Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iyCiLWhcGoVVC_af5NDCSi6RHlU.roa
File:                     iyCiLWhcGoVVC_af5NDCSi6RHlU.roa (raw, json)
Hash identifier:          GXrPPYNvh9n1SKvo0jFhJJamFXjyH0tA2uwPNIPCvt8=
Subject key identifier:   8B:20:A2:2D:68:5C:1A:85:55:0B:F6:9F:E4:D0:C2:4A:2E:91:1E:55
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       0187B67EE2A23B5AA4D6AE2CA2CEBB1814CD
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iyCiLWhcGoVVC_af5NDCSi6RHlU.roa
Signing time:             Tue 25 Apr 2023 03:39:41 +0000
ROA not before:           Tue 25 Apr 2023 03:39:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207724
IP address blocks:        185.239.2.0/24 maxlen: 24
                          185.239.3.0/24 maxlen: 24
                          5.159.54.0/24 maxlen: 24
                          89.46.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 25 Apr 2023 04:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b6:7e:e2:a2:3b:5a:a4:d6:ae:2c:a2:ce:bb:18:14:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Apr 25 03:39:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b20a22d685c1a85550bf69fe4d0c24a2e911e55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d0:fd:3f:9a:b7:0b:06:c3:44:b9:6f:76:24:
                    f9:c3:b5:88:10:76:6f:33:2b:ed:32:bf:1d:a8:82:
                    74:f6:ae:bd:98:e9:c1:6f:b4:1f:2a:c5:4b:d7:6d:
                    3f:a6:3d:4a:54:61:58:70:d3:12:67:f6:cb:7c:77:
                    14:c6:6a:9d:0f:d7:ee:d5:bb:b4:32:18:26:4f:94:
                    81:8a:c4:23:ba:bb:ef:5f:fc:9a:5a:5c:ec:86:0f:
                    91:84:c1:6f:c4:94:8d:97:7d:2a:24:e7:e1:98:c3:
                    30:6f:e2:02:c4:73:8e:36:03:74:fa:32:fd:ad:10:
                    ec:4e:03:1f:df:33:aa:4e:9e:01:18:88:60:1e:66:
                    c0:8e:ed:35:48:33:82:1b:4d:1d:e5:39:3c:6e:dd:
                    f2:f4:3f:b0:05:ae:e1:46:96:57:4d:f4:76:87:48:
                    7e:2d:ad:62:58:96:e3:8b:b2:17:7b:7e:09:b0:5b:
                    63:bf:6a:94:14:ae:08:71:69:a2:84:98:75:d7:e3:
                    f0:7d:ec:58:14:f1:aa:fd:76:cf:89:d5:ec:4b:69:
                    32:41:a1:b5:93:f7:5f:46:72:c4:51:4f:af:df:21:
                    46:19:8f:fd:d6:56:bb:32:4b:af:83:df:b6:eb:88:
                    28:38:c1:55:21:3e:9e:e0:e9:99:c1:f9:61:42:1e:
                    cd:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:20:A2:2D:68:5C:1A:85:55:0B:F6:9F:E4:D0:C2:4A:2E:91:1E:55
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iyCiLWhcGoVVC_af5NDCSi6RHlU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.159.54.0/24
                  89.46.217.0/24
                  185.239.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ae:48:bc:ff:83:ba:54:a2:bc:3f:1c:df:b4:87:37:6b:c6:8b:
         ab:f1:a2:6c:8a:26:7f:d8:93:67:66:ce:1c:3a:51:58:86:a2:
         01:1a:77:08:12:2d:54:d7:3c:cd:a9:c0:cc:54:e0:60:8a:64:
         14:21:7b:61:c3:4a:e0:bb:3b:d7:a2:3a:9f:13:ea:54:a8:ac:
         d5:e5:43:94:a9:8e:4a:09:05:ec:73:a5:08:97:50:c4:98:dd:
         1e:a5:d0:32:d0:4f:6b:87:14:04:e0:d5:6e:dd:f7:41:ae:5e:
         33:4b:93:35:ee:fe:e6:aa:fe:47:72:5e:56:7f:f9:48:29:5c:
         0a:56:7d:eb:03:ad:d4:1a:e9:45:1a:96:d0:a6:cb:63:87:5b:
         fe:cc:45:97:73:8c:63:c4:28:55:12:3a:ca:4e:fe:f8:42:7a:
         a0:b9:fb:a7:ac:c9:1a:50:e9:e6:0c:9f:ed:d3:cb:96:57:6d:
         f6:9b:00:e4:31:22:40:55:6d:fc:27:d6:b5:51:78:66:b2:d7:
         7d:7d:f2:48:d5:41:4f:af:74:8e:e8:df:2f:33:1b:df:e4:23:
         51:7e:f4:fd:d3:83:5a:6e:0f:2d:f9:34:8f:11:cb:54:19:b1:
         cc:ba:20:4b:d5:93:23:02:1a:d7:cf:fb:5c:88:b5:ed:5d:d6:
         88:e0:af:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYe2fuKiO1qk1q4sos67GBTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNDI1MDMzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjIwYTIyZDY4NWMxYTg1NTUwYmY2OWZlNGQwYzI0YTJlOTExZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9D9P5q3CwbDRLlvdiT5w7WIEHZv
MyvtMr8dqIJ09q69mOnBb7QfKsVL120/pj1KVGFYcNMSZ/bLfHcUxmqdD9fu1bu0
MhgmT5SBisQjurvvX/yaWlzshg+RhMFvxJSNl30qJOfhmMMwb+ICxHOONgN0+jL9
rRDsTgMf3zOqTp4BGIhgHmbAju01SDOCG00d5Tk8bt3y9D+wBa7hRpZXTfR2h0h+
La1iWJbji7IXe34JsFtjv2qUFK4IcWmihJh11+PwfexYFPGq/XbPidXsS2kyQaG1
k/dfRnLEUU+v3yFGGY/91la7Mkuvg9+264goOMFVIT6e4OmZwflhQh7NGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIsgoi1oXBqFVQv2n+TQwkoukR5VMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvaXlDaUxXaGNHb1ZWQ19hZjVORENTaTZSSGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZ82AwQA
WS7ZAwQBue8CMA0GCSqGSIb3DQEBCwUAA4IBAQCuSLz/g7pUorw/HN+0hzdrxour
8aJsiiZ/2JNnZs4cOlFYhqIBGncIEi1U1zzNqcDMVOBgimQUIXthw0rguzvXojqf
E+pUqKzV5UOUqY5KCQXsc6UIl1DEmN0epdAy0E9rhxQE4NVu3fdBrl4zS5M17v7m
qv5Hcl5Wf/lIKVwKVn3rA63UGulFGpbQpstjh1v+zEWXc4xjxChVEjrKTv74Qnqg
ufunrMkaUOnmDJ/t08uWV232mwDkMSJAVW38J9a1UXhmstd9ffJI1UFPr3SO6N8v
Mxvf5CNRfvT904Nabg8t+TSPEctUGbHMuiBL1ZMjAhrXz/tciLXtXdaI4K9T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org