Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/KdkoDJGFqL97eqEKU4t8xAJxwnM.roa
File:                     KdkoDJGFqL97eqEKU4t8xAJxwnM.roa (raw, json)
Hash identifier:          mFbn5KEbomRYi3M7Xzbv4uehOhJGIEh7fJHHGeiUrBw=
Subject key identifier:   29:D9:28:0C:91:85:A8:BF:7B:7A:A1:0A:53:8B:7C:C4:02:71:C2:73
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       018CC79533E5D07A550B04A5334CC522A689
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/KdkoDJGFqL97eqEKU4t8xAJxwnM.roa
Signing time:             Tue 02 Jan 2024 00:31:33 +0000
ROA not before:           Tue 02 Jan 2024 00:31:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48806
IP address blocks:        212.124.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 May 2024 14:35:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:33:e5:d0:7a:55:0b:04:a5:33:4c:c5:22:a6:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Jan  2 00:31:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=29d9280c9185a8bf7b7aa10a538b7cc40271c273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:5b:0d:4a:ca:73:44:0a:85:43:b7:dc:0b:38:
                    a4:ea:65:18:52:94:f3:6c:11:ca:2e:10:9f:5e:f8:
                    9c:eb:63:7e:8e:18:09:ff:e0:7d:b4:c6:bb:60:19:
                    c5:0d:c1:b5:e9:48:70:53:20:28:fb:db:08:fc:6f:
                    89:46:b4:07:06:d7:80:2a:11:6c:1d:c5:3b:6b:44:
                    3b:ac:10:bc:ae:80:1a:cd:0a:7d:f8:83:52:0f:1e:
                    61:bf:a5:0c:15:4d:c8:aa:a9:dd:2a:95:01:ea:ab:
                    a6:b4:09:42:cd:c9:21:31:51:1e:65:ce:d5:93:f8:
                    bd:5b:bd:bd:66:88:44:76:e3:6b:7f:64:9d:b6:bc:
                    de:0d:f8:93:8d:53:1e:2f:37:2d:1c:0b:ed:10:00:
                    07:f2:4c:bb:77:50:23:8e:ee:47:d9:45:8f:a4:9f:
                    66:58:0e:31:e5:3e:11:d9:81:01:5b:24:0d:9e:f9:
                    07:25:c8:9c:3d:11:df:80:e8:78:63:36:26:b8:e7:
                    9f:1c:ed:f2:ea:91:54:5c:2c:79:89:fb:f9:d6:63:
                    52:80:88:d7:4a:94:40:27:25:a9:c4:fb:00:51:cb:
                    7d:17:07:f1:18:f4:6e:e1:70:d3:8c:25:cf:7a:90:
                    fb:ec:14:06:70:9a:92:10:e9:06:aa:66:97:df:74:
                    12:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D9:28:0C:91:85:A8:BF:7B:7A:A1:0A:53:8B:7C:C4:02:71:C2:73
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/KdkoDJGFqL97eqEKU4t8xAJxwnM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.124.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:94:08:e7:35:f8:19:5f:5d:22:cb:d6:2e:a7:f0:61:cc:fb:
         ed:6d:0a:0e:95:24:7e:9c:94:64:91:32:c9:55:55:6d:6d:6b:
         51:da:b1:35:ec:5a:df:3b:a5:f2:50:aa:1b:1c:1c:04:03:0d:
         b5:8c:35:2f:8d:f9:83:bd:94:98:d8:2b:72:79:05:5d:49:b4:
         0e:b8:96:6c:7c:c3:bb:cd:5c:9c:78:b2:ea:42:b3:b5:51:91:
         81:77:ac:a8:b7:00:e1:bf:f0:31:98:0a:c4:f7:e6:24:f8:6e:
         36:e9:67:e0:d4:e0:00:da:7d:70:6c:e9:6f:93:bc:f3:2a:a8:
         3a:e0:2b:ac:68:57:0e:80:dc:13:64:55:41:92:ad:19:f0:09:
         c4:01:a8:10:8f:39:41:f1:c3:20:bf:a8:0c:ee:7b:6b:d3:3d:
         c4:f0:b7:b3:06:b8:c9:f2:bf:5e:ce:26:e1:06:fe:5f:b6:33:
         3c:f6:ac:49:d0:be:e7:c9:b8:73:9b:77:e4:f0:3c:c7:3d:13:
         d5:19:cb:d3:7c:de:bc:c2:08:aa:ae:be:d9:2c:08:e5:b0:aa:
         e0:fc:f9:e1:70:99:77:ea:dc:1b:2c:38:79:9b:c8:57:3b:eb:
         db:d5:de:2b:ca:91:7e:d6:92:d4:60:ed:67:3c:19:36:ec:70:
         f5:74:2f:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlTPl0HpVCwSlM0zFIqaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ5MjgwYzkxODVhOGJmN2I3YWExMGE1MzhiN2NjNDAyNzFjMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVsNSspzRAqFQ7fcCzik6mUYUpTz
bBHKLhCfXvic62N+jhgJ/+B9tMa7YBnFDcG16UhwUyAo+9sI/G+JRrQHBteAKhFs
HcU7a0Q7rBC8roAazQp9+INSDx5hv6UMFU3IqqndKpUB6qumtAlCzckhMVEeZc7V
k/i9W729ZohEduNrf2SdtrzeDfiTjVMeLzctHAvtEAAH8ky7d1Ajju5H2UWPpJ9m
WA4x5T4R2YEBWyQNnvkHJcicPRHfgOh4YzYmuOefHO3y6pFUXCx5ifv51mNSgIjX
SpRAJyWpxPsAUct9FwfxGPRu4XDTjCXPepD77BQGcJqSEOkGqmaX33QS9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnZKAyRhai/e3qhClOLfMQCccJzMB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvS2Rrb0RKR0ZxTDk3ZXFFS1U0dDh4QUp4d25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1HxdMA0G
CSqGSIb3DQEBCwUAA4IBAQBWlAjnNfgZX10iy9Yup/BhzPvtbQoOlSR+nJRkkTLJ
VVVtbWtR2rE17FrfO6XyUKobHBwEAw21jDUvjfmDvZSY2CtyeQVdSbQOuJZsfMO7
zVyceLLqQrO1UZGBd6yotwDhv/AxmArE9+Yk+G426Wfg1OAA2n1wbOlvk7zzKqg6
4CusaFcOgNwTZFVBkq0Z8AnEAagQjzlB8cMgv6gM7ntr0z3E8LezBrjJ8r9ezibh
Bv5ftjM89qxJ0L7nybhzm3fk8DzHPRPVGcvTfN68wgiqrr7ZLAjlsKrg/PnhcJl3
6twbLDh5m8hXO+vb1d4rypF+1pLUYO1nPBk27HD1dC+g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org