Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/c6kq4Q_VpIT8BuCeDgKiJy8MD1c.roa
File:                     c6kq4Q_VpIT8BuCeDgKiJy8MD1c.roa (raw, json)
Hash identifier:          38w4dyfvnBMfplq0wv073XGXug5KC74CGvagVdjNa5k=
Subject key identifier:   73:A9:2A:E1:0F:D5:A4:84:FC:06:E0:9E:0E:02:A2:27:2F:0C:0F:57
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018B445ED148763C2398419389B743FD9085
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/c6kq4Q_VpIT8BuCeDgKiJy8MD1c.roa
Signing time:             Wed 18 Oct 2023 19:59:06 +0000
ROA not before:           Wed 18 Oct 2023 19:59:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        188.191.96.0/24 maxlen: 24
                          188.191.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 20 Oct 2023 18:57:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:44:5e:d1:48:76:3c:23:98:41:93:89:b7:43:fd:90:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Oct 18 19:59:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=73a92ae10fd5a484fc06e09e0e02a2272f0c0f57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f9:cb:5f:e6:d1:ea:41:d8:09:d2:72:5e:db:
                    70:13:07:e7:69:0a:ed:46:c5:dd:10:4c:2d:3f:58:
                    04:5a:db:05:4c:00:a9:c5:f3:97:e4:ea:0e:21:0a:
                    8e:0d:03:62:a2:e6:b1:3a:38:04:05:42:31:dd:e7:
                    fe:71:af:44:b4:55:e0:bb:10:2b:e5:2d:b0:98:e2:
                    e3:f1:47:e5:a1:37:de:db:6b:04:43:31:3b:01:1d:
                    8e:89:cc:53:5a:bf:32:bd:dd:bc:a6:a2:0b:fd:f4:
                    bb:9c:42:25:44:d4:61:75:7f:47:41:78:fa:20:84:
                    9a:eb:8f:23:38:fd:5f:ff:78:5b:63:71:60:9a:87:
                    8b:cf:00:8b:a5:db:24:88:95:3f:01:6f:64:4f:30:
                    58:7b:15:80:4d:f6:57:3a:a0:0a:34:93:87:7a:43:
                    03:da:bd:3a:de:b5:9f:f0:cc:d2:a4:96:63:5b:93:
                    68:77:71:f4:60:7a:b5:cc:b5:e2:b7:d6:ed:14:61:
                    d8:29:dd:53:9c:e1:97:98:81:3a:5d:e6:11:1c:fa:
                    3b:6a:7c:cd:41:dc:8d:0c:6a:74:f0:01:32:e0:48:
                    f4:af:1a:43:42:56:ff:db:03:5e:2b:fc:f7:01:e1:
                    51:ea:ca:e0:93:4f:83:3a:98:23:bf:97:37:35:2d:
                    1f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:A9:2A:E1:0F:D5:A4:84:FC:06:E0:9E:0E:02:A2:27:2F:0C:0F:57
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/c6kq4Q_VpIT8BuCeDgKiJy8MD1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.96.0/24
                  188.191.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:9e:64:36:59:5a:67:ee:6e:6f:a8:46:8c:ac:c8:ee:40:dc:
         06:40:0d:a9:f3:b8:5a:61:9d:ee:5e:21:6e:2e:34:c9:49:f6:
         4c:93:ab:97:24:d4:ac:70:2b:38:09:e2:21:ce:5a:96:63:5c:
         db:93:63:28:bc:a5:14:37:81:08:eb:22:f4:dd:c7:e2:4b:78:
         fb:1b:b5:1e:ad:6e:91:b6:ac:d7:16:d8:30:e1:61:ea:8f:63:
         4f:94:42:48:dc:98:ec:2f:43:b9:28:7e:e0:65:34:0b:cd:30:
         ee:43:05:ef:33:3d:f9:b7:d0:6c:69:a6:1a:41:53:90:6a:8d:
         e8:c8:4e:ad:51:78:83:73:7b:40:e1:28:88:28:00:c8:95:60:
         fc:c0:92:11:2e:bb:c0:e5:a9:0a:c0:31:69:87:1c:79:6f:54:
         b7:bf:1f:d6:ff:df:f5:aa:1d:5d:ba:67:ef:ef:df:2c:b1:be:
         d8:82:62:00:f7:cb:0e:96:85:21:a6:9b:19:7d:c7:66:d7:25:
         cd:75:27:be:6e:e8:6e:bd:66:84:c8:96:03:60:c4:fa:ad:ae:
         5b:50:fa:d5:74:38:c1:98:23:39:67:8f:4c:ec:31:87:73:ea:
         f2:2e:b2:da:18:80:26:63:44:03:da:b1:2b:23:69:21:b0:4b:
         85:f4:4f:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtEXtFIdjwjmEGTibdD/ZCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMxMDE4MTk1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2E5MmFlMTBmZDVhNDg0ZmMwNmUwOWUwZTAyYTIyNzJmMGMwZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/nLX+bR6kHYCdJyXttwEwfnaQrt
RsXdEEwtP1gEWtsFTACpxfOX5OoOIQqODQNiouaxOjgEBUIx3ef+ca9EtFXguxAr
5S2wmOLj8UfloTfe22sEQzE7AR2OicxTWr8yvd28pqIL/fS7nEIlRNRhdX9HQXj6
IISa648jOP1f/3hbY3FgmoeLzwCLpdskiJU/AW9kTzBYexWATfZXOqAKNJOHekMD
2r063rWf8MzSpJZjW5Nod3H0YHq1zLXit9btFGHYKd1TnOGXmIE6XeYRHPo7anzN
QdyNDGp08AEy4Ej0rxpDQlb/2wNeK/z3AeFR6srgk0+DOpgjv5c3NS0f+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHOpKuEP1aSE/Abgng4CoicvDA9XMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvYzZrcTRRX1ZwSVQ4QnVDZURnS2lKeThNRDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvL9gAwQA
vL9kMA0GCSqGSIb3DQEBCwUAA4IBAQAcnmQ2WVpn7m5vqEaMrMjuQNwGQA2p87ha
YZ3uXiFuLjTJSfZMk6uXJNSscCs4CeIhzlqWY1zbk2MovKUUN4EI6yL03cfiS3j7
G7UerW6RtqzXFtgw4WHqj2NPlEJI3JjsL0O5KH7gZTQLzTDuQwXvMz35t9BsaaYa
QVOQao3oyE6tUXiDc3tA4SiIKADIlWD8wJIRLrvA5akKwDFphxx5b1S3vx/W/9/1
qh1dumfv798ssb7YgmIA98sOloUhppsZfcdm1yXNdSe+buhuvWaEyJYDYMT6ra5b
UPrVdDjBmCM5Z49M7DGHc+ryLrLaGIAmY0QD2rErI2khsEuF9E8I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org