Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/rcCFD1hPT842J8cKzKA9-S8L6RQ.roa
File:                     rcCFD1hPT842J8cKzKA9-S8L6RQ.roa (raw, json)
Hash identifier:          UpY0dbh6RNwQeyZtvkr58VvfDkfiElstXQHWgy2M+sI=
Subject key identifier:   AD:C0:85:0F:58:4F:4F:CE:36:27:C7:0A:CC:A0:3D:F9:2F:0B:E9:14
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       0188998D83DF7C91F4B5EC20432997F09F33
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/rcCFD1hPT842J8cKzKA9-S8L6RQ.roa
Signing time:             Thu 08 Jun 2023 05:49:28 +0000
ROA not before:           Thu 08 Jun 2023 05:49:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        171.22.147.0/24 maxlen: 24
                          185.235.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 01 Jul 2023 00:47:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:99:8d:83:df:7c:91:f4:b5:ec:20:43:29:97:f0:9f:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Jun  8 05:49:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=adc0850f584f4fce3627c70acca03df92f0be914
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:dd:b6:87:42:dd:a3:ef:75:29:d2:bc:85:f8:
                    1c:d5:c0:8c:fc:eb:d4:a3:0d:1c:58:3e:6e:8a:5a:
                    ef:7b:a4:5c:59:a5:72:9b:b1:32:e6:f4:e3:30:0f:
                    ed:32:f3:a7:77:a2:fe:8b:d5:f1:94:9a:24:92:ca:
                    d8:d2:4e:55:6f:02:1e:f5:ac:26:3a:77:e4:7d:7e:
                    0e:6d:d0:4f:e1:d6:e6:0c:67:03:76:8c:29:1b:43:
                    e8:ae:45:47:e3:4e:9b:e8:6d:5a:ce:c5:26:60:a3:
                    bf:f5:92:ce:af:87:48:ba:13:00:a4:ac:e4:55:c5:
                    d9:cb:3e:40:60:18:de:79:8c:9f:0d:00:a1:ee:33:
                    63:7b:20:d9:fd:0d:75:1d:2d:52:d4:9d:2f:e9:eb:
                    c6:54:31:e3:73:b0:67:f5:0f:fa:59:4f:8e:c8:f4:
                    4a:fd:57:2c:89:41:ae:86:b8:07:ae:04:64:00:7f:
                    04:6b:f3:a5:8c:fd:7e:65:26:48:8d:05:4d:3c:bc:
                    e7:0f:99:2d:03:3e:7b:e6:36:c6:4f:c1:17:3d:a4:
                    ed:74:b4:cc:34:d1:1b:95:2b:79:6b:43:62:93:65:
                    50:e1:88:87:0d:0d:0c:1e:48:3d:58:be:75:0e:5a:
                    ea:d9:6e:0b:7e:08:69:2b:3a:55:f1:65:fd:41:3e:
                    f8:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:C0:85:0F:58:4F:4F:CE:36:27:C7:0A:CC:A0:3D:F9:2F:0B:E9:14
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/rcCFD1hPT842J8cKzKA9-S8L6RQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  171.22.147.0/24
                  185.235.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:de:49:96:25:c1:95:2b:3b:c0:94:59:f3:f8:1a:6f:9c:b3:
         69:10:da:f4:fa:f8:65:94:8d:d5:a5:50:4a:61:1d:37:f2:99:
         d4:1d:62:8a:75:01:ff:01:1d:b9:74:05:a5:cb:8b:dc:e5:05:
         d6:c7:3e:17:ba:b0:91:3d:32:81:74:3d:28:ab:e9:9e:fe:4c:
         11:ef:63:a5:8f:d1:5d:e1:3f:7a:86:84:65:15:d9:3c:e3:bc:
         7d:94:05:61:e6:eb:13:7f:a4:24:08:73:76:e9:ea:a5:f1:fb:
         fd:bd:15:b7:c1:01:dc:8f:9a:a5:6c:25:56:d8:93:d4:73:e6:
         7b:cb:f3:6c:f7:7c:2e:fa:12:70:0a:58:99:ed:bc:59:e7:f7:
         6e:c4:21:c5:93:60:48:3e:9b:28:26:e6:70:ca:88:92:1a:e1:
         95:b8:c7:0b:e1:50:2c:3a:d3:79:b8:60:a2:ea:fd:19:52:d0:
         4a:e2:00:04:63:c9:c3:12:78:b3:2b:aa:fc:cc:ca:30:a1:3e:
         3b:f6:22:a1:33:b5:65:9d:c9:27:59:26:e7:73:93:de:48:23:
         6d:79:ed:e0:6d:db:74:b2:c8:0c:83:90:58:78:e6:a7:20:ee:
         55:7f:69:9f:6f:9c:12:f4:4b:99:ac:55:e0:a0:ac:4c:e6:8b:
         0c:88:5d:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiZjYPffJH0tewgQymX8J8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNjA4MDU0OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGMwODUwZjU4NGY0ZmNlMzYyN2M3MGFjY2EwM2RmOTJmMGJlOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod22h0Ldo+91KdK8hfgc1cCM/OvU
ow0cWD5uilrve6RcWaVym7Ey5vTjMA/tMvOnd6L+i9XxlJokksrY0k5VbwIe9awm
OnfkfX4ObdBP4dbmDGcDdowpG0PorkVH406b6G1azsUmYKO/9ZLOr4dIuhMApKzk
VcXZyz5AYBjeeYyfDQCh7jNjeyDZ/Q11HS1S1J0v6evGVDHjc7Bn9Q/6WU+OyPRK
/VcsiUGuhrgHrgRkAH8Ea/OljP1+ZSZIjQVNPLznD5ktAz575jbGT8EXPaTtdLTM
NNEblSt5a0Nik2VQ4YiHDQ0MHkg9WL51Dlrq2W4LfghpKzpV8WX9QT748QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK3AhQ9YT0/ONifHCsygPfkvC+kUMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvcmNDRkQxaFBUODQySjhjS3pLQTktUzhMNlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqxaTAwQA
uetHMA0GCSqGSIb3DQEBCwUAA4IBAQAq3kmWJcGVKzvAlFnz+BpvnLNpENr0+vhl
lI3VpVBKYR038pnUHWKKdQH/AR25dAWly4vc5QXWxz4XurCRPTKBdD0oq+me/kwR
72Olj9Fd4T96hoRlFdk847x9lAVh5usTf6QkCHN26eql8fv9vRW3wQHcj5qlbCVW
2JPUc+Z7y/Ns93wu+hJwCliZ7bxZ5/duxCHFk2BIPpsoJuZwyoiSGuGVuMcL4VAs
OtN5uGCi6v0ZUtBK4gAEY8nDEnizK6r8zMowoT479iKhM7VlncknWSbnc5PeSCNt
ee3gbdt0ssgMg5BYeOanIO5Vf2mfb5wS9EuZrFXgoKxM5osMiF1w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org