDyC+ha3GxLwmmQ44Cpok1zDABRV5m
qrIuqHxK35TGFwTNEgFyc9MmtEvMNsdvOOC5uu5nv3X32zgklm2Wy6FHFNPL04+4
7B7oz1ohJs/EF/Zf/cVymIVqm7YMwN87sEYZfX2QkqJTTWh5Xca/1OcUEQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHDbHIoH0ZUIX2T/AG6exO68Y9N5MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvY05zY2lnZlJsUWhmWlA4QWJwN0U3cnhqMDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYcIAwQA
LYcKAwQALYjYAwQALYjaAwQALYpMAwQALYpOAwQALYsgAwQALYsiMA0GCSqGSIb3
DQEBCwUAA4IBAQCLrdShd4g6fDa4qTPJQ1Ma1opReWoMie8JlmSuLMS9eLiI0IsS
LmwBnIQ2dIyUl+E2B2ulXJ3Mmbx3ZCt8qy7AoAdYH093QsJc+RZLFuvXJV7ibUbY
rUKLwJM3MgvzwVEw5QBjya6VSHsDExpwi5okvUbg9wetwsbkqyPe7chBzdJyWTKy
gMs0tBtWcdJ5W9cW+qeblkI4MbcuOqQKHSsIElptsNQJ1CBSmikSbdhM+yTsWYjF
14DdFd6XFg9wEE2qCsynV/bBSYBDnD3trrhNexhtO4NzI4Hq6X7WrAlYWhqVglQe
DtldE+sJVWeJxUKULqN+4IXhrWOTMRhy23KZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org