Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NR8xdEyast4VdvT82SUme-eWIHE.roa
File:                     NR8xdEyast4VdvT82SUme-eWIHE.roa (raw, json)
Hash identifier:          aBrkaOy1PiRo0RU82wmMB0dcHnREBYWfNPFHqDMsYV8=
Subject key identifier:   35:1F:31:74:4C:9A:B2:DE:15:76:F4:FC:D9:25:26:7B:E7:96:20:71
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       0188B8708B1EC2EBD61E3EF49C038582B6D1
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NR8xdEyast4VdvT82SUme-eWIHE.roa
Signing time:             Wed 14 Jun 2023 05:46:03 +0000
ROA not before:           Wed 14 Jun 2023 05:46:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.209.140.0/22 maxlen: 24
                          45.154.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Jun 2023 07:10:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b8:70:8b:1e:c2:eb:d6:1e:3e:f4:9c:03:85:82:b6:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jun 14 05:46:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=351f31744c9ab2de1576f4fcd925267be7962071
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:61:6b:55:f9:1d:49:ca:5c:45:a7:89:a6:7d:
                    46:f0:3d:d8:7c:9a:13:12:47:44:31:0f:84:46:59:
                    ec:a5:9a:f8:80:76:0c:b3:a6:f7:ee:33:44:72:06:
                    c7:7d:63:35:ce:a6:d3:4f:84:5f:54:5a:66:3b:2f:
                    21:81:47:3d:60:5b:0f:22:41:d1:a3:36:17:ad:76:
                    5e:1a:d9:60:82:68:6f:3d:0b:e2:f9:11:40:e5:9c:
                    1f:f6:f3:0a:0e:0d:60:ca:a0:6b:11:28:43:a3:30:
                    fd:39:09:d4:d2:a0:79:53:54:4b:c7:d6:84:8f:26:
                    23:23:7d:87:73:31:08:60:89:b6:5e:01:78:dc:0d:
                    5d:b8:4e:a0:9e:1e:9a:96:8a:08:93:7f:55:57:96:
                    94:13:ee:12:c4:e1:c5:ff:25:21:27:9b:c5:bd:2f:
                    b2:dd:f1:4d:95:04:df:a8:e8:aa:7a:69:81:cf:3c:
                    ff:98:d3:24:db:58:f5:70:d7:a0:eb:30:d1:f2:e8:
                    96:4e:f3:6e:eb:46:7c:62:c3:f6:88:3d:d3:ae:e9:
                    a5:c0:25:ef:61:00:55:8f:c8:b1:c1:cc:ab:1f:c3:
                    e8:a6:5a:d0:65:37:8d:d1:73:4a:7b:6d:7e:fb:34:
                    58:eb:c9:60:ed:eb:f8:10:22:b5:1a:e9:34:02:f5:
                    c4:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:1F:31:74:4C:9A:B2:DE:15:76:F4:FC:D9:25:26:7B:E7:96:20:71
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NR8xdEyast4VdvT82SUme-eWIHE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.156.0/24
                  188.209.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         49:d0:27:cb:8b:61:5f:3e:9a:09:6e:e5:89:52:c9:a9:e9:d4:
         4b:5d:1f:10:33:54:06:1e:49:86:d6:3d:9c:41:b6:35:1f:25:
         c5:28:a4:ca:a8:bf:61:1d:80:c7:56:21:86:d1:6b:d3:d8:52:
         a1:42:b9:05:0c:a8:50:55:ea:19:dd:71:30:80:7b:0f:95:ca:
         3b:ca:cd:74:e2:49:a7:e8:9b:ad:27:1a:6c:01:75:7f:6b:b3:
         af:36:6c:13:4b:59:8e:28:2a:13:68:7b:fb:a4:c6:f1:f4:ae:
         2a:aa:5f:94:ba:25:e8:7d:3a:99:b1:cb:ec:1b:4a:f9:22:84:
         05:1f:32:20:b5:ee:cb:84:c3:28:1f:a3:92:b5:1b:91:58:fa:
         9d:10:d1:68:32:67:c5:9b:55:56:54:bb:7d:82:51:55:a6:a7:
         6c:9b:66:97:52:0f:79:bc:16:8a:f4:24:27:9f:a6:cf:f7:c0:
         31:2d:85:40:ad:34:47:d4:63:a4:9e:8c:de:ca:c4:f7:02:09:
         f1:6c:16:70:3f:17:d7:0a:f2:e9:15:4c:20:90:cb:6e:57:a1:
         02:5c:58:8d:4a:77:8f:35:17:48:5a:ae:8f:d9:62:aa:fe:b5:
         fb:23:c3:3c:e0:7f:05:da:ba:7d:d8:86:d8:55:ba:2d:2c:d2:
         bc:04:f2:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi4cIsewuvWHj70nAOFgrbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNjE0MDU0NjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFmMzE3NDRjOWFiMmRlMTU3NmY0ZmNkOTI1MjY3YmU3OTYyMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGFrVfkdScpcRaeJpn1G8D3YfJoT
EkdEMQ+ERlnspZr4gHYMs6b37jNEcgbHfWM1zqbTT4RfVFpmOy8hgUc9YFsPIkHR
ozYXrXZeGtlggmhvPQvi+RFA5Zwf9vMKDg1gyqBrEShDozD9OQnU0qB5U1RLx9aE
jyYjI32HczEIYIm2XgF43A1duE6gnh6alooIk39VV5aUE+4SxOHF/yUhJ5vFvS+y
3fFNlQTfqOiqemmBzzz/mNMk21j1cNeg6zDR8uiWTvNu60Z8YsP2iD3TrumlwCXv
YQBVj8ixwcyrH8PoplrQZTeN0XNKe21++zRY68lg7ev4ECK1Guk0AvXE3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUfMXRMmrLeFXb0/NklJnvnliBxMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTlI4eGRFeWFzdDRWZHZUODJTVW1lLWVXSUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZqcAwQC
vNGMMA0GCSqGSIb3DQEBCwUAA4IBAQBJ0CfLi2FfPpoJbuWJUsmp6dRLXR8QM1QG
HkmG1j2cQbY1HyXFKKTKqL9hHYDHViGG0WvT2FKhQrkFDKhQVeoZ3XEwgHsPlco7
ys104kmn6JutJxpsAXV/a7OvNmwTS1mOKCoTaHv7pMbx9K4qql+UuiXofTqZscvs
G0r5IoQFHzIgte7LhMMoH6OStRuRWPqdENFoMmfFm1VWVLt9glFVpqdsm2aXUg95
vBaK9CQnn6bP98AxLYVArTRH1GOknozeysT3AgnxbBZwPxfXCvLpFUwgkMtuV6EC
XFiNSnePNRdIWq6P2WKq/rX7I8M84H8F2rp92IbYVbotLNK8BPKD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org