Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/qndfJviAGgxT0umg1ssnPSjqa0s.roa
File:                     qndfJviAGgxT0umg1ssnPSjqa0s.roa (raw, json)
Hash identifier:          vW8h8JqiM8THZT/mqU5MGJ+3wmlm60myQ6sEgsAwvG4=
Subject key identifier:   AA:77:5F:26:F8:80:1A:0C:53:D2:E9:A0:D6:CB:27:3D:28:EA:6B:4B
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018748552DBAACE5A6DF8629DF96CD7909C3
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/qndfJviAGgxT0umg1ssnPSjqa0s.roa
Signing time:             Mon 03 Apr 2023 18:15:54 +0000
ROA not before:           Mon 03 Apr 2023 18:15:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203511
IP address blocks:        188.191.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 11:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:48:55:2d:ba:ac:e5:a6:df:86:29:df:96:cd:79:09:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Apr  3 18:15:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa775f26f8801a0c53d2e9a0d6cb273d28ea6b4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:41:fc:09:3c:c8:fa:84:f0:d2:3e:43:11:d4:
                    6f:60:99:76:7f:8d:00:82:49:c2:d1:61:e8:f2:15:
                    64:71:b1:13:9c:88:58:9d:ff:22:02:47:e8:af:4a:
                    c5:f8:13:ab:f4:a7:8e:51:46:e8:eb:45:dd:3a:91:
                    90:35:93:ca:2c:d9:50:22:d7:5e:b5:8d:8c:7c:f5:
                    83:e3:0d:55:d9:ac:aa:61:7c:6a:2c:49:af:d0:b7:
                    2b:a7:16:d1:6b:1a:8c:3d:fc:5f:f3:5a:1f:79:04:
                    97:21:bd:c7:ce:75:78:cd:32:91:59:c3:35:90:64:
                    3b:ca:05:61:7f:57:38:22:71:68:8d:f4:02:1d:d7:
                    4b:2e:43:f3:2d:71:7e:45:f1:02:52:7a:b7:07:06:
                    af:71:d8:5b:65:40:69:1d:94:97:3f:45:b6:23:74:
                    3c:26:9d:14:53:17:e7:c5:a9:2e:4c:dc:84:9f:48:
                    a9:1b:f4:06:a4:9b:1c:39:c7:4b:d1:27:1b:1c:52:
                    cb:a2:0c:04:5c:f4:42:50:09:ef:52:1a:09:27:03:
                    ae:c7:87:6d:20:35:dd:09:cd:79:e0:d9:1c:8f:e7:
                    15:e8:28:a8:d1:9f:ae:f6:82:86:fb:1e:92:e6:b2:
                    5f:1e:ca:79:f7:82:ac:79:1f:c1:df:9b:3a:ad:13:
                    54:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:77:5F:26:F8:80:1A:0C:53:D2:E9:A0:D6:CB:27:3D:28:EA:6B:4B
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/qndfJviAGgxT0umg1ssnPSjqa0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:6e:47:90:4e:fd:05:12:57:0e:ab:4c:8c:43:cb:99:05:fc:
         2e:99:3c:aa:8d:7e:d8:77:fb:8d:07:2d:8e:a6:ce:4d:e5:31:
         58:6c:fb:75:96:d2:b8:c1:e3:ac:f7:e9:3c:e1:3a:98:16:c3:
         55:79:be:84:90:06:70:21:89:0c:72:24:fd:30:d7:87:ce:73:
         55:50:25:12:5d:59:de:94:2f:35:9c:77:11:97:be:f7:91:28:
         ac:b9:fa:4c:bb:27:41:5a:b9:2d:21:64:46:83:1c:34:2b:d0:
         2e:b5:a2:c5:45:6d:7d:00:b6:c4:6e:cd:61:8e:43:59:b7:cf:
         a0:37:eb:8b:a1:0e:26:12:df:8b:97:01:43:ee:30:61:cc:70:
         78:8c:34:ba:94:33:d4:49:bb:75:7f:f8:1a:74:8e:bb:8f:31:
         71:7e:a8:1f:a3:4a:38:29:9e:a8:dd:ba:63:7f:0d:72:c3:70:
         09:42:da:1a:6a:14:e1:e1:38:2f:df:27:19:67:f6:13:37:8d:
         e4:3c:be:e0:27:0a:0e:2f:9d:a0:c6:9e:28:8c:45:a4:a1:de:
         a4:43:b8:a8:63:c3:88:03:c0:6d:31:72:a4:71:ae:3a:40:d6:
         0d:ee:a0:ae:ea:83:e6:5f:aa:c1:63:4c:45:42:69:a2:66:3f:
         af:da:aa:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdIVS26rOWm34Yp35bNeQnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNDAzMTgxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc3NWYyNmY4ODAxYTBjNTNkMmU5YTBkNmNiMjczZDI4ZWE2YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUH8CTzI+oTw0j5DEdRvYJl2f40A
gknC0WHo8hVkcbETnIhYnf8iAkfor0rF+BOr9KeOUUbo60XdOpGQNZPKLNlQItde
tY2MfPWD4w1V2ayqYXxqLEmv0LcrpxbRaxqMPfxf81ofeQSXIb3HznV4zTKRWcM1
kGQ7ygVhf1c4InFojfQCHddLLkPzLXF+RfECUnq3BwavcdhbZUBpHZSXP0W2I3Q8
Jp0UUxfnxakuTNyEn0ipG/QGpJscOcdL0ScbHFLLogwEXPRCUAnvUhoJJwOux4dt
IDXdCc154Nkcj+cV6Cio0Z+u9oKG+x6S5rJfHsp594KseR/B35s6rRNUHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKp3Xyb4gBoMU9LpoNbLJz0o6mtLMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvcW5kZkp2aUFHZ3hUMHVtZzFzc25QU2pxYTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9oMA0G
CSqGSIb3DQEBCwUAA4IBAQAjbkeQTv0FElcOq0yMQ8uZBfwumTyqjX7Yd/uNBy2O
ps5N5TFYbPt1ltK4weOs9+k84TqYFsNVeb6EkAZwIYkMciT9MNeHznNVUCUSXVne
lC81nHcRl773kSisufpMuydBWrktIWRGgxw0K9AutaLFRW19ALbEbs1hjkNZt8+g
N+uLoQ4mEt+LlwFD7jBhzHB4jDS6lDPUSbt1f/gadI67jzFxfqgfo0o4KZ6o3bpj
fw1yw3AJQtoaahTh4Tgv3ycZZ/YTN43kPL7gJwoOL52gxp4ojEWkod6kQ7ioY8OI
A8BtMXKkca46QNYN7qCu6oPmX6rBY0xFQmmiZj+v2qo3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org