Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/i1yPDIA5MRPgSO0qYXmJ6oOSu04.roa
File:                     i1yPDIA5MRPgSO0qYXmJ6oOSu04.roa (raw, json)
Hash identifier:          gQ7Gb/7l+AXvIBrmFVopgu0gEFTHcEEEkyZEHz5P7f0=
Subject key identifier:   8B:5C:8F:0C:80:39:31:13:E0:48:ED:2A:61:79:89:EA:83:92:BB:4E
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01856ED4CEA9FF6587B57B13A9802D609AEC
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/i1yPDIA5MRPgSO0qYXmJ6oOSu04.roa
Signing time:             Sun 01 Jan 2023 19:35:18 +0000
ROA not before:           Sun 01 Jan 2023 19:35:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202676
IP address blocks:        185.71.29.0/24 maxlen: 24
                          185.71.30.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 08:38:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:ce:a9:ff:65:87:b5:7b:13:a9:80:2d:60:9a:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 19:35:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b5c8f0c80393113e048ed2a617989ea8392bb4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b1:a4:05:c8:1e:f9:8d:85:df:cd:8c:82:86:
                    90:de:15:67:2e:9a:81:f0:4a:6f:45:db:1c:dc:b8:
                    ba:f5:d4:0f:51:82:db:70:13:11:83:ed:4d:39:b3:
                    71:be:f7:f7:62:6a:83:97:93:b3:16:6c:b6:43:bc:
                    57:57:61:12:fd:07:6b:4b:79:29:b9:f1:52:45:08:
                    60:d5:ff:71:dd:f4:5c:5c:a9:3d:69:c8:7e:80:96:
                    39:85:b8:3a:1f:e8:53:fb:40:bc:33:57:4e:d5:b6:
                    66:f5:83:58:96:23:ff:d3:5e:d3:ff:a7:a3:9e:0e:
                    5e:14:a8:19:bc:3e:ca:2f:2e:4f:50:cf:1b:a7:67:
                    dd:8a:96:6e:23:cc:f5:f3:62:ca:c9:4d:18:fb:b7:
                    b5:c2:d1:9f:34:a1:46:d2:b5:16:57:19:b3:1a:62:
                    7a:37:29:f7:9a:5f:a0:a7:c3:13:ae:66:db:d5:63:
                    cf:38:90:79:79:44:38:5c:dd:31:d7:55:da:c5:f9:
                    c2:ce:1f:c2:6c:af:50:2f:f7:81:ed:54:41:52:dd:
                    86:f2:0f:56:a4:b2:12:d0:a5:f9:71:23:c2:a3:1b:
                    d1:ae:0b:28:f2:4c:7c:94:c0:b6:d3:67:09:57:e2:
                    64:6b:ec:53:13:ae:0f:e9:84:75:5f:30:c7:be:1c:
                    f1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:5C:8F:0C:80:39:31:13:E0:48:ED:2A:61:79:89:EA:83:92:BB:4E
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/i1yPDIA5MRPgSO0qYXmJ6oOSu04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.29.0-185.71.30.255

    Signature Algorithm: sha256WithRSAEncryption
         c8:f0:44:ac:04:a7:dd:a1:49:02:67:6a:92:37:18:d6:77:ea:
         3e:99:65:1f:06:f4:a9:b6:5f:5c:44:12:ba:42:7e:6f:ab:6f:
         55:c1:3b:19:ed:cf:26:40:0e:ee:dc:d2:5f:41:50:2e:5d:51:
         81:e6:91:5b:40:84:30:d8:87:67:38:bc:d7:fa:ef:da:4a:2c:
         48:c8:c0:c4:d3:98:ba:69:29:cb:6c:05:ef:fb:7d:6f:6f:65:
         42:a0:fb:8d:70:ca:98:44:e1:53:54:a4:fd:34:e4:3a:d9:1f:
         49:42:da:cd:02:74:b3:fd:1e:61:6d:28:74:22:70:67:8c:bb:
         0f:49:8c:fe:4b:a0:fc:5f:43:c3:dd:9c:0e:ee:9c:19:79:4e:
         86:dc:1d:5e:47:f4:93:98:a6:62:b6:c1:7a:a5:f1:f8:48:19:
         15:96:31:71:c6:81:7d:cd:9a:ca:a4:7b:78:92:9a:7d:08:03:
         ea:ad:25:a5:ac:85:2a:37:db:81:56:6d:bc:82:d9:da:70:00:
         c3:5b:ab:1b:88:79:ea:84:97:76:f3:ad:1d:e1:c7:27:95:d8:
         31:49:41:3b:a7:eb:db:56:48:58:a8:4a:db:b8:14:c9:f3:31:
         e2:35:cc:38:40:69:35:bd:ed:f9:02:d4:1a:4f:8e:90:21:10:
         99:76:c6:99
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVu1M6p/2WHtXsTqYAtYJrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVjOGYwYzgwMzkzMTEzZTA0OGVkMmE2MTc5ODllYTgzOTJiYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7GkBcge+Y2F382MgoaQ3hVnLpqB
8EpvRdsc3Li69dQPUYLbcBMRg+1NObNxvvf3YmqDl5OzFmy2Q7xXV2ES/QdrS3kp
ufFSRQhg1f9x3fRcXKk9ach+gJY5hbg6H+hT+0C8M1dO1bZm9YNYliP/017T/6ej
ng5eFKgZvD7KLy5PUM8bp2fdipZuI8z182LKyU0Y+7e1wtGfNKFG0rUWVxmzGmJ6
Nyn3ml+gp8MTrmbb1WPPOJB5eUQ4XN0x11XaxfnCzh/CbK9QL/eB7VRBUt2G8g9W
pLIS0KX5cSPCoxvRrgso8kx8lMC202cJV+Jka+xTE64P6YR1XzDHvhzxUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFItcjwyAOTET4EjtKmF5ieqDkrtOMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvaTF5UERJQTVNUlBnU08wcVlYbUo2b09TdTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5Rx0D
BAC5Rx4wDQYJKoZIhvcNAQELBQADggEBAMjwRKwEp92hSQJnapI3GNZ36j6ZZR8G
9Km2X1xEErpCfm+rb1XBOxntzyZADu7c0l9BUC5dUYHmkVtAhDDYh2c4vNf679pK
LEjIwMTTmLppKctsBe/7fW9vZUKg+41wyphE4VNUpP005DrZH0lC2s0CdLP9HmFt
KHQicGeMuw9JjP5LoPxfQ8PdnA7unBl5TobcHV5H9JOYpmK2wXql8fhIGRWWMXHG
gX3Nmsqke3iSmn0IA+qtJaWshSo324FWbbyC2dpwAMNbqxuIeeqEl3bzrR3hxyeV
2DFJQTun69tWSFioStu4FMnzMeI1zDhAaTW97fkC1BpPjpAhEJl2xpk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org