Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/fycZflVXdfsNXu6tksq7ozTIJXI.roa
File:                     fycZflVXdfsNXu6tksq7ozTIJXI.roa (raw, json)
Hash identifier:          /NrAHWEi59ezX2A1bfuYZ3XCj5gDdHm4IzA0+D/LjGY=
Subject key identifier:   7F:27:19:7E:55:57:75:FB:0D:5E:EE:AD:92:CA:BB:A3:34:C8:25:72
Certificate issuer:       /CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
Certificate serial:       0185734385FB7283FDB5717ED9BC2DF7BFDA
Authority key identifier: DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/fycZflVXdfsNXu6tksq7ozTIJXI.roa
Signing time:             Mon 02 Jan 2023 16:14:42 +0000
ROA not before:           Mon 02 Jan 2023 16:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42184
IP address blocks:        194.1.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:43:85:fb:72:83:fd:b5:71:7e:d9:bc:2d:f7:bf:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
        Validity
            Not Before: Jan  2 16:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f27197e555775fb0d5eeead92cabba334c82572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:69:20:a8:13:b0:bf:2a:d7:e6:f8:46:ec:26:
                    6c:5d:0a:f7:2d:ea:2d:38:e8:0f:0f:f7:45:18:c4:
                    7b:71:f0:12:02:5d:a6:ca:45:f0:9a:61:53:25:32:
                    e0:f8:a4:2f:64:c9:a9:26:74:6c:80:86:07:14:fa:
                    c3:a7:12:ee:ea:d0:ad:b6:0b:c2:04:74:12:d9:8b:
                    b1:7f:ac:6a:f4:b6:6d:26:a6:d3:23:e0:5f:18:9e:
                    0e:29:4c:aa:0f:45:37:89:86:f9:16:8d:3c:34:7e:
                    74:bf:31:21:3c:0b:01:d4:bb:ff:d0:4c:b5:38:a3:
                    00:cc:70:e6:32:50:a0:a5:28:b9:f0:4f:7e:e9:83:
                    45:dc:bf:c5:97:60:64:df:fb:8d:55:e2:16:67:2f:
                    02:0a:7f:a9:19:e6:e7:34:04:db:df:9e:2a:48:31:
                    95:91:c1:59:e0:e4:0b:00:2b:f0:42:2c:f7:7d:aa:
                    e5:2d:5b:9c:f2:4f:af:66:4d:7a:4c:f6:17:98:cc:
                    4c:9b:f9:1a:f9:d2:8b:2d:4f:0f:b0:86:91:9f:10:
                    80:21:c4:c0:67:53:a1:ff:81:99:f2:dc:50:e7:3f:
                    e4:c2:47:bb:cb:da:d4:92:6b:6a:1a:df:4b:26:d4:
                    9d:f7:bd:e9:5f:9e:71:4c:b5:f6:56:8a:c3:25:63:
                    b8:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:27:19:7E:55:57:75:FB:0D:5E:EE:AD:92:CA:BB:A3:34:C8:25:72
            X509v3 Authority Key Identifier:
                keyid:DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/fycZflVXdfsNXu6tksq7ozTIJXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/3l5sIzCRG8HcjIPUEe9rEgizu9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.1.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:a8:a7:2e:16:ee:38:c6:b8:db:5d:10:d2:4d:23:8b:78:4c:
         5a:95:63:4d:89:5c:db:cc:00:02:f6:6f:38:48:bc:e7:cc:44:
         37:bd:e7:1d:89:a7:6b:8b:8a:82:a4:99:f3:a8:5f:be:c4:ec:
         b6:cf:00:2f:63:f0:10:e7:32:6e:0a:6e:46:a6:4b:35:9b:b5:
         cc:a2:ae:24:1b:5a:ec:e5:ea:13:4a:48:9a:50:0a:f7:12:03:
         d4:f8:82:ce:2c:5b:f1:14:9e:36:cc:e2:58:b9:b6:bb:45:20:
         09:2a:1a:36:43:7d:43:4c:ab:1e:ea:b6:1b:40:c5:81:6b:cc:
         54:33:0c:ca:19:5e:7c:2b:01:06:a6:1a:e2:89:ab:a2:32:14:
         e3:11:11:0e:07:bf:21:e4:ef:2d:23:84:86:24:14:04:4b:94:
         c0:7e:b4:bc:85:f5:5b:af:e7:84:76:86:73:ff:40:66:78:1a:
         82:ca:19:92:a0:e5:a5:bc:da:b8:1f:9a:30:cb:ab:4a:4e:c7:
         c3:99:a0:fd:a6:b7:c0:8d:b3:ac:28:08:dc:a5:6f:75:d9:1a:
         0d:4d:04:94:9e:27:db:7f:81:09:46:ce:fe:b3:11:bf:a0:7d:
         64:7b:1c:cc:94:1b:89:5e:d7:c1:85:fc:58:fc:85:00:1d:69:
         a9:c7:f3:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzQ4X7coP9tXF+2bwt97/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNWU2YzIzMzA5MTFiYzFkYzhjODNkNDExZWY2YjEyMDhi
M2JiZDYwHhcNMjMwMTAyMTYxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI3MTk3ZTU1NTc3NWZiMGQ1ZWVlYWQ5MmNhYmJhMzM0YzgyNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGkgqBOwvyrX5vhG7CZsXQr3Leot
OOgPD/dFGMR7cfASAl2mykXwmmFTJTLg+KQvZMmpJnRsgIYHFPrDpxLu6tCttgvC
BHQS2Yuxf6xq9LZtJqbTI+BfGJ4OKUyqD0U3iYb5Fo08NH50vzEhPAsB1Lv/0Ey1
OKMAzHDmMlCgpSi58E9+6YNF3L/Fl2Bk3/uNVeIWZy8CCn+pGebnNATb354qSDGV
kcFZ4OQLACvwQiz3farlLVuc8k+vZk16TPYXmMxMm/ka+dKLLU8PsIaRnxCAIcTA
Z1Oh/4GZ8txQ5z/kwke7y9rUkmtqGt9LJtSd973pX55xTLX2VorDJWO4iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH8nGX5VV3X7DV7urZLKu6M0yCVyMB8GA1UdIwQY
MBaAFN5ebCMwkRvB3IyD1BHvaxIIs7vWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2w1c0l6Q1JHOEhjaklQVUVlOXJFZ2l6dTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kZTlkNzItZmNkNC00YzdjLTg5Y2Et
ZGU0YmE3ODZmODcyLzEvZnljWmZsVlhkZnNOWHU2dGtzcTdvelRJSlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kZTlkNzItZmNkNC00YzdjLTg5Y2EtZGU0YmE3ODZmODcy
LzEvM2w1c0l6Q1JHOEhjaklQVUVlOXJFZ2l6dTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgGwMA0G
CSqGSIb3DQEBCwUAA4IBAQBzqKcuFu44xrjbXRDSTSOLeExalWNNiVzbzAAC9m84
SLznzEQ3vecdiadri4qCpJnzqF++xOy2zwAvY/AQ5zJuCm5Gpks1m7XMoq4kG1rs
5eoTSkiaUAr3EgPU+ILOLFvxFJ42zOJYuba7RSAJKho2Q31DTKse6rYbQMWBa8xU
MwzKGV58KwEGphriiauiMhTjEREOB78h5O8tI4SGJBQES5TAfrS8hfVbr+eEdoZz
/0BmeBqCyhmSoOWlvNq4H5owy6tKTsfDmaD9prfAjbOsKAjcpW912RoNTQSUnifb
f4EJRs7+sxG/oH1kexzMlBuJXtfBhfxY/IUAHWmpx/PI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:51 2024 by rpki-client on console-ams.rpki-client.org