Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IUR3L75tIty7xoI3Bc1zKhqPy7c.roa
File:                     IUR3L75tIty7xoI3Bc1zKhqPy7c.roa (raw, json)
Hash identifier:          S3fEX2igRKSv9z6/vQuTz1NfPbA1ZqWwvAStBEFZZGQ=
Subject key identifier:   21:44:77:2F:BE:6D:22:DC:BB:C6:82:37:05:CD:73:2A:1A:8F:CB:B7
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018DD1E8C6110ADA973DC6F5DA836D34B803
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IUR3L75tIty7xoI3Bc1zKhqPy7c.roa
Signing time:             Thu 22 Feb 2024 17:41:49 +0000
ROA not before:           Thu 22 Feb 2024 17:41:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204957
IP address blocks:        31.222.249.0/24 maxlen: 24
                          185.202.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 May 2024 13:04:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d1:e8:c6:11:0a:da:97:3d:c6:f5:da:83:6d:34:b8:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Feb 22 17:41:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2144772fbe6d22dcbbc6823705cd732a1a8fcbb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:db:6d:4a:f9:45:67:83:cf:90:80:43:dc:a3:
                    6f:ae:3a:4e:e2:b1:50:ee:63:c5:5f:aa:b1:da:9b:
                    9d:a3:bd:b4:3b:a6:6b:97:86:83:40:fc:94:09:1f:
                    88:40:25:36:13:ae:4f:8b:4a:80:a1:70:4e:aa:2c:
                    25:66:8f:61:0a:d2:2c:2a:d5:6f:74:7d:50:9b:0b:
                    b1:53:cf:c4:5f:90:27:e4:0a:77:91:ab:9b:bb:c2:
                    fc:72:41:a4:39:28:b7:a2:34:84:eb:45:b5:fd:b4:
                    fd:bf:c7:e9:33:d1:88:25:24:86:5e:aa:a8:aa:96:
                    11:4a:7c:39:31:a5:a5:2a:18:b0:a2:5e:fd:55:12:
                    19:57:d5:2b:14:fa:2c:98:70:a9:ba:27:17:ed:88:
                    dc:f4:3e:52:70:61:d1:9e:49:31:9a:dc:26:3f:66:
                    7c:db:de:ab:90:92:ae:95:9c:3d:34:27:2c:df:ab:
                    df:29:93:b8:f7:4e:06:35:d8:43:43:e4:5d:61:be:
                    d6:6e:02:06:58:8e:5d:eb:29:55:2d:1e:a1:5c:62:
                    cb:9b:e6:a7:76:f2:fb:9f:55:d2:ce:64:0b:e2:81:
                    ec:db:4d:7b:c1:a0:51:8f:3f:bb:05:25:c5:87:72:
                    46:69:d8:e5:4e:26:8c:3b:f6:69:f1:0b:d5:84:6d:
                    f9:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:44:77:2F:BE:6D:22:DC:BB:C6:82:37:05:CD:73:2A:1A:8F:CB:B7
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IUR3L75tIty7xoI3Bc1zKhqPy7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.222.249.0/24
                  185.202.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:b6:38:7e:56:a3:cd:81:8d:6f:a0:81:4c:d2:85:71:22:cc:
         1b:41:73:b6:b7:bc:d7:1f:30:d6:4b:8c:7d:20:0c:d0:82:1e:
         a5:34:0b:57:a3:f0:7c:37:30:96:e9:2a:07:d7:55:75:1f:c2:
         d7:4c:d2:10:0b:d1:2e:26:ec:39:4f:c9:bc:d0:13:e7:9c:4f:
         c3:9c:a5:43:b6:d2:9d:56:11:03:5e:ed:20:2b:77:bb:7e:4c:
         25:80:eb:b1:14:f9:62:c8:54:3a:0b:97:5a:a9:59:a8:37:d8:
         d6:0f:87:a7:4f:b1:50:c9:62:47:4d:63:01:c0:d0:8b:a3:5b:
         d3:cd:71:b6:0c:1d:f2:b1:c3:60:1d:89:87:8b:93:a4:a0:da:
         36:54:c0:2a:cd:e0:7d:24:a8:31:a8:60:53:e5:6f:e0:18:ff:
         3d:14:15:17:68:68:89:6e:b9:ca:b3:67:9c:29:85:63:1f:9f:
         e3:d9:36:99:01:7c:19:13:d3:97:e9:b8:95:09:01:e7:77:ac:
         86:ad:64:8b:9f:95:77:97:6f:c2:07:78:c8:da:83:1a:5e:b3:
         ef:79:fe:cb:64:ae:3f:7a:24:83:78:c7:30:13:d2:4b:63:f3:
         74:e9:a0:30:54:6c:be:e9:03:f5:94:4d:cc:8b:08:ea:c7:84:
         99:d9:5f:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3R6MYRCtqXPcb12oNtNLgDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIyMTc0MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ0NzcyZmJlNmQyMmRjYmJjNjgyMzcwNWNkNzMyYTFhOGZjYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9ttSvlFZ4PPkIBD3KNvrjpO4rFQ
7mPFX6qx2pudo720O6Zrl4aDQPyUCR+IQCU2E65Pi0qAoXBOqiwlZo9hCtIsKtVv
dH1QmwuxU8/EX5An5Ap3kaubu8L8ckGkOSi3ojSE60W1/bT9v8fpM9GIJSSGXqqo
qpYRSnw5MaWlKhiwol79VRIZV9UrFPosmHCpuicX7Yjc9D5ScGHRnkkxmtwmP2Z8
296rkJKulZw9NCcs36vfKZO4904GNdhDQ+RdYb7WbgIGWI5d6ylVLR6hXGLLm+an
dvL7n1XSzmQL4oHs2017waBRjz+7BSXFh3JGadjlTiaMO/Zp8QvVhG35vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCFEdy++bSLcu8aCNwXNcyoaj8u3MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSVVSM0w3NXRJdHk3eG9JM0JjMXpLaHFQeTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH975AwQA
ucprMA0GCSqGSIb3DQEBCwUAA4IBAQBJtjh+VqPNgY1voIFM0oVxIswbQXO2t7zX
HzDWS4x9IAzQgh6lNAtXo/B8NzCW6SoH11V1H8LXTNIQC9EuJuw5T8m80BPnnE/D
nKVDttKdVhEDXu0gK3e7fkwlgOuxFPliyFQ6C5daqVmoN9jWD4enT7FQyWJHTWMB
wNCLo1vTzXG2DB3yscNgHYmHi5OkoNo2VMAqzeB9JKgxqGBT5W/gGP89FBUXaGiJ
brnKs2ecKYVjH5/j2TaZAXwZE9OX6biVCQHnd6yGrWSLn5V3l2/CB3jI2oMaXrPv
ef7LZK4/eiSDeMcwE9JLY/N06aAwVGy+6QP1lE3Miwjqx4SZ2V8i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org