Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/DrMWqNh322TRT8yo7RoOVdnWXlM.roa
File:                     DrMWqNh322TRT8yo7RoOVdnWXlM.roa (raw, json)
Hash identifier:          NJ3lXtyqyU7rng5LTTZN/X3oRQg9PvqP3WEOYsujCrQ=
Subject key identifier:   0E:B3:16:A8:D8:77:DB:64:D1:4F:CC:A8:ED:1A:0E:55:D9:D6:5E:53
Certificate issuer:       /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial:       0187DCF8C23915CAF8E2CC0E29446824FD58
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/DrMWqNh322TRT8yo7RoOVdnWXlM.roa
Signing time:             Tue 02 May 2023 14:58:22 +0000
ROA not before:           Tue 02 May 2023 14:58:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207713
IP address blocks:        2a05:541:121::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 24 May 2023 18:38:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:dc:f8:c2:39:15:ca:f8:e2:cc:0e:29:44:68:24:fd:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
        Validity
            Not Before: May  2 14:58:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0eb316a8d877db64d14fcca8ed1a0e55d9d65e53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ce:49:6f:c1:1f:e3:04:32:70:3a:dc:28:76:
                    af:6f:a8:85:b7:c2:6c:e9:0e:7f:5c:ea:93:9c:c7:
                    25:47:1b:bc:05:e1:32:05:98:c1:e5:c1:b8:ad:22:
                    98:42:da:74:cf:bc:cf:b8:3d:3b:1d:99:5f:22:8d:
                    d0:9c:1b:e8:c5:43:5d:96:70:e2:ae:c9:4c:db:92:
                    a3:00:64:88:1f:dd:a4:5d:41:60:d1:27:fa:ca:68:
                    dc:14:06:a5:7e:da:21:a4:81:96:fc:a5:b1:db:47:
                    7d:d9:69:dd:a2:c8:fd:04:71:53:79:3f:51:af:c8:
                    41:a6:03:61:62:b9:5a:62:c4:09:f2:43:25:c6:44:
                    4a:9e:33:1f:88:20:da:b6:ce:57:39:23:be:7e:29:
                    d8:86:87:d8:d4:26:a1:f5:b4:69:ae:b3:04:0b:47:
                    d6:09:80:b9:73:85:30:c0:85:a7:8b:23:c8:82:31:
                    26:8d:cb:13:8c:ca:bf:b3:6f:6f:2e:66:a4:49:72:
                    71:da:83:b3:5a:a0:74:51:02:7c:a6:42:07:34:35:
                    90:9c:e9:a3:ca:e9:58:42:1c:96:f4:40:00:f2:0f:
                    03:43:d3:40:16:f4:14:8a:4a:80:ba:8e:6c:3b:90:
                    db:b6:7e:75:a7:fe:20:74:9b:ae:7b:5c:f8:f8:bd:
                    ea:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:B3:16:A8:D8:77:DB:64:D1:4F:CC:A8:ED:1A:0E:55:D9:D6:5E:53
            X509v3 Authority Key Identifier:
                keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/DrMWqNh322TRT8yo7RoOVdnWXlM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:541:121::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:20:d9:f2:24:f0:a9:48:bb:01:f4:5b:d9:7e:4a:d1:40:79:
         bf:3c:3e:65:16:f2:2d:bc:16:fa:7e:70:32:3c:20:36:3a:a4:
         74:4d:89:8b:b3:43:d9:ba:77:77:f1:7b:b4:84:29:35:f6:b7:
         fb:91:cf:7c:14:2d:8b:e9:d1:9b:22:c6:60:d3:4f:2c:b3:5e:
         29:2d:1d:42:4d:52:e1:46:26:6d:f2:c6:80:c9:99:0d:7d:0f:
         93:36:3d:2c:21:78:2a:3f:74:ee:a3:a7:9f:43:43:cb:5f:bd:
         87:8d:f1:96:0f:a3:f7:9e:66:01:f8:b3:6b:65:e9:51:53:69:
         34:0c:85:74:99:dc:26:a1:8c:20:be:4e:78:f9:75:6a:bb:22:
         73:01:ea:67:0e:6d:ca:37:27:3f:6a:80:69:de:95:55:d8:db:
         80:46:54:bf:bf:01:37:46:98:b6:14:f8:96:ff:f6:ae:6e:fe:
         11:95:07:c2:f5:74:53:96:15:ae:60:3e:7c:13:e0:94:67:15:
         6e:00:7f:0e:60:0e:2a:91:c5:b5:5d:49:09:5d:0d:e7:eb:5b:
         57:df:7a:a0:3a:8a:4b:08:57:c4:3d:9d:22:57:3a:4d:9f:f4:
         dd:28:a3:ad:58:f5:e4:a1:b7:10:04:a6:d2:22:c9:f2:f3:14:
         64:f4:6c:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfc+MI5Fcr44swOKURoJP1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwNTAyMTQ1ODIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWIzMTZhOGQ4NzdkYjY0ZDE0ZmNjYThlZDFhMGU1NWQ5ZDY1ZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws5Jb8Ef4wQycDrcKHavb6iFt8Js
6Q5/XOqTnMclRxu8BeEyBZjB5cG4rSKYQtp0z7zPuD07HZlfIo3QnBvoxUNdlnDi
rslM25KjAGSIH92kXUFg0Sf6ymjcFAalftohpIGW/KWx20d92Wndosj9BHFTeT9R
r8hBpgNhYrlaYsQJ8kMlxkRKnjMfiCDats5XOSO+finYhofY1Cah9bRprrMEC0fW
CYC5c4UwwIWniyPIgjEmjcsTjMq/s29vLmakSXJx2oOzWqB0UQJ8pkIHNDWQnOmj
yulYQhyW9EAA8g8DQ9NAFvQUikqAuo5sO5Dbtn51p/4gdJuue1z4+L3qmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA6zFqjYd9tk0U/MqO0aDlXZ1l5TMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvRHJNV3FOaDMyMlRSVDh5bzdSb09WZG5XWGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgUFQQEh
MA0GCSqGSIb3DQEBCwUAA4IBAQBDINnyJPCpSLsB9FvZfkrRQHm/PD5lFvItvBb6
fnAyPCA2OqR0TYmLs0PZund38Xu0hCk19rf7kc98FC2L6dGbIsZg008ss14pLR1C
TVLhRiZt8saAyZkNfQ+TNj0sIXgqP3Tuo6efQ0PLX72HjfGWD6P3nmYB+LNrZelR
U2k0DIV0mdwmoYwgvk54+XVquyJzAepnDm3KNyc/aoBp3pVV2NuARlS/vwE3Rpi2
FPiW//aubv4RlQfC9XRTlhWuYD58E+CUZxVuAH8OYA4qkcW1XUkJXQ3n61tX33qg
OopLCFfEPZ0iVzpNn/TdKKOtWPXkobcQBKbSIsny8xRk9GzH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:18 2024 by rpki-client on console-fra.rpki-client.org