Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/sPTsB03hdUHPSrpgAldNUol6oB8.roa
File:                     sPTsB03hdUHPSrpgAldNUol6oB8.roa (raw, json)
Hash identifier:          fSkAoAI73PnxbGyl1H5JSPn4CGyRoMbpFtxM7gbJzb8=
Subject key identifier:   B0:F4:EC:07:4D:E1:75:41:CF:4A:BA:60:02:57:4D:52:89:7A:A0:1F
Certificate issuer:       /CN=7135e3894634482b08317775c79657e9b8312d4d
Certificate serial:       0187B7C6A42A87CECF9DC736B1410F8638BF
Authority key identifier: 71:35:E3:89:46:34:48:2B:08:31:77:75:C7:96:57:E9:B8:31:2D:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/sPTsB03hdUHPSrpgAldNUol6oB8.roa
Signing time:             Tue 25 Apr 2023 09:37:41 +0000
ROA not before:           Tue 25 Apr 2023 09:37:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41354
IP address blocks:        185.127.192.0/23 maxlen: 23
                          185.127.194.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b7:c6:a4:2a:87:ce:cf:9d:c7:36:b1:41:0f:86:38:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7135e3894634482b08317775c79657e9b8312d4d
        Validity
            Not Before: Apr 25 09:37:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0f4ec074de17541cf4aba6002574d52897aa01f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:e1:a6:b9:58:00:30:2f:71:8d:12:2d:a3:d7:
                    b1:6b:0c:5c:09:99:10:fd:b0:cf:6f:d5:68:d9:08:
                    75:84:b7:ec:7f:0a:6d:79:96:43:a7:cc:dc:af:52:
                    f0:1c:27:0c:e1:72:2b:46:c1:b4:34:63:65:da:c5:
                    95:a2:cd:a6:e7:34:07:fb:64:34:50:80:f2:00:75:
                    c7:1b:1b:68:83:8b:93:9c:30:e0:d1:c1:73:bd:cd:
                    5a:33:c9:5b:18:0a:33:f2:e8:a8:fd:06:76:b1:00:
                    b1:68:08:62:08:2e:13:7e:56:45:cb:e6:fb:68:9a:
                    5e:56:e0:28:56:6d:2e:48:15:12:de:32:b1:d5:a9:
                    44:2a:84:d1:cd:98:f9:90:67:ce:1b:74:33:c0:46:
                    b0:d3:2b:64:d6:25:83:0c:b9:6f:7a:4b:16:97:ed:
                    98:ea:8e:10:5c:c8:bb:a3:6c:e4:e2:47:b6:fd:73:
                    af:d8:4f:7b:0c:5a:f7:5f:56:80:db:6a:61:e2:b7:
                    eb:80:8d:68:e1:e5:f4:06:af:3f:89:0c:ae:10:7f:
                    99:79:67:47:0e:7b:ce:b6:21:db:2e:ed:17:19:6a:
                    59:5d:62:2c:41:01:c4:3e:08:b7:84:66:cf:aa:76:
                    4a:0e:88:04:a0:db:f5:d3:65:9d:5c:49:e6:68:63:
                    2e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:F4:EC:07:4D:E1:75:41:CF:4A:BA:60:02:57:4D:52:89:7A:A0:1F
            X509v3 Authority Key Identifier:
                keyid:71:35:E3:89:46:34:48:2B:08:31:77:75:C7:96:57:E9:B8:31:2D:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/sPTsB03hdUHPSrpgAldNUol6oB8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.127.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:02:74:3b:7b:aa:bf:f2:fc:3f:c9:80:d7:bd:82:2c:1a:05:
         f6:ef:27:75:79:47:6f:24:c2:f9:82:7c:30:c8:f8:52:e3:5a:
         a4:ad:c3:9b:d5:20:cc:08:dc:ec:8b:39:60:90:96:4e:49:b6:
         2a:61:11:96:76:07:ad:1d:63:ad:62:e7:55:c8:eb:97:8b:b8:
         61:3c:f5:c4:cc:e9:c8:e3:57:28:5d:ae:c4:3e:85:23:8a:be:
         70:2e:72:cb:ff:6c:44:fe:38:e8:27:34:7a:ea:a5:65:94:22:
         43:1f:95:e5:d3:5f:2c:64:ae:40:9c:71:5b:35:39:d9:e4:04:
         a4:ea:cb:8f:16:79:64:1d:4f:e5:64:4c:a5:5d:27:91:f7:8a:
         03:c5:37:62:73:6a:cc:2c:f2:83:3f:17:78:7b:b6:71:f9:da:
         36:73:3d:4d:30:8f:fc:36:bd:31:a3:5b:48:b9:24:db:d1:73:
         73:a2:20:57:76:62:70:61:4a:c1:ac:e4:46:ef:bb:0e:8a:06:
         7e:4e:30:47:52:53:fb:7d:4e:bc:24:2d:02:db:4e:e5:01:b0:
         80:44:1c:f8:10:25:e9:c7:6f:d6:90:b3:a1:f3:43:f8:96:cb:
         00:fa:eb:09:66:03:85:0d:3a:1d:16:8e:49:9a:59:30:9d:b5:
         c5:f6:81:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe3xqQqh87Pncc2sUEPhji/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMzVlMzg5NDYzNDQ4MmIwODMxNzc3NWM3OTY1N2U5Yjgz
MTJkNGQwHhcNMjMwNDI1MDkzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY0ZWMwNzRkZTE3NTQxY2Y0YWJhNjAwMjU3NGQ1Mjg5N2FhMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+GmuVgAMC9xjRIto9exawxcCZkQ
/bDPb9Vo2Qh1hLfsfwpteZZDp8zcr1LwHCcM4XIrRsG0NGNl2sWVos2m5zQH+2Q0
UIDyAHXHGxtog4uTnDDg0cFzvc1aM8lbGAoz8uio/QZ2sQCxaAhiCC4TflZFy+b7
aJpeVuAoVm0uSBUS3jKx1alEKoTRzZj5kGfOG3QzwEaw0ytk1iWDDLlveksWl+2Y
6o4QXMi7o2zk4ke2/XOv2E97DFr3X1aA22ph4rfrgI1o4eX0Bq8/iQyuEH+ZeWdH
DnvOtiHbLu0XGWpZXWIsQQHEPgi3hGbPqnZKDogEoNv102WdXEnmaGMujQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLD07AdN4XVBz0q6YAJXTVKJeqAfMB8GA1UdIwQY
MBaAFHE144lGNEgrCDF3dceWV+m4MS1NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1RYamlVWTBTQ3NJTVhkMXg1Wlg2Ymd4TFUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xY2I5ZmMtNmIzMy00MmQ1LTk0MjMt
NzllY2Q4YTliNmQ2LzEvc1BUc0IwM2hkVUhQU3JwZ0FsZE5Vb2w2b0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xY2I5ZmMtNmIzMy00MmQ1LTk0MjMtNzllY2Q4YTliNmQ2
LzEvY1RYamlVWTBTQ3NJTVhkMXg1Wlg2Ymd4TFUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX/AMA0G
CSqGSIb3DQEBCwUAA4IBAQByAnQ7e6q/8vw/yYDXvYIsGgX27yd1eUdvJML5gnww
yPhS41qkrcOb1SDMCNzsizlgkJZOSbYqYRGWdgetHWOtYudVyOuXi7hhPPXEzOnI
41coXa7EPoUjir5wLnLL/2xE/jjoJzR66qVllCJDH5Xl018sZK5AnHFbNTnZ5ASk
6suPFnlkHU/lZEylXSeR94oDxTdic2rMLPKDPxd4e7Zx+do2cz1NMI/8Nr0xo1tI
uSTb0XNzoiBXdmJwYUrBrORG77sOigZ+TjBHUlP7fU68JC0C207lAbCARBz4ECXp
x2/WkLOh80P4lssA+usJZgOFDTodFo5JmlkwnbXF9oEz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:30 2024 by rpki-client on console-fra.rpki-client.org