Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/S_OH9SQfIncUAjQcDuxnHcB4c5Q.roa
File:                     S_OH9SQfIncUAjQcDuxnHcB4c5Q.roa (raw, json)
Hash identifier:          WI1/fO4aiW8xk3MKdkcpNIiFS/vKCjHa5nLY92x7Lgw=
Subject key identifier:   4B:F3:87:F5:24:1F:22:77:14:02:34:1C:0E:EC:67:1D:C0:78:73:94
Certificate issuer:       /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial:       018E19037709B1C29B98916BF16E4A4CCBBF
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/S_OH9SQfIncUAjQcDuxnHcB4c5Q.roa
Signing time:             Thu 07 Mar 2024 13:04:01 +0000
ROA not before:           Thu 07 Mar 2024 13:04:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29205
IP address blocks:        91.230.36.0/23 maxlen: 23
                          185.49.12.0/22 maxlen: 24
                          185.100.228.0/22 maxlen: 22
                          188.214.16.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 Jul 2024 13:41:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:19:03:77:09:b1:c2:9b:98:91:6b:f1:6e:4a:4c:cb:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
        Validity
            Not Before: Mar  7 13:04:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4bf387f5241f22771402341c0eec671dc0787394
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:90:98:ac:19:92:d5:89:65:ba:32:45:51:4f:
                    d0:f5:f1:0d:de:bd:e4:00:7d:23:00:fc:ab:db:68:
                    0c:72:95:ff:90:7e:a9:9e:59:d5:ee:ff:9b:8f:a0:
                    bb:aa:0e:9e:70:6b:50:0b:1c:df:fd:52:37:4f:e4:
                    b4:72:0d:1c:6b:c9:f0:9b:83:e8:d8:af:8f:9c:00:
                    e6:65:c9:c9:67:a6:31:60:72:4a:f1:68:77:1f:ec:
                    ea:a5:3b:83:7b:80:8b:63:a4:46:39:08:b2:9c:c3:
                    73:67:a3:66:8f:5e:5c:72:a2:d4:7f:7c:34:d0:ce:
                    5d:55:6f:5e:96:a9:ce:c4:14:4a:f7:d1:7f:75:41:
                    4b:a9:62:1b:a4:10:8b:0d:07:f1:76:06:fb:ef:b3:
                    86:7c:c6:c8:5c:ad:e5:b4:ec:b8:84:b3:e4:de:b7:
                    e3:8f:50:62:bc:2b:03:c8:fe:2d:ab:38:f2:97:0e:
                    df:6d:d7:74:ad:bc:9d:c7:d4:a4:b4:0b:a3:6c:9f:
                    22:4b:95:2c:ed:ee:c0:c4:7b:cc:31:84:36:73:cd:
                    a3:12:da:66:20:33:05:0c:04:05:71:b8:44:cf:a1:
                    46:42:47:ee:1f:3e:e1:bf:c6:e3:ac:6a:eb:47:77:
                    97:1f:7e:a3:47:fa:ce:a7:8b:b1:ec:1f:f5:d6:b6:
                    bd:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:F3:87:F5:24:1F:22:77:14:02:34:1C:0E:EC:67:1D:C0:78:73:94
            X509v3 Authority Key Identifier:
                keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/S_OH9SQfIncUAjQcDuxnHcB4c5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.230.36.0/23
                  185.49.12.0/22
                  185.100.228.0/22
                  188.214.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1b:2a:66:ee:0b:fe:d5:81:4b:b5:49:00:95:89:db:ae:89:98:
         08:8b:de:31:67:dc:9f:97:80:a2:99:0a:fe:53:d4:f2:41:a2:
         08:cd:fa:f9:f7:a5:d9:c7:4b:d3:34:8a:00:63:f5:f5:12:18:
         63:19:f9:54:1f:b3:33:2f:fc:12:78:96:ef:ba:c6:34:f1:cd:
         f4:e6:b1:fe:79:ad:33:fd:e9:35:ad:85:61:e9:a2:15:68:5e:
         2b:0a:f7:89:09:0a:a3:fb:6e:e8:d8:21:59:bb:eb:b5:00:b5:
         d2:b3:dc:c1:56:a1:ce:84:4b:cd:59:23:25:a9:6f:3c:4a:5f:
         e7:4e:82:55:b2:13:15:0f:29:ba:c3:23:8a:14:dc:33:de:92:
         4d:48:c4:4f:4d:ce:06:73:bc:ea:92:37:69:02:c0:e2:92:d5:
         91:5b:e0:af:07:f3:8a:51:f3:10:77:12:32:e2:4d:d9:37:85:
         5b:cd:92:28:c2:da:62:20:ea:16:79:4a:a2:1c:35:86:85:c7:
         9a:32:76:7d:1b:6b:49:23:b5:b8:ef:df:96:ed:5b:b3:63:4e:
         2d:d7:cf:fe:04:78:35:ec:12:64:06:38:ad:74:71:92:6c:7e:
         7e:c7:6a:79:6c:70:58:32:69:d0:cb:e0:60:ed:8f:5e:79:83:
         68:59:df:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4ZA3cJscKbmJFr8W5KTMu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjQwMzA3MTMwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYzODdmNTI0MWYyMjc3MTQwMjM0MWMwZWVjNjcxZGMwNzg3Mzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJCYrBmS1YllujJFUU/Q9fEN3r3k
AH0jAPyr22gMcpX/kH6pnlnV7v+bj6C7qg6ecGtQCxzf/VI3T+S0cg0ca8nwm4Po
2K+PnADmZcnJZ6YxYHJK8Wh3H+zqpTuDe4CLY6RGOQiynMNzZ6Nmj15ccqLUf3w0
0M5dVW9elqnOxBRK99F/dUFLqWIbpBCLDQfxdgb777OGfMbIXK3ltOy4hLPk3rfj
j1BivCsDyP4tqzjylw7fbdd0rbydx9SktAujbJ8iS5Us7e7AxHvMMYQ2c82jEtpm
IDMFDAQFcbhEz6FGQkfuHz7hv8bjrGrrR3eXH36jR/rOp4ux7B/11ra97wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEvzh/UkHyJ3FAI0HA7sZx3AeHOUMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvU19PSDlTUWZJbmNVQWpRY0R1eG5IY0I0YzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+YkAwQC
uTEMAwQCuWTkAwQDvNYQMA0GCSqGSIb3DQEBCwUAA4IBAQAbKmbuC/7VgUu1SQCV
iduuiZgIi94xZ9yfl4CimQr+U9TyQaIIzfr596XZx0vTNIoAY/X1EhhjGflUH7Mz
L/wSeJbvusY08c305rH+ea0z/ek1rYVh6aIVaF4rCveJCQqj+27o2CFZu+u1ALXS
s9zBVqHOhEvNWSMlqW88Sl/nToJVshMVDym6wyOKFNwz3pJNSMRPTc4Gc7zqkjdp
AsDiktWRW+CvB/OKUfMQdxIy4k3ZN4VbzZIowtpiIOoWeUqiHDWGhceaMnZ9G2tJ
I7W479+W7VuzY04t18/+BHg17BJkBjitdHGSbH5+x2p5bHBYMmnQy+Bg7Y9eeYNo
Wd8I
-----END CERTIFICATE-----
Generated at Thu Jul 18 19:05:00 2024 by rpki-client on console-ams.rpki-client.org