Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/S1hvSACoT_XYrbOby3RjI53tLVk.roa
File:                     S1hvSACoT_XYrbOby3RjI53tLVk.roa (raw, json)
Hash identifier:          hH9bvJIUjNz9rubC4c2R/PmSLtdSvCD6GgSElDs2XSg=
Subject key identifier:   4B:58:6F:48:00:A8:4F:F5:D8:AD:B3:9B:CB:74:63:23:9D:ED:2D:59
Certificate issuer:       /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial:       018571FA0CD1DD633574B877B7D2FC3174BB
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/S1hvSACoT_XYrbOby3RjI53tLVk.roa
Signing time:             Mon 02 Jan 2023 10:14:50 +0000
ROA not before:           Mon 02 Jan 2023 10:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        192.40.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Sep 2023 16:43:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:0c:d1:dd:63:35:74:b8:77:b7:d2:fc:31:74:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
        Validity
            Not Before: Jan  2 10:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b586f4800a84ff5d8adb39bcb7463239ded2d59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:ea:86:08:7f:3f:4a:7e:0d:d9:3f:0c:2c:48:
                    d7:17:00:c2:60:ac:64:c8:48:d0:21:a4:e3:f0:72:
                    62:02:90:38:8b:66:e3:1d:22:0a:50:98:6f:4f:16:
                    63:85:dd:8a:76:02:a7:a6:ac:27:e2:dd:01:38:05:
                    fe:9f:ea:ac:22:b7:ba:1b:aa:e8:2b:f3:f9:0b:eb:
                    75:03:c3:51:9a:18:d7:9f:d1:95:09:fb:21:85:37:
                    a5:b0:10:f5:55:9f:98:52:fc:5a:a2:b3:dd:28:62:
                    26:c7:3b:c9:63:f2:3a:84:2d:33:20:c5:02:6a:15:
                    ec:ae:4d:23:77:df:00:d6:73:c7:82:cd:3a:83:33:
                    65:74:e8:f2:a3:19:0a:9e:16:6a:38:2e:e3:c4:1b:
                    9a:98:f8:78:92:5e:5f:d5:82:09:a8:9f:cf:a3:ea:
                    32:49:cf:bb:72:99:ae:af:23:d4:66:55:bc:49:77:
                    36:6c:48:84:06:86:14:0d:9a:f3:9e:72:86:90:e5:
                    4c:eb:56:91:b6:23:36:ad:4c:94:ef:7f:fc:07:44:
                    bb:d8:80:79:50:2b:e9:6f:6d:aa:a8:79:ef:41:79:
                    86:2a:79:02:92:f6:9e:46:72:66:32:9b:7e:d5:23:
                    e9:07:56:9e:75:45:12:4a:57:f9:7f:75:fc:b6:89:
                    68:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:58:6F:48:00:A8:4F:F5:D8:AD:B3:9B:CB:74:63:23:9D:ED:2D:59
            X509v3 Authority Key Identifier:
                keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/S1hvSACoT_XYrbOby3RjI53tLVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.40.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:6d:79:c2:53:61:e5:3b:48:a1:85:26:9d:74:51:8b:45:6f:
         96:9c:e3:c2:53:ef:60:a8:a9:5c:5a:15:33:51:82:c5:20:12:
         78:b7:bf:8c:80:dc:be:09:07:77:f1:62:50:b5:a1:d8:18:03:
         97:17:b1:5c:26:8d:7d:28:b9:6f:8e:e0:aa:aa:ca:f0:58:5b:
         87:d6:b5:d9:6f:ab:6b:29:1b:52:b6:0e:3e:95:4e:97:5b:01:
         a1:67:2a:94:11:6d:47:e5:c2:28:7b:8f:54:4f:92:41:2a:bf:
         39:e0:6a:cd:68:6a:50:d2:d2:54:0f:97:dc:56:2c:ff:51:b0:
         a1:79:f4:72:86:cb:9f:61:5e:0b:02:68:fc:0e:56:71:95:9a:
         11:8e:ed:c5:d5:dc:39:5e:d7:2b:7e:be:a6:e1:dd:83:30:93:
         3e:bd:4c:bd:1e:91:16:85:82:65:32:d3:6c:6b:9a:c4:49:fa:
         d2:37:15:e1:72:3b:95:a2:73:01:48:2a:55:9e:87:a5:05:e9:
         8f:24:4b:7b:8d:03:8c:51:2c:50:45:7b:f7:df:7c:35:dd:74:
         bd:ab:b3:75:a3:e9:eb:29:1d:c5:62:61:28:e8:a0:43:89:1f:
         76:40:06:77:bc:5d:f2:75:25:15:22:1a:34:10:b4:6b:90:b1:
         64:4b:a0:f9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVx+gzR3WM1dLh3t9L8MXS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk
YTExMjYwHhcNMjMwMTAyMTAxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU4NmY0ODAwYTg0ZmY1ZDhhZGIzOWJjYjc0NjMyMzlkZWQyZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuqGCH8/Sn4N2T8MLEjXFwDCYKxk
yEjQIaTj8HJiApA4i2bjHSIKUJhvTxZjhd2KdgKnpqwn4t0BOAX+n+qsIre6G6ro
K/P5C+t1A8NRmhjXn9GVCfshhTelsBD1VZ+YUvxaorPdKGImxzvJY/I6hC0zIMUC
ahXsrk0jd98A1nPHgs06gzNldOjyoxkKnhZqOC7jxBuamPh4kl5f1YIJqJ/Po+oy
Sc+7cpmuryPUZlW8SXc2bEiEBoYUDZrznnKGkOVM61aRtiM2rUyU73/8B0S72IB5
UCvpb22qqHnvQXmGKnkCkvaeRnJmMpt+1SPpB1aedUUSSlf5f3X8toloVwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEtYb0gAqE/12K2zm8t0YyOd7S1ZMB8GA1UdIwQY
MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw
LWI1YWJmNDQwZTg5My8xL1MxaHZTQUNvVF9YWXJiT2J5M1JqSTUzdExWay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5
My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAKE8w
DQYJKoZIhvcNAQELBQADggEBAGdtecJTYeU7SKGFJp10UYtFb5ac48JT72CoqVxa
FTNRgsUgEni3v4yA3L4JB3fxYlC1odgYA5cXsVwmjX0ouW+O4KqqyvBYW4fWtdlv
q2spG1K2Dj6VTpdbAaFnKpQRbUflwih7j1RPkkEqvzngas1oalDS0lQPl9xWLP9R
sKF59HKGy59hXgsCaPwOVnGVmhGO7cXV3Dle1yt+vqbh3YMwkz69TL0ekRaFgmUy
02xrmsRJ+tI3FeFyO5WicwFIKlWeh6UF6Y8kS3uNA4xRLFBFe/fffDXddL2rs3Wj
6espHcViYSjooEOJH3ZABne8XfJ1JRUiGjQQtGuQsWRLoPk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org