Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/AACn_CrqlGhQ0wXibnsX_XOnOvo.roa
File:                     AACn_CrqlGhQ0wXibnsX_XOnOvo.roa (raw, json)
Hash identifier:          QU+iklHPbed4AglISMxwNwiD3aV7yMXbvwAVdKUZ55Y=
Subject key identifier:   00:00:A7:FC:2A:EA:94:68:50:D3:05:E2:6E:7B:17:FD:73:A7:3A:FA
Certificate issuer:       /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial:       01898CA4A3329A4FBA2005F627DE4CE9B771
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/AACn_CrqlGhQ0wXibnsX_XOnOvo.roa
Signing time:             Tue 25 Jul 2023 10:42:27 +0000
ROA not before:           Tue 25 Jul 2023 10:42:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207106
IP address blocks:        147.234.8.0/24 maxlen: 24
                          147.234.10.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8c:a4:a3:32:9a:4f:ba:20:05:f6:27:de:4c:e9:b7:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
        Validity
            Not Before: Jul 25 10:42:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0000a7fc2aea946850d305e26e7b17fd73a73afa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a8:a5:a1:8a:49:88:62:aa:c9:3a:31:89:c5:
                    c8:4c:ba:d6:4a:54:f9:ce:97:c6:70:c8:21:a2:ac:
                    e5:84:9d:ac:14:1d:f5:ef:78:a8:a1:73:9d:60:12:
                    09:a1:a5:9a:1a:61:ae:37:51:b8:99:19:c5:c1:b0:
                    59:e4:37:d7:67:f9:6f:73:40:78:26:05:44:c2:89:
                    99:34:57:72:7f:0c:00:90:54:fb:dd:0b:8f:61:6e:
                    0b:8e:41:58:5d:a7:a0:30:8a:0a:47:e2:61:f2:11:
                    d3:bc:35:f1:d1:4a:db:b6:76:f6:fd:c3:5b:5b:2d:
                    82:b1:6c:3a:b1:88:18:4f:9f:e0:99:62:c6:36:a0:
                    d0:71:ce:c8:fd:0c:ae:c7:09:ea:f9:27:31:99:e7:
                    34:0b:33:76:dc:03:7a:68:b7:03:dc:7e:27:52:08:
                    a2:75:f3:76:c0:49:a9:e6:28:83:58:91:a4:35:77:
                    79:7d:d1:37:99:ab:8b:39:da:10:b6:97:0d:5c:bf:
                    85:b2:c6:4f:94:ed:16:5b:1e:16:07:9f:f5:13:14:
                    41:a6:57:70:25:7e:f4:43:60:d3:2a:f8:d1:7b:23:
                    07:20:de:a8:76:bd:53:48:fd:1d:97:5b:d6:98:e5:
                    4f:c0:8a:8c:59:8a:f7:4c:1c:fb:6b:2e:0e:b9:2f:
                    b3:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:00:A7:FC:2A:EA:94:68:50:D3:05:E2:6E:7B:17:FD:73:A7:3A:FA
            X509v3 Authority Key Identifier:
                keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/AACn_CrqlGhQ0wXibnsX_XOnOvo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.234.8.0/24
                  147.234.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         68:b9:c6:da:4c:be:54:5a:6c:cf:d5:e7:5e:80:87:ff:b0:33:
         1f:e0:53:fe:a5:7a:07:74:b5:17:fd:fb:72:bd:5b:c8:bd:aa:
         67:40:8a:15:e6:45:ce:81:6d:76:6b:6a:02:13:e0:14:02:65:
         68:61:2a:16:c3:aa:e7:0f:0d:31:0b:81:05:1a:c8:17:3d:af:
         ea:d5:13:0d:a2:e2:25:8a:dc:7c:41:51:ec:dc:5f:04:8f:07:
         c8:a4:49:ed:23:ac:f8:c9:48:46:b7:fb:99:00:22:98:fa:05:
         66:f5:5a:78:8b:eb:69:f0:13:ef:05:17:4b:c6:a6:91:40:63:
         82:33:88:27:e4:21:07:68:38:94:fc:68:26:f8:1a:7c:4c:f8:
         48:fa:62:6d:55:0a:f9:81:46:0f:9e:34:3a:30:ed:78:0e:33:
         41:a8:2e:21:89:f1:66:88:86:95:9b:06:99:3d:e4:50:0f:02:
         44:f7:9a:cd:47:24:f4:08:c9:f8:33:cc:6e:e1:eb:02:d3:5c:
         56:2a:db:ca:39:29:f8:28:86:5e:35:23:5f:b3:04:67:17:bf:
         e4:cc:21:c5:3c:84:89:4b:6e:38:09:a7:16:3f:73:fb:37:57:
         14:df:26:2b:f4:13:bc:75:45:7a:4e:74:58:7a:30:a4:18:05:
         02:50:65:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmMpKMymk+6IAX2J95M6bdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwNzI1MTA0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDAwYTdmYzJhZWE5NDY4NTBkMzA1ZTI2ZTdiMTdmZDczYTczYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnailoYpJiGKqyToxicXITLrWSlT5
zpfGcMghoqzlhJ2sFB3173iooXOdYBIJoaWaGmGuN1G4mRnFwbBZ5DfXZ/lvc0B4
JgVEwomZNFdyfwwAkFT73QuPYW4LjkFYXaegMIoKR+Jh8hHTvDXx0Urbtnb2/cNb
Wy2CsWw6sYgYT5/gmWLGNqDQcc7I/Qyuxwnq+Scxmec0CzN23AN6aLcD3H4nUgii
dfN2wEmp5iiDWJGkNXd5fdE3mauLOdoQtpcNXL+FssZPlO0WWx4WB5/1ExRBpldw
JX70Q2DTKvjReyMHIN6odr1TSP0dl1vWmOVPwIqMWYr3TBz7ay4OuS+zewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAAAp/wq6pRoUNMF4m57F/1zpzr6MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvQUFDbl9DcnFsR2hRMHdYaWJuc1hfWE9uT3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk+oIAwQB
k+oKMA0GCSqGSIb3DQEBCwUAA4IBAQBoucbaTL5UWmzP1edegIf/sDMf4FP+pXoH
dLUX/ftyvVvIvapnQIoV5kXOgW12a2oCE+AUAmVoYSoWw6rnDw0xC4EFGsgXPa/q
1RMNouIlitx8QVHs3F8EjwfIpEntI6z4yUhGt/uZACKY+gVm9Vp4i+tp8BPvBRdL
xqaRQGOCM4gn5CEHaDiU/Ggm+Bp8TPhI+mJtVQr5gUYPnjQ6MO14DjNBqC4hifFm
iIaVmwaZPeRQDwJE95rNRyT0CMn4M8xu4esC01xWKtvKOSn4KIZeNSNfswRnF7/k
zCHFPISJS244CacWP3P7N1cU3yYr9BO8dUV6TnRYejCkGAUCUGUE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:56 2024 by rpki-client on console-ams.rpki-client.org