Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/AsKmOPFH0upI0CNOGuw-GahQrBs.roa
File:                     AsKmOPFH0upI0CNOGuw-GahQrBs.roa (raw, json)
Hash identifier:          rDSWzoen9DFhMiKPp9EbQ8NkAkYs9BWgCQJSP5wn/p4=
Subject key identifier:   02:C2:A6:38:F1:47:D2:EA:48:D0:23:4E:1A:EC:3E:19:A8:50:AC:1B
Certificate issuer:       /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial:       01856E01C6677BFBCBA0DF3C37624B1668C9
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/AsKmOPFH0upI0CNOGuw-GahQrBs.roa
Signing time:             Sun 01 Jan 2023 15:44:48 +0000
ROA not before:           Sun 01 Jan 2023 15:44:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8769
IP address blocks:        193.10.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:01:c6:67:7b:fb:cb:a0:df:3c:37:62:4b:16:68:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
        Validity
            Not Before: Jan  1 15:44:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=02c2a638f147d2ea48d0234e1aec3e19a850ac1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:32:9b:27:0e:b4:f5:77:97:3b:32:d7:26:81:
                    7f:af:f6:69:dd:3f:a1:6a:df:f2:4f:2e:4f:26:ed:
                    ce:ab:56:0a:c0:33:14:30:3d:b2:db:d5:b7:65:ec:
                    66:f7:bb:88:5b:58:3f:57:6c:1d:f5:96:4a:bf:38:
                    ed:d5:c3:9c:e7:b2:06:86:81:9e:c5:cf:c1:bd:8c:
                    fd:ae:ef:a1:79:4d:6b:62:b7:89:db:9e:98:16:d3:
                    86:e7:59:58:64:f4:f8:a2:ee:a4:70:75:71:19:26:
                    9b:65:4e:4a:50:db:8c:eb:8b:10:de:b8:92:5e:13:
                    58:58:39:5a:85:19:b0:2f:ae:af:08:e4:7d:70:53:
                    d2:a2:55:1a:70:1f:96:22:d3:5d:68:70:e5:18:2f:
                    e7:be:da:5e:b4:38:cc:1b:ae:3f:40:8f:d3:77:26:
                    b1:2b:bb:cb:e4:bd:fa:e4:66:3a:cf:88:d1:bf:88:
                    ba:7a:ea:82:0a:c9:16:e8:7c:01:1f:8e:a1:b2:cf:
                    d6:24:06:8a:38:d6:33:ca:73:f5:ef:aa:dd:df:9c:
                    9e:f9:33:71:a0:8b:61:0e:11:89:78:db:65:e5:46:
                    1f:84:2c:11:3a:10:6b:c7:b0:3a:57:59:64:82:0e:
                    a2:dd:78:e0:ad:9a:e4:94:73:0d:ef:8e:98:eb:ab:
                    83:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:C2:A6:38:F1:47:D2:EA:48:D0:23:4E:1A:EC:3E:19:A8:50:AC:1B
            X509v3 Authority Key Identifier:
                keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/AsKmOPFH0upI0CNOGuw-GahQrBs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.10.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:b7:05:67:b6:f1:29:39:5e:1e:50:cb:45:59:6a:0a:66:67:
         4b:8e:cb:39:fe:f2:dc:fb:19:40:25:4e:ba:d5:cf:db:3d:97:
         50:dc:7d:23:1a:19:6d:50:fb:ed:4e:77:6d:65:7e:e1:b0:ff:
         86:2d:0f:f3:47:8d:6d:92:4c:80:2c:27:02:df:10:64:17:73:
         c9:a9:7f:bc:4b:6d:45:d2:ed:0c:61:74:8b:c6:6d:f1:57:89:
         42:95:c0:a0:ea:d7:82:2f:c1:1a:ae:0a:23:92:bb:f0:59:d1:
         3d:9b:d3:b2:da:44:0f:b4:59:a9:88:91:94:80:b5:57:1d:fd:
         73:d4:fa:5d:4a:a2:66:3a:01:90:be:f4:f5:5e:d8:e8:8b:f0:
         96:66:69:d0:b6:7c:02:9b:9f:c8:ec:0c:2a:5b:dd:ad:11:e9:
         b1:e4:8a:43:5b:f8:36:57:dc:91:a2:52:5c:e3:65:00:1a:3e:
         c0:f6:06:ab:ce:96:62:0d:b6:1d:b2:1a:9f:e0:4e:4b:1b:eb:
         9c:6f:e8:13:60:e3:c0:38:59:cd:17:dd:a7:93:2e:fa:8d:6f:
         25:2d:39:38:00:8c:7e:1c:f8:69:2e:b3:ab:0d:35:4e:c7:3b:
         24:9d:fc:4e:92:4c:06:67:f0:55:bf:33:76:59:05:79:e7:bc:
         29:cd:aa:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAcZne/vLoN88N2JLFmjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDFmMjNjZTgyMWMyNjRkNjc3Mjc1MzZlYzE4MzUzNzU5
NGM1ZjIwHhcNMjMwMTAxMTU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmMyYTYzOGYxNDdkMmVhNDhkMDIzNGUxYWVjM2UxOWE4NTBhYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDKbJw609XeXOzLXJoF/r/Zp3T+h
at/yTy5PJu3Oq1YKwDMUMD2y29W3Zexm97uIW1g/V2wd9ZZKvzjt1cOc57IGhoGe
xc/BvYz9ru+heU1rYreJ256YFtOG51lYZPT4ou6kcHVxGSabZU5KUNuM64sQ3riS
XhNYWDlahRmwL66vCOR9cFPSolUacB+WItNdaHDlGC/nvtpetDjMG64/QI/Tdyax
K7vL5L365GY6z4jRv4i6euqCCskW6HwBH46hss/WJAaKONYzynP176rd35ye+TNx
oIthDhGJeNtl5UYfhCwROhBrx7A6V1lkgg6i3XjgrZrklHMN746Y66uDRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFALCpjjxR9LqSNAjThrsPhmoUKwbMB8GA1UdIwQY
MBaAFOgB8jzoIcJk1ncnU27Bg1N1lMXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAt
NDY0ZWIxODNiNTY4LzEvQXNLbU9QRkgwdXBJMENOT0d1dy1HYWhRckJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAtNDY0ZWIxODNiNTY4
LzEvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQqQMA0G
CSqGSIb3DQEBCwUAA4IBAQC7twVntvEpOV4eUMtFWWoKZmdLjss5/vLc+xlAJU66
1c/bPZdQ3H0jGhltUPvtTndtZX7hsP+GLQ/zR41tkkyALCcC3xBkF3PJqX+8S21F
0u0MYXSLxm3xV4lClcCg6teCL8EargojkrvwWdE9m9Oy2kQPtFmpiJGUgLVXHf1z
1PpdSqJmOgGQvvT1Xtjoi/CWZmnQtnwCm5/I7AwqW92tEemx5IpDW/g2V9yRolJc
42UAGj7A9garzpZiDbYdshqf4E5LG+ucb+gTYOPAOFnNF92nky76jW8lLTk4AIx+
HPhpLrOrDTVOxzsknfxOkkwGZ/BVvzN2WQV557wpzarO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:00 2024 by rpki-client on console-ams.rpki-client.org