Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/TEW0Frs3h2zqSNGJ4Sw70XZzyjg.roa
File:                     TEW0Frs3h2zqSNGJ4Sw70XZzyjg.roa (raw, json)
Hash identifier:          tEAFv8yxee6/LMiwiC7I88a0x/r1+uilxkkqFa5AS3E=
Subject key identifier:   4C:45:B4:16:BB:37:87:6C:EA:48:D1:89:E1:2C:3B:D1:76:73:CA:38
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       0187FC369945A8B45426CFB6734515D01120
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/TEW0Frs3h2zqSNGJ4Sw70XZzyjg.roa
Signing time:             Mon 08 May 2023 16:34:09 +0000
ROA not before:           Mon 08 May 2023 16:34:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12660
IP address blocks:        2.189.80.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fc:36:99:45:a8:b4:54:26:cf:b6:73:45:15:d0:11:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: May  8 16:34:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c45b416bb37876cea48d189e12c3bd17673ca38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:92:4f:48:75:7a:bb:0a:64:f3:c3:1e:96:62:
                    29:d0:bd:23:ac:29:de:73:7e:9e:56:18:32:f6:b1:
                    33:a3:58:e7:a2:a4:19:41:47:c1:aa:96:10:74:21:
                    c2:e8:1c:cb:b5:26:1f:db:49:0a:ef:52:3d:17:d4:
                    5d:c3:bf:04:a8:bf:9b:10:c0:21:6c:28:b6:79:15:
                    34:98:18:59:f2:3a:56:2a:45:8f:7a:6e:59:dd:d4:
                    d8:42:50:5e:0b:95:93:0f:fe:5f:b7:d8:da:fd:52:
                    27:40:11:b5:43:c0:ff:3c:03:46:54:1a:3c:e9:ac:
                    87:18:de:29:e9:09:3f:57:4a:02:d2:f8:61:b9:c8:
                    95:ce:bf:e2:49:76:e1:f8:49:d3:9c:64:4e:91:4b:
                    25:c6:1c:5d:b3:71:f5:f4:04:31:31:46:eb:f2:b2:
                    a0:93:35:fd:4f:c6:61:92:09:bf:a7:02:fb:a9:42:
                    15:07:2c:96:67:52:24:de:8b:56:18:76:1b:ca:12:
                    7e:91:12:89:21:25:3a:ef:68:22:e8:67:60:53:ce:
                    bd:b4:48:e6:58:5f:1c:09:b9:70:8f:d4:66:7a:cd:
                    39:dc:77:13:38:cb:32:8b:bd:3a:19:c8:52:56:50:
                    e2:9f:3a:25:14:95:5c:54:00:8c:c3:7a:9d:f8:bb:
                    d5:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:45:B4:16:BB:37:87:6C:EA:48:D1:89:E1:2C:3B:D1:76:73:CA:38
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/TEW0Frs3h2zqSNGJ4Sw70XZzyjg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.189.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         85:cf:92:c6:63:b3:a0:c2:fa:c3:56:02:a1:ed:81:03:26:dd:
         b7:ea:0a:b0:a5:1e:7c:59:b6:31:8e:70:c9:ab:f5:aa:bb:d8:
         1d:92:44:92:4a:c7:6f:1b:be:f7:ad:ff:f1:f1:34:9d:f2:8a:
         57:ea:7c:d6:1c:29:b6:c5:35:9a:c6:c4:cf:8f:e8:2b:7d:49:
         79:d1:83:70:a5:46:b9:8b:7a:7b:5b:c6:cf:5c:9e:1e:0f:02:
         16:20:af:94:1f:c5:cf:13:75:88:22:2f:04:5e:76:dd:83:34:
         84:e5:20:2f:c8:20:b7:27:a3:45:91:26:b8:20:fc:2f:a7:1e:
         fc:76:af:8b:7d:a6:4a:d1:67:84:fe:36:ae:60:83:6f:50:1d:
         54:41:15:27:9e:cd:bc:24:f0:e5:2c:82:6c:6b:6c:37:14:91:
         57:0d:44:51:20:88:9b:a6:a0:cb:6b:80:13:8f:59:15:3b:f4:
         11:95:91:e4:6e:2c:5b:47:a6:06:55:24:0b:3e:9d:60:3e:c3:
         5b:12:b4:4c:1d:dd:af:ba:34:76:94:52:c3:c0:4a:80:04:4d:
         d8:9d:22:df:48:d7:b1:e7:01:2a:73:ae:71:55:9d:83:92:8b:
         e7:ce:93:c7:09:97:4b:6d:f5:4f:91:f7:e3:29:ed:e7:d0:b4:
         ca:da:2a:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf8NplFqLRUJs+2c0UV0BEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTA4MTYzNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzQ1YjQxNmJiMzc4NzZjZWE0OGQxODllMTJjM2JkMTc2NzNjYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpJPSHV6uwpk88MelmIp0L0jrCne
c36eVhgy9rEzo1jnoqQZQUfBqpYQdCHC6BzLtSYf20kK71I9F9Rdw78EqL+bEMAh
bCi2eRU0mBhZ8jpWKkWPem5Z3dTYQlBeC5WTD/5ft9ja/VInQBG1Q8D/PANGVBo8
6ayHGN4p6Qk/V0oC0vhhuciVzr/iSXbh+EnTnGROkUslxhxds3H19AQxMUbr8rKg
kzX9T8Zhkgm/pwL7qUIVByyWZ1Ik3otWGHYbyhJ+kRKJISU672gi6GdgU869tEjm
WF8cCblwj9Rmes053HcTOMsyi706GchSVlDinzolFJVcVACMw3qd+LvVWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExFtBa7N4ds6kjRieEsO9F2c8o4MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvVEVXMEZyczNoMnpxU05HSjRTdzcwWFp6eWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDAr1QMA0G
CSqGSIb3DQEBCwUAA4IBAQCFz5LGY7OgwvrDVgKh7YEDJt236gqwpR58WbYxjnDJ
q/Wqu9gdkkSSSsdvG773rf/x8TSd8opX6nzWHCm2xTWaxsTPj+grfUl50YNwpUa5
i3p7W8bPXJ4eDwIWIK+UH8XPE3WIIi8EXnbdgzSE5SAvyCC3J6NFkSa4IPwvpx78
dq+LfaZK0WeE/jauYINvUB1UQRUnns28JPDlLIJsa2w3FJFXDURRIIibpqDLa4AT
j1kVO/QRlZHkbixbR6YGVSQLPp1gPsNbErRMHd2vujR2lFLDwEqABE3YnSLfSNex
5wEqc65xVZ2DkovnzpPHCZdLbfVPkffjKe3n0LTK2iqt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org