Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/P9ktoua2j19sYpYLcRdZvkypgL8.roa
File:                     P9ktoua2j19sYpYLcRdZvkypgL8.roa (raw, json)
Hash identifier:          ji2jtmFQX7n1ogGN4cmRDJezwfw5Tog3RVecKuMTBnY=
Subject key identifier:   3F:D9:2D:A2:E6:B6:8F:5F:6C:62:96:0B:71:17:59:BE:4C:A9:80:BF
Certificate issuer:       /CN=de01c443831cf930b7478708d76a3cf44d89a162
Certificate serial:       0187007E8FD8F4C819AA66B57C60715A86AE
Authority key identifier: DE:01:C4:43:83:1C:F9:30:B7:47:87:08:D7:6A:3C:F4:4D:89:A1:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3gHEQ4Mc-TC3R4cI12o89E2JoWI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/P9ktoua2j19sYpYLcRdZvkypgL8.roa
Signing time:             Mon 20 Mar 2023 19:28:26 +0000
ROA not before:           Mon 20 Mar 2023 19:28:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60976
IP address blocks:        185.42.27.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Mar 2023 10:34:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:00:7e:8f:d8:f4:c8:19:aa:66:b5:7c:60:71:5a:86:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de01c443831cf930b7478708d76a3cf44d89a162
        Validity
            Not Before: Mar 20 19:28:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3fd92da2e6b68f5f6c62960b711759be4ca980bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:71:40:0f:58:90:67:a4:a2:71:95:35:2f:9b:
                    0a:30:28:26:4a:4e:2c:d4:b3:01:af:2d:d9:fa:b4:
                    f6:86:d3:52:78:92:44:0b:a2:21:94:a8:b8:b2:93:
                    e3:15:71:01:18:64:49:8f:5e:e0:89:1d:c3:bc:60:
                    cd:e0:29:a8:f2:90:04:3c:4f:eb:71:79:1f:43:4b:
                    b0:ea:cd:fe:2f:f3:21:58:2c:03:66:5e:fb:bb:a9:
                    5d:28:9c:3d:4c:56:af:b3:b4:ea:9b:e3:82:72:4a:
                    ac:b6:6b:5b:d9:9b:97:72:48:88:66:21:a8:f0:7f:
                    e5:7c:51:22:c9:21:96:09:16:3c:5d:cf:8b:01:a1:
                    12:b3:e9:0b:5a:65:2d:9a:c5:e5:05:98:ea:fd:6b:
                    63:14:80:f7:de:95:38:70:0e:7f:ce:b3:76:07:95:
                    43:3b:81:49:fb:14:9b:4b:4f:94:ff:33:29:3f:af:
                    d1:a4:c1:0c:cc:89:87:cf:87:bc:72:31:c2:bb:db:
                    e3:a0:b7:63:60:a9:f3:cc:e4:66:bc:01:03:d7:9f:
                    cf:df:c0:12:10:04:b5:de:f6:ed:a8:56:c5:20:f1:
                    5a:4f:66:a5:42:d6:bb:c3:3b:f1:13:44:4a:06:9b:
                    f6:c2:d2:c9:30:81:25:4e:fb:58:a0:c0:58:15:4a:
                    59:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:D9:2D:A2:E6:B6:8F:5F:6C:62:96:0B:71:17:59:BE:4C:A9:80:BF
            X509v3 Authority Key Identifier:
                keyid:DE:01:C4:43:83:1C:F9:30:B7:47:87:08:D7:6A:3C:F4:4D:89:A1:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3gHEQ4Mc-TC3R4cI12o89E2JoWI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/P9ktoua2j19sYpYLcRdZvkypgL8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/3gHEQ4Mc-TC3R4cI12o89E2JoWI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.42.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:e4:d7:d5:97:bd:cd:59:4d:cf:4f:80:79:0e:78:63:ae:e0:
         69:54:b5:3c:0e:ed:42:ca:56:da:db:b6:75:3e:25:69:af:4e:
         7b:e0:cf:a6:49:5c:c4:48:52:f8:57:44:f9:f0:93:68:17:5e:
         87:cf:cd:e5:c0:e6:2d:7b:de:39:39:7f:5b:5f:42:b5:58:6d:
         bc:74:3b:39:a0:48:03:e8:53:7d:0d:8f:4a:cf:93:e2:a2:5e:
         5f:a0:d1:db:51:d7:1f:c2:5d:d4:96:78:78:9d:c9:26:80:73:
         86:e2:26:94:02:05:2c:78:45:fe:4e:21:7b:02:d2:be:59:2b:
         14:b7:43:49:51:6c:46:4b:bc:53:d5:1b:ff:56:54:38:ba:05:
         27:84:8c:10:63:06:7e:25:ac:ee:5b:95:58:4c:9c:be:33:98:
         f4:91:e1:1b:fe:d0:f1:f9:d0:e2:8a:93:42:dd:1e:4b:fa:c9:
         a4:69:38:e2:ce:16:5a:41:3f:05:b4:9f:8a:ae:8d:87:8b:51:
         39:15:49:4a:51:ef:84:4b:a6:96:0c:55:5c:1a:a5:6c:78:d8:
         d6:e2:19:23:e9:f2:b7:b7:67:7f:7a:ee:d4:74:b5:b9:d7:68:
         dc:e6:23:f1:60:94:3b:ae:f2:e0:1b:26:4f:1b:93:d9:66:6c:
         2a:6a:4d:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcAfo/Y9MgZqma1fGBxWoauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMDFjNDQzODMxY2Y5MzBiNzQ3ODcwOGQ3NmEzY2Y0NGQ4
OWExNjIwHhcNMjMwMzIwMTkyODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQ5MmRhMmU2YjY4ZjVmNmM2Mjk2MGI3MTE3NTliZTRjYTk4MGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXFAD1iQZ6SicZU1L5sKMCgmSk4s
1LMBry3Z+rT2htNSeJJEC6IhlKi4spPjFXEBGGRJj17giR3DvGDN4Cmo8pAEPE/r
cXkfQ0uw6s3+L/MhWCwDZl77u6ldKJw9TFavs7Tqm+OCckqstmtb2ZuXckiIZiGo
8H/lfFEiySGWCRY8Xc+LAaESs+kLWmUtmsXlBZjq/WtjFID33pU4cA5/zrN2B5VD
O4FJ+xSbS0+U/zMpP6/RpMEMzImHz4e8cjHCu9vjoLdjYKnzzORmvAED15/P38AS
EAS13vbtqFbFIPFaT2alQta7wzvxE0RKBpv2wtLJMIElTvtYoMBYFUpZNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/ZLaLmto9fbGKWC3EXWb5MqYC/MB8GA1UdIwQY
MBaAFN4BxEODHPkwt0eHCNdqPPRNiaFiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2dIRVE0TWMtVEMzUjRjSTEybzg5RTJKb1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xY2I4Y2EtNTk5My00ZDE3LWE2MWUt
ZWU3MzI4YWRjYzdjLzEvUDlrdG91YTJqMTlzWXBZTGNSZFp2a3lwZ0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xY2I4Y2EtNTk5My00ZDE3LWE2MWUtZWU3MzI4YWRjYzdj
LzEvM2dIRVE0TWMtVEMzUjRjSTEybzg5RTJKb1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSobMA0G
CSqGSIb3DQEBCwUAA4IBAQAj5NfVl73NWU3PT4B5DnhjruBpVLU8Du1Cylba27Z1
PiVpr0574M+mSVzESFL4V0T58JNoF16Hz83lwOYte945OX9bX0K1WG28dDs5oEgD
6FN9DY9Kz5Piol5foNHbUdcfwl3Ulnh4nckmgHOG4iaUAgUseEX+TiF7AtK+WSsU
t0NJUWxGS7xT1Rv/VlQ4ugUnhIwQYwZ+JazuW5VYTJy+M5j0keEb/tDx+dDiipNC
3R5L+smkaTjizhZaQT8FtJ+Kro2Hi1E5FUlKUe+ES6aWDFVcGqVseNjW4hkj6fK3
t2d/eu7UdLW512jc5iPxYJQ7rvLgGyZPG5PZZmwqak1I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:12 2024 by rpki-client on console-fra.rpki-client.org