Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/hYWWnfKmPvOqKHwxgXUun6EUk9s.roa
File:                     hYWWnfKmPvOqKHwxgXUun6EUk9s.roa (raw, json)
Hash identifier:          IjZFB6PAFBQ8OFIuyhZPSyMU5QQPVLMo0VjMSZFwRuQ=
Subject key identifier:   85:85:96:9D:F2:A6:3E:F3:AA:28:7C:31:81:75:2E:9F:A1:14:93:DB
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       01856F4B882B99664EC13D5EBE784F282636
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/hYWWnfKmPvOqKHwxgXUun6EUk9s.roa
Signing time:             Sun 01 Jan 2023 21:44:59 +0000
ROA not before:           Sun 01 Jan 2023 21:44:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        176.57.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Sep 2023 19:30:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:88:2b:99:66:4e:c1:3d:5e:be:78:4f:28:26:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Jan  1 21:44:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8585969df2a63ef3aa287c3181752e9fa11493db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:40:0a:de:f2:7f:30:5d:d0:cc:a9:46:94:63:
                    ae:f3:5e:c9:51:e3:24:4c:26:c2:70:9b:3f:0b:e7:
                    b5:20:e3:41:b5:34:0e:c1:13:cf:3f:a4:37:0a:ec:
                    26:6d:65:58:93:dd:13:6f:1a:4d:52:bd:72:aa:89:
                    d1:0e:97:9d:ee:22:a1:9c:33:7c:43:07:18:dc:0a:
                    25:6e:64:e5:99:1a:03:2e:81:71:03:69:d5:5f:b9:
                    e2:b4:3a:a8:65:c3:08:cf:ad:5f:ea:c8:14:35:d1:
                    00:5e:83:c9:2d:98:74:4c:01:b5:80:cc:59:f1:0b:
                    e8:b1:d2:c3:a1:a2:a5:09:9b:a0:e1:e8:e8:b4:12:
                    92:83:8f:ca:da:65:67:e1:8a:45:8a:3f:0e:e2:ac:
                    09:a0:7a:7c:4c:4d:e6:c1:b2:dd:ac:b0:38:6d:05:
                    08:90:51:9a:77:db:4b:7b:1f:3d:cb:b3:59:46:bd:
                    1b:5f:e4:11:7f:45:76:a5:73:b6:15:f0:2f:8b:dc:
                    49:de:34:65:91:13:d4:83:26:66:6c:6d:ca:12:57:
                    47:d1:3d:63:aa:b2:81:34:4a:31:e0:8e:5a:0e:de:
                    b6:61:82:8a:a6:ba:1d:db:0f:f2:e0:08:e0:ad:08:
                    97:e5:58:94:6b:2f:24:e1:68:58:07:3e:ab:c3:29:
                    52:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:85:96:9D:F2:A6:3E:F3:AA:28:7C:31:81:75:2E:9F:A1:14:93:DB
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/hYWWnfKmPvOqKHwxgXUun6EUk9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.57.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:19:ed:f0:c2:1a:78:b9:71:3c:d0:d5:d3:1d:cc:d5:cc:9b:
         d1:a7:8f:89:f3:19:02:18:83:6a:a7:d9:0e:76:77:31:20:9a:
         70:26:c5:57:28:aa:66:7c:a4:bd:b1:89:9f:8c:3a:39:99:9d:
         cc:17:06:2a:d4:35:e6:a3:6d:0e:7c:b9:04:42:9e:4a:ea:c9:
         d4:a0:34:54:f8:36:fc:00:c5:85:8c:2a:e6:ca:5b:4f:0a:d7:
         69:96:ab:05:6d:ea:e4:f0:05:db:ff:86:0a:d0:2e:5b:70:d7:
         64:88:08:c5:20:df:6e:51:4e:ec:be:4f:4e:dd:61:cb:92:f5:
         7d:3b:9c:57:62:92:9a:e0:84:24:e7:fb:3c:1e:ae:06:6d:cf:
         ea:45:fa:69:c9:b4:73:5c:f1:c6:bf:98:5d:aa:49:fd:3c:5f:
         4d:85:b6:13:7c:51:cb:8a:b1:6b:4d:02:cc:86:32:a1:d0:0d:
         97:12:fd:51:ff:92:78:b8:55:d3:19:ce:00:68:dc:5d:7f:01:
         03:fe:16:96:7c:57:1a:b0:53:f6:8c:73:c4:fe:df:7a:e1:a4:
         50:dd:02:d9:06:2e:94:3b:92:28:8a:e2:fa:c6:a4:0c:dc:c6:
         09:ce:65:82:2a:92:23:33:e2:7b:95:6c:e4:ce:dd:8c:11:fe:
         40:82:ea:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS4grmWZOwT1evnhPKCY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwMTAxMjE0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTg1OTY5ZGYyYTYzZWYzYWEyODdjMzE4MTc1MmU5ZmExMTQ5M2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkAK3vJ/MF3QzKlGlGOu817JUeMk
TCbCcJs/C+e1IONBtTQOwRPPP6Q3CuwmbWVYk90TbxpNUr1yqonRDped7iKhnDN8
QwcY3AolbmTlmRoDLoFxA2nVX7nitDqoZcMIz61f6sgUNdEAXoPJLZh0TAG1gMxZ
8QvosdLDoaKlCZug4ejotBKSg4/K2mVn4YpFij8O4qwJoHp8TE3mwbLdrLA4bQUI
kFGad9tLex89y7NZRr0bX+QRf0V2pXO2FfAvi9xJ3jRlkRPUgyZmbG3KEldH0T1j
qrKBNEox4I5aDt62YYKKprod2w/y4AjgrQiX5ViUay8k4WhYBz6rwylSIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWFlp3ypj7zqih8MYF1Lp+hFJPbMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvaFlXV25mS21Qdk9xS0h3eGdYVXVuNkVVazlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDk3MA0G
CSqGSIb3DQEBCwUAA4IBAQAVGe3wwhp4uXE80NXTHczVzJvRp4+J8xkCGINqp9kO
dncxIJpwJsVXKKpmfKS9sYmfjDo5mZ3MFwYq1DXmo20OfLkEQp5K6snUoDRU+Db8
AMWFjCrmyltPCtdplqsFberk8AXb/4YK0C5bcNdkiAjFIN9uUU7svk9O3WHLkvV9
O5xXYpKa4IQk5/s8Hq4Gbc/qRfppybRzXPHGv5hdqkn9PF9NhbYTfFHLirFrTQLM
hjKh0A2XEv1R/5J4uFXTGc4AaNxdfwED/haWfFcasFP2jHPE/t964aRQ3QLZBi6U
O5IoiuL6xqQM3MYJzmWCKpIjM+J7lWzkzt2MEf5AguoM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org