Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/o_e-03uqQ5Fg8f7YV8XZhF2xrUA.roa
File:                     o_e-03uqQ5Fg8f7YV8XZhF2xrUA.roa (raw, json)
Hash identifier:          tro7t2HgXU4kkFpLjC/XMkj4Y57hBTTKIaplmBrhJ24=
Subject key identifier:   A3:F7:BE:D3:7B:AA:43:91:60:F1:FE:D8:57:C5:D9:84:5D:B1:AD:40
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       01869B0733D2C0B4152EBBF05B5FA56D0983
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/o_e-03uqQ5Fg8f7YV8XZhF2xrUA.roa
Signing time:             Wed 01 Mar 2023 02:36:25 +0000
ROA not before:           Wed 01 Mar 2023 02:36:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30738
IP address blocks:        195.211.53.0/24 maxlen: 24
                          95.182.76.0/24 maxlen: 24
                          188.130.254.0/24 maxlen: 24
                          188.130.182.0/24 maxlen: 24
                          2001:1468:8000::/36 maxlen: 36
                          2001:1468::/32 maxlen: 33

Validation:               Failed, certificate revoked on Thu 09 Mar 2023 16:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9b:07:33:d2:c0:b4:15:2e:bb:f0:5b:5f:a5:6d:09:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Mar  1 02:36:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a3f7bed37baa439160f1fed857c5d9845db1ad40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:12:ac:75:23:ab:b3:dd:ff:20:e9:69:f5:e8:
                    5f:1e:20:7e:c8:84:99:e1:7b:4b:73:f9:5a:b7:f6:
                    4d:aa:f9:f2:86:eb:7d:c8:db:a6:ce:b5:65:4c:1b:
                    5d:60:70:5a:09:d0:3b:ae:f6:52:a1:24:1f:18:27:
                    3d:3d:b5:eb:41:39:9e:dc:99:71:4f:1e:8e:f1:80:
                    a9:48:a3:62:a7:86:90:a6:42:c7:00:b8:33:7f:f8:
                    dc:a5:bd:8f:26:92:d8:33:b2:a8:4f:aa:28:4d:fe:
                    be:d6:c8:3f:84:a7:90:7a:ab:e5:c8:e0:87:c4:9b:
                    1d:9c:a9:36:1f:da:01:5d:46:8a:1f:d8:bd:c2:91:
                    ae:4f:ee:07:82:2f:8f:37:de:2c:ce:e8:ec:43:8f:
                    55:78:5a:cb:0f:7a:11:92:07:b1:dc:25:43:43:f1:
                    13:9a:59:73:61:79:9b:f0:41:57:48:6f:42:27:f3:
                    cf:85:9d:5b:f5:8d:1c:35:c1:ea:70:99:71:1c:9a:
                    71:a9:83:3c:4a:e5:3e:64:53:82:42:59:3c:63:df:
                    71:71:1f:bd:c1:2c:31:36:07:47:1c:c0:b7:be:a2:
                    02:e5:5a:1e:9c:e3:2e:f3:dd:83:db:c9:7f:60:86:
                    62:29:a8:87:f4:02:ea:e1:d3:d7:f4:ef:3c:32:7d:
                    cb:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:F7:BE:D3:7B:AA:43:91:60:F1:FE:D8:57:C5:D9:84:5D:B1:AD:40
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/o_e-03uqQ5Fg8f7YV8XZhF2xrUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.182.76.0/24
                  188.130.182.0/24
                  188.130.254.0/24
                  195.211.53.0/24
                IPv6:
                  2001:1468::/32

    Signature Algorithm: sha256WithRSAEncryption
         46:17:6a:eb:0c:ab:26:be:57:f0:d0:25:a4:d4:ac:66:36:38:
         57:1f:16:2d:57:21:7e:f7:75:9c:53:27:fc:f6:d8:ca:b1:fe:
         61:41:01:2c:c9:e7:8f:8d:50:8a:4f:7a:f2:39:ac:26:76:f0:
         08:61:f2:44:47:52:3d:52:67:96:af:83:13:da:21:58:05:66:
         2b:eb:b1:2c:53:ac:c0:c0:6b:7c:39:eb:86:dc:75:4e:f4:1b:
         56:b5:06:e5:fb:a4:71:43:44:f2:6e:60:26:a4:a5:db:6a:f3:
         1f:09:70:03:c4:45:12:fa:ae:73:c8:5d:ba:93:57:13:a4:96:
         e6:9d:c6:0b:4c:56:01:5a:d2:d9:de:1e:9c:66:2c:9d:b7:bc:
         f9:ad:31:3b:eb:8c:7d:d7:95:db:22:21:cb:ea:43:e3:75:5e:
         41:44:3f:57:0d:3f:34:15:cb:ba:8e:32:4a:16:c4:3c:e2:a6:
         5e:f3:82:42:f3:51:1f:5d:0f:9d:7f:6c:59:79:53:28:f5:89:
         7b:b4:ae:c8:fa:d3:e7:4c:9f:48:7a:e7:98:b6:ad:9e:5b:e5:
         11:f9:ed:f5:d1:2b:11:8d:0f:36:4d:73:7e:e2:01:7e:39:ee:
         f9:cd:ed:94:7d:da:45:aa:06:06:9c:4a:92:22:78:3c:00:fa:
         21:92:06:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYabBzPSwLQVLrvwW1+lbQmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwMzAxMDIzNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y3YmVkMzdiYWE0MzkxNjBmMWZlZDg1N2M1ZDk4NDVkYjFhZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBKsdSOrs93/IOlp9ehfHiB+yISZ
4XtLc/lat/ZNqvnyhut9yNumzrVlTBtdYHBaCdA7rvZSoSQfGCc9PbXrQTme3Jlx
Tx6O8YCpSKNip4aQpkLHALgzf/jcpb2PJpLYM7KoT6ooTf6+1sg/hKeQeqvlyOCH
xJsdnKk2H9oBXUaKH9i9wpGuT+4Hgi+PN94szujsQ49VeFrLD3oRkgex3CVDQ/ET
mllzYXmb8EFXSG9CJ/PPhZ1b9Y0cNcHqcJlxHJpxqYM8SuU+ZFOCQlk8Y99xcR+9
wSwxNgdHHMC3vqIC5VoenOMu892D28l/YIZiKaiH9ALq4dPX9O88Mn3LPwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKP3vtN7qkORYPH+2FfF2YRdsa1AMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvb19lLTAzdXFRNUZnOGY3WVY4WFpoRjJ4clVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAX7ZMAwQA
vIK2AwQAvIL+AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQBGF2rrDKsmvlfw0CWk1KxmNjhXHxYtVyF+93WcUyf89tjKsf5hQQEsyeePjVCK
T3ryOawmdvAIYfJER1I9UmeWr4MT2iFYBWYr67EsU6zAwGt8OeuG3HVO9BtWtQbl
+6RxQ0TybmAmpKXbavMfCXADxEUS+q5zyF26k1cTpJbmncYLTFYBWtLZ3h6cZiyd
t7z5rTE764x915XbIiHL6kPjdV5BRD9XDT80Fcu6jjJKFsQ84qZe84JC81EfXQ+d
f2xZeVMo9Yl7tK7I+tPnTJ9IeueYtq2eW+UR+e310SsRjQ82TXN+4gF+Oe75ze2U
fdpFqgYGnEqSIng8APohkgad
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org