Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/XNyDMCJh9olACF3CX5lc7h9BPTY.roa
File:                     XNyDMCJh9olACF3CX5lc7h9BPTY.roa (raw, json)
Hash identifier:          98GU2Q+iTaXSeaUefd7zKCvve//zhz0CXKWl4pj7CRM=
Subject key identifier:   5C:DC:83:30:22:61:F6:89:40:08:5D:C2:5F:99:5C:EE:1F:41:3D:36
Certificate issuer:       /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial:       018606BA73A2D2B1393F981421E8FB19A14D
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/XNyDMCJh9olACF3CX5lc7h9BPTY.roa
Signing time:             Tue 31 Jan 2023 07:28:47 +0000
ROA not before:           Tue 31 Jan 2023 07:28:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43624
IP address blocks:        193.57.137.0/24 maxlen: 24
                          193.46.57.0/24 maxlen: 24
                          93.185.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Feb 2023 12:28:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:06:ba:73:a2:d2:b1:39:3f:98:14:21:e8:fb:19:a1:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
        Validity
            Not Before: Jan 31 07:28:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5cdc83302261f68940085dc25f995cee1f413d36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:c0:e9:fc:28:9a:f6:3e:ce:25:33:7b:7c:38:
                    05:07:73:aa:c0:f1:33:98:c9:5b:f3:01:84:49:57:
                    67:cd:d2:a9:ba:89:bc:eb:cb:31:13:1a:31:db:24:
                    73:b0:c5:7a:06:7a:85:22:8d:d8:da:5d:e3:58:b3:
                    28:08:f9:a9:62:6a:5b:06:3b:1a:4f:4d:60:7a:08:
                    c1:05:53:9b:6e:36:69:bd:ff:3f:f8:a8:e0:c0:0d:
                    f2:75:fc:28:0f:57:82:ca:eb:1a:98:36:39:86:69:
                    5e:fd:3a:b1:0b:ae:ad:b5:0e:64:f5:c5:4c:19:e7:
                    39:3c:aa:51:69:9b:3e:be:c7:a5:be:ba:73:2d:d6:
                    07:9d:a0:5c:13:01:6c:0d:24:d6:a9:34:38:26:fe:
                    43:d8:dd:61:d5:64:ce:d4:d2:c2:c5:3d:bf:cf:2f:
                    f9:05:db:5e:e4:7d:94:fe:a8:12:85:67:d5:44:67:
                    35:97:f3:1b:fb:f4:2d:57:93:0e:14:af:dd:26:c7:
                    2c:1f:f1:bf:0f:66:f4:41:58:3b:22:0f:11:4a:46:
                    d0:02:95:85:f4:5b:ae:99:85:d0:b7:20:1f:e7:9e:
                    c6:fe:f0:55:fa:cd:e9:36:92:39:fa:ab:f5:1b:1f:
                    bf:33:93:74:b5:2f:0a:52:b6:b6:8e:79:71:db:e0:
                    b0:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:DC:83:30:22:61:F6:89:40:08:5D:C2:5F:99:5C:EE:1F:41:3D:36
            X509v3 Authority Key Identifier:
                keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/XNyDMCJh9olACF3CX5lc7h9BPTY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.185.166.0/24
                  193.46.57.0/24
                  193.57.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:09:49:a2:aa:5b:b2:06:91:5d:00:7a:ad:40:e7:87:51:fa:
         6c:57:04:14:e4:27:28:17:bd:c8:15:2c:bc:7f:63:84:17:46:
         7f:2c:a3:22:eb:70:d6:8c:a7:8e:eb:a1:fe:d9:b3:19:02:51:
         b3:b1:8d:7c:97:e9:9e:e0:57:c0:7a:10:ec:45:e9:f3:10:aa:
         e2:c1:21:54:f3:27:72:a5:df:f0:c5:2c:51:01:db:bf:07:d6:
         f8:fe:9c:ea:7a:52:96:1a:2a:6d:3a:cc:22:11:d9:18:bc:8f:
         bc:1a:e6:46:21:66:f9:f6:76:52:52:e9:0c:de:2a:e1:9f:a3:
         98:35:73:a4:7c:b0:06:fd:24:fa:12:1b:8a:ab:5e:36:af:fb:
         48:a5:29:2b:44:5b:c2:77:ba:67:27:0e:cc:02:db:b4:2b:da:
         c7:92:3d:72:41:11:e1:bf:19:a5:cc:17:25:89:c8:93:53:ca:
         1b:1b:37:0d:ae:83:4d:cb:42:aa:8d:a3:3a:7c:07:2e:f1:d5:
         49:a7:f8:58:6c:ca:38:33:95:93:93:2a:9e:77:15:f6:bf:5f:
         6a:61:a0:26:ff:90:86:fd:d1:73:ee:10:30:95:4c:e0:8a:af:
         5e:0d:7d:a4:53:39:65:55:89:a6:d9:a6:80:dc:3f:b4:a4:46:
         4b:e9:40:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYGunOi0rE5P5gUIej7GaFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTMxMDcyODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RjODMzMDIyNjFmNjg5NDAwODVkYzI1Zjk5NWNlZTFmNDEzZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08Dp/Cia9j7OJTN7fDgFB3OqwPEz
mMlb8wGESVdnzdKpuom868sxExox2yRzsMV6BnqFIo3Y2l3jWLMoCPmpYmpbBjsa
T01gegjBBVObbjZpvf8/+KjgwA3ydfwoD1eCyusamDY5hmle/TqxC66ttQ5k9cVM
Gec5PKpRaZs+vselvrpzLdYHnaBcEwFsDSTWqTQ4Jv5D2N1h1WTO1NLCxT2/zy/5
Bdte5H2U/qgShWfVRGc1l/Mb+/QtV5MOFK/dJscsH/G/D2b0QVg7Ig8RSkbQApWF
9FuumYXQtyAf557G/vBV+s3pNpI5+qv1Gx+/M5N0tS8KUra2jnlx2+CwzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFzcgzAiYfaJQAhdwl+ZXO4fQT02MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvWE55RE1DSmg5b2xBQ0YzQ1g1bGM3aDlCUFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXbmmAwQA
wS45AwQAwTmJMA0GCSqGSIb3DQEBCwUAA4IBAQB+CUmiqluyBpFdAHqtQOeHUfps
VwQU5CcoF73IFSy8f2OEF0Z/LKMi63DWjKeO66H+2bMZAlGzsY18l+me4FfAehDs
RenzEKriwSFU8ydypd/wxSxRAdu/B9b4/pzqelKWGiptOswiEdkYvI+8GuZGIWb5
9nZSUukM3irhn6OYNXOkfLAG/ST6EhuKq142r/tIpSkrRFvCd7pnJw7MAtu0K9rH
kj1yQRHhvxmlzBcliciTU8obGzcNroNNy0KqjaM6fAcu8dVJp/hYbMo4M5WTkyqe
dxX2v19qYaAm/5CG/dFz7hAwlUzgiq9eDX2kUzllVYmm2aaA3D+0pEZL6UAL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:18 2024 by rpki-client on console-ams.rpki-client.org