Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/c52d44-1bb6-4dc0-86ba-44cb4e953027/1/cZy8k5iuo-iSyZvHc6TWfX0NLYM.roa
File:                     cZy8k5iuo-iSyZvHc6TWfX0NLYM.roa (raw, json)
Hash identifier:          UsZhb0dl5tNu2ChiInevFIYV7hvETTjU7TptsXsLMHw=
Subject key identifier:   71:9C:BC:93:98:AE:A3:E8:92:C9:9B:C7:73:A4:D6:7D:7D:0D:2D:83
Certificate issuer:       /CN=2aaacfc5d5e3b268f2c6ba4336bcc941f5c8d7af
Certificate serial:       01856DA65FE9159735B7F16BEB949EE6F983
Authority key identifier: 2A:AA:CF:C5:D5:E3:B2:68:F2:C6:BA:43:36:BC:C9:41:F5:C8:D7:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KqrPxdXjsmjyxrpDNrzJQfXI168.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/c52d44-1bb6-4dc0-86ba-44cb4e953027/1/cZy8k5iuo-iSyZvHc6TWfX0NLYM.roa
Signing time:             Sun 01 Jan 2023 14:04:58 +0000
ROA not before:           Sun 01 Jan 2023 14:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12637
IP address blocks:        185.234.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Nov 2023 18:33:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:5f:e9:15:97:35:b7:f1:6b:eb:94:9e:e6:f9:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2aaacfc5d5e3b268f2c6ba4336bcc941f5c8d7af
        Validity
            Not Before: Jan  1 14:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=719cbc9398aea3e892c99bc773a4d67d7d0d2d83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:3d:c8:cc:37:45:c6:94:e5:72:a7:42:b6:09:
                    34:72:98:4a:73:30:47:13:7f:08:e2:e7:7a:4b:41:
                    77:87:81:23:db:a0:ef:67:d5:f5:20:b9:80:d1:cb:
                    2d:6a:2b:b4:15:e4:a2:19:0b:06:9c:1a:c7:ad:67:
                    18:d0:e0:51:22:f1:b1:59:39:64:bc:2f:36:d1:9b:
                    2c:a0:85:ce:35:f0:9d:c6:dc:6d:07:0c:18:92:3c:
                    b4:09:f8:71:57:81:36:c5:df:12:f7:7d:00:84:c6:
                    3a:90:85:59:5c:72:27:6c:92:59:f3:ba:aa:3e:87:
                    72:a4:f5:bd:66:60:8f:c7:9e:24:79:2a:ff:2d:c1:
                    f4:69:e2:e2:6d:25:ec:c2:ed:12:d8:6d:98:3e:c0:
                    04:c5:cc:b2:68:e2:3e:f3:38:f1:dc:0d:f9:ee:d3:
                    4b:92:72:e5:0d:df:bb:a6:2a:89:d6:1f:ad:ef:49:
                    6d:39:52:11:f8:21:03:36:2e:5f:43:25:b8:64:53:
                    8f:ae:f3:78:21:46:20:d2:d7:26:88:8e:e6:72:55:
                    5d:aa:9c:72:7e:a5:d9:29:df:ed:10:99:8b:f6:0b:
                    83:e5:82:09:24:1a:0d:c5:29:df:e9:51:92:b1:23:
                    a0:a9:48:ce:a2:15:68:39:d5:78:ca:a9:76:93:3a:
                    0f:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:9C:BC:93:98:AE:A3:E8:92:C9:9B:C7:73:A4:D6:7D:7D:0D:2D:83
            X509v3 Authority Key Identifier:
                keyid:2A:AA:CF:C5:D5:E3:B2:68:F2:C6:BA:43:36:BC:C9:41:F5:C8:D7:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqrPxdXjsmjyxrpDNrzJQfXI168.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c52d44-1bb6-4dc0-86ba-44cb4e953027/1/cZy8k5iuo-iSyZvHc6TWfX0NLYM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c52d44-1bb6-4dc0-86ba-44cb4e953027/1/KqrPxdXjsmjyxrpDNrzJQfXI168.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:af:32:d2:5f:66:50:86:8d:53:a9:37:56:aa:c2:e2:db:4b:
         6a:ea:c6:4d:c8:a3:3e:97:e3:1a:66:63:97:b3:af:48:54:26:
         67:42:0b:24:94:3b:f8:33:9d:04:48:f6:a8:88:a6:3f:67:ae:
         0b:28:1f:98:d8:f2:f7:11:29:2d:a7:09:c7:47:d1:c2:1e:62:
         59:38:74:d4:9b:fa:84:08:1a:01:2c:93:dc:e4:b0:29:79:c4:
         ce:d5:39:1f:cc:33:92:2d:bc:9d:7e:67:9a:ad:b1:a4:4d:b3:
         fb:e4:21:6a:b0:f0:37:f8:bf:94:8b:ba:c9:93:fb:0a:5e:d2:
         6c:34:25:bb:a8:cb:f2:5a:03:ea:b7:0c:1f:c0:18:e0:af:4e:
         e9:27:a2:4a:1d:6f:75:92:37:64:5a:bd:fe:9f:d3:be:ef:f8:
         cd:f5:ae:8c:74:99:fc:ee:98:83:73:0f:22:67:82:d7:31:aa:
         3e:86:92:54:ac:86:98:a6:10:95:a8:41:c7:97:c0:14:bb:bf:
         b0:d6:87:07:a4:d8:16:5d:ef:d1:d8:ff:8e:52:0c:2f:2f:6e:
         aa:0b:08:7e:08:22:93:82:54:19:9a:b1:17:8c:1d:84:7a:89:
         02:54:e4:0f:a8:91:9c:90:13:44:e8:2f:ef:1b:6f:db:85:89:
         eb:f2:0e:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpl/pFZc1t/Fr65Se5vmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYWFjZmM1ZDVlM2IyNjhmMmM2YmE0MzM2YmNjOTQxZjVj
OGQ3YWYwHhcNMjMwMTAxMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTljYmM5Mzk4YWVhM2U4OTJjOTliYzc3M2E0ZDY3ZDdkMGQyZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj3IzDdFxpTlcqdCtgk0cphKczBH
E38I4ud6S0F3h4Ej26DvZ9X1ILmA0cstaiu0FeSiGQsGnBrHrWcY0OBRIvGxWTlk
vC820ZssoIXONfCdxtxtBwwYkjy0CfhxV4E2xd8S930AhMY6kIVZXHInbJJZ87qq
PodypPW9ZmCPx54keSr/LcH0aeLibSXswu0S2G2YPsAExcyyaOI+8zjx3A357tNL
knLlDd+7piqJ1h+t70ltOVIR+CEDNi5fQyW4ZFOPrvN4IUYg0tcmiI7mclVdqpxy
fqXZKd/tEJmL9guD5YIJJBoNxSnf6VGSsSOgqUjOohVoOdV4yql2kzoP6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGcvJOYrqPoksmbx3Ok1n19DS2DMB8GA1UdIwQY
MBaAFCqqz8XV47Jo8sa6Qza8yUH1yNevMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FyUHhkWGpzbWp5eHJwRE5yekpRZlhJMTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9jNTJkNDQtMWJiNi00ZGMwLTg2YmEt
NDRjYjRlOTUzMDI3LzEvY1p5OGs1aXVvLWlTeVp2SGM2VFdmWDBOTFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9jNTJkNDQtMWJiNi00ZGMwLTg2YmEtNDRjYjRlOTUzMDI3
LzEvS3FyUHhkWGpzbWp5eHJwRE5yekpRZlhJMTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuepuMA0G
CSqGSIb3DQEBCwUAA4IBAQCKrzLSX2ZQho1TqTdWqsLi20tq6sZNyKM+l+MaZmOX
s69IVCZnQgsklDv4M50ESPaoiKY/Z64LKB+Y2PL3ESktpwnHR9HCHmJZOHTUm/qE
CBoBLJPc5LApecTO1TkfzDOSLbydfmearbGkTbP75CFqsPA3+L+Ui7rJk/sKXtJs
NCW7qMvyWgPqtwwfwBjgr07pJ6JKHW91kjdkWr3+n9O+7/jN9a6MdJn87piDcw8i
Z4LXMao+hpJUrIaYphCVqEHHl8AUu7+w1ocHpNgWXe/R2P+OUgwvL26qCwh+CCKT
glQZmrEXjB2EeokCVOQPqJGckBNE6C/vG2/bhYnr8g5r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:22 2024 by rpki-client on console-fra.rpki-client.org