Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/lFkhIX8S9wwImfvmYvS6rUkaTas.roa
File:                     lFkhIX8S9wwImfvmYvS6rUkaTas.roa (raw, json)
Hash identifier:          5vhsOovmYM/484EOx2oc6t9RA9PINYBq1DFvN5LvtKQ=
Subject key identifier:   94:59:21:21:7F:12:F7:0C:08:99:FB:E6:62:F4:BA:AD:49:1A:4D:AB
Certificate issuer:       /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial:       018C35282E5EA569A0ABFA303A95E3FB6CB0
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/lFkhIX8S9wwImfvmYvS6rUkaTas.roa
Signing time:             Mon 04 Dec 2023 14:07:54 +0000
ROA not before:           Mon 04 Dec 2023 14:07:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41745
IP address blocks:        185.65.202.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:35:28:2e:5e:a5:69:a0:ab:fa:30:3a:95:e3:fb:6c:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
        Validity
            Not Before: Dec  4 14:07:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=945921217f12f70c0899fbe662f4baad491a4dab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:16:ea:67:7f:9d:24:ca:ad:ec:be:fe:87:7c:
                    8d:69:6e:1b:12:48:40:59:2c:dc:c0:59:59:24:8b:
                    9c:2c:0b:c3:88:af:56:13:fd:83:0a:e6:2b:95:6c:
                    c5:19:00:c2:4a:e9:2a:7d:08:22:5f:a2:1f:d9:83:
                    4a:93:fb:95:ac:85:a4:44:dc:bc:0b:ad:78:c3:47:
                    ec:ce:3b:3b:67:86:81:83:4b:ab:61:35:2b:7a:90:
                    57:cb:34:e5:0d:9d:83:11:8d:7b:f1:ad:ed:92:4b:
                    55:47:74:1e:5d:dd:40:91:36:9b:c7:d4:ff:90:16:
                    2a:70:8e:24:64:7b:6e:8b:3a:c0:63:45:12:be:f4:
                    b8:af:6e:16:2a:73:fb:24:50:3e:14:60:94:48:ab:
                    80:23:91:99:7b:9f:ea:ea:a6:ac:8e:7e:b3:ae:99:
                    48:10:f6:93:a9:df:71:52:34:d6:fe:40:af:dc:ce:
                    0e:ea:81:0d:78:35:bf:16:57:20:31:2a:18:86:bd:
                    e9:31:e6:2a:0e:b3:91:86:67:8d:bd:b7:a2:96:87:
                    f3:f0:ef:38:0f:62:86:5b:97:97:1d:37:bb:ec:7f:
                    57:9c:c1:d7:31:63:88:e6:f3:8a:f9:3d:8d:44:a9:
                    da:79:2f:65:41:aa:ec:5e:69:f9:3d:31:b5:58:f6:
                    25:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:59:21:21:7F:12:F7:0C:08:99:FB:E6:62:F4:BA:AD:49:1A:4D:AB
            X509v3 Authority Key Identifier:
                keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/lFkhIX8S9wwImfvmYvS6rUkaTas.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.65.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:b4:d0:56:45:26:53:d0:2e:f6:09:43:5a:18:27:a4:4c:38:
         c1:7a:f8:84:50:9d:ff:57:4c:7e:ed:0d:d0:d8:05:76:8a:31:
         f4:45:95:d0:9e:67:2b:30:c0:d5:8c:aa:0d:bc:1c:89:70:14:
         89:0c:53:a2:8a:0e:c0:e6:fa:84:4b:78:75:f0:c4:5c:da:26:
         34:c8:a8:a2:00:f5:14:84:c0:1e:56:cc:15:c4:d4:47:e0:e5:
         35:6b:21:37:ab:34:f6:76:14:b6:86:b9:03:1f:46:32:f6:9b:
         02:c2:e9:be:aa:40:91:4e:84:fc:af:bd:1a:af:ee:bb:6a:a0:
         25:89:78:97:cc:35:f7:5f:58:78:df:e9:ab:4c:f7:2a:23:45:
         72:ee:38:e0:ff:61:e2:0e:72:03:a8:a2:3f:bc:23:f8:fe:7a:
         eb:20:50:9f:8e:96:fb:79:96:86:54:5c:15:df:bc:4c:4e:3d:
         f0:71:a3:3c:67:56:bf:78:75:39:f7:10:f1:1f:b0:b5:f0:84:
         5d:a9:35:fa:a3:0e:50:35:f1:29:b9:d1:74:1f:4e:2d:b8:d1:
         e3:fa:19:23:46:c8:a8:ef:e2:72:9f:3a:8c:b7:0b:04:7c:97:
         83:5d:48:8f:70:ef:2f:2a:a5:74:b9:0a:52:88:39:a8:5b:fb:
         c9:27:e9:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw1KC5epWmgq/owOpXj+2ywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMxMjA0MTQwNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDU5MjEyMTdmMTJmNzBjMDg5OWZiZTY2MmY0YmFhZDQ5MWE0ZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRbqZ3+dJMqt7L7+h3yNaW4bEkhA
WSzcwFlZJIucLAvDiK9WE/2DCuYrlWzFGQDCSukqfQgiX6If2YNKk/uVrIWkRNy8
C614w0fszjs7Z4aBg0urYTUrepBXyzTlDZ2DEY178a3tkktVR3QeXd1AkTabx9T/
kBYqcI4kZHtuizrAY0USvvS4r24WKnP7JFA+FGCUSKuAI5GZe5/q6qasjn6zrplI
EPaTqd9xUjTW/kCv3M4O6oENeDW/FlcgMSoYhr3pMeYqDrORhmeNvbeilofz8O84
D2KGW5eXHTe77H9XnMHXMWOI5vOK+T2NRKnaeS9lQarsXmn5PTG1WPYlDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRZISF/EvcMCJn75mL0uq1JGk2rMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvbEZraElYOFM5d3dJbWZ2bVl2UzZyVWthVGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUHKMA0G
CSqGSIb3DQEBCwUAA4IBAQAatNBWRSZT0C72CUNaGCekTDjBeviEUJ3/V0x+7Q3Q
2AV2ijH0RZXQnmcrMMDVjKoNvByJcBSJDFOiig7A5vqES3h18MRc2iY0yKiiAPUU
hMAeVswVxNRH4OU1ayE3qzT2dhS2hrkDH0Yy9psCwum+qkCRToT8r70ar+67aqAl
iXiXzDX3X1h43+mrTPcqI0Vy7jjg/2HiDnIDqKI/vCP4/nrrIFCfjpb7eZaGVFwV
37xMTj3wcaM8Z1a/eHU59xDxH7C18IRdqTX6ow5QNfEpudF0H04tuNHj+hkjRsio
7+JynzqMtwsEfJeDXUiPcO8vKqV0uQpSiDmoW/vJJ+mJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:30 2024 by rpki-client on console-ams.rpki-client.org