Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/vAouYBCFeyDmySpeNAjeknivPWk.roa
File:                     vAouYBCFeyDmySpeNAjeknivPWk.roa (raw, json)
Hash identifier:          DCgfOeSOEd7mTa2vvDpWDLEb5XCgrRbcoX3s6CIdZHc=
Subject key identifier:   BC:0A:2E:60:10:85:7B:20:E6:C9:2A:5E:34:08:DE:92:78:AF:3D:69
Certificate issuer:       /CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba
Certificate serial:       018E64B62F28986DFDEA3F7CC2ACADC0DCEC
Authority key identifier: 2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/vAouYBCFeyDmySpeNAjeknivPWk.roa
Signing time:             Fri 22 Mar 2024 05:50:44 +0000
ROA not before:           Fri 22 Mar 2024 05:50:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        91.239.108.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 29 Sep 2024 12:07:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:64:b6:2f:28:98:6d:fd:ea:3f:7c:c2:ac:ad:c0:dc:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba
        Validity
            Not Before: Mar 22 05:50:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bc0a2e6010857b20e6c92a5e3408de9278af3d69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:3c:d8:5b:14:b3:90:ea:8f:59:51:12:e6:2d:
                    95:e4:f9:4a:7a:40:03:b5:f3:70:6e:c8:f1:94:1c:
                    bb:5d:63:b7:77:98:06:44:48:8c:47:75:20:00:fc:
                    98:ef:23:6e:48:39:33:57:8d:38:df:d3:fa:8d:3a:
                    1b:8f:c2:91:f3:85:22:6f:82:c2:df:96:61:51:28:
                    ef:46:a9:0a:69:23:dd:72:9e:43:dd:98:5d:83:80:
                    ec:a3:02:43:93:53:cd:6e:3b:fe:12:f9:56:b5:f4:
                    6d:bf:be:9a:5c:b5:e1:a1:fa:0b:33:30:11:80:ce:
                    12:99:d3:f8:4b:3b:95:25:b9:3a:8e:cf:3d:23:49:
                    41:f4:4e:06:82:56:64:28:87:74:a8:0d:a6:b7:05:
                    ed:39:b6:3e:24:29:9e:83:77:6e:dc:01:a9:84:30:
                    48:a5:4b:63:32:54:01:ba:52:cf:24:80:15:72:38:
                    42:ad:16:35:4f:89:4a:2d:71:17:ed:90:ac:9d:81:
                    81:8b:53:41:d1:62:ac:aa:77:89:8c:9d:77:7e:f3:
                    0d:bf:6b:10:72:6a:75:fb:9d:02:6a:27:db:16:a0:
                    1f:bc:9a:15:83:46:69:52:72:0a:4d:d4:a5:4e:f7:
                    9a:3a:e8:7e:e7:20:4a:7b:66:85:b1:9b:1c:c4:ed:
                    14:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:0A:2E:60:10:85:7B:20:E6:C9:2A:5E:34:08:DE:92:78:AF:3D:69
            X509v3 Authority Key Identifier:
                keyid:2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/vAouYBCFeyDmySpeNAjeknivPWk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:21:ff:2d:61:4d:ab:db:1b:ee:7e:31:58:8f:aa:bc:96:e3:
         54:87:0f:17:0a:63:f8:c8:e9:cd:ea:43:28:0a:fb:f5:6a:5d:
         f4:1b:ac:10:a7:86:61:11:41:f1:ec:a6:a8:5f:a3:78:7f:1b:
         37:be:83:68:e7:02:f7:70:c0:25:e2:ec:5d:aa:ea:c1:5d:cd:
         f8:2e:dd:07:6d:21:6f:3e:93:dc:6b:c0:6e:cd:74:59:5d:93:
         40:1e:3b:d8:9d:10:76:70:f3:89:94:9b:d4:c7:7d:f4:84:ee:
         7d:41:b3:71:a2:f0:ce:27:96:71:59:fb:2a:67:b3:ac:db:b5:
         e7:72:b8:b0:6e:d5:61:83:7d:17:fd:d0:e7:bb:43:8f:aa:6c:
         48:20:46:a0:ee:3b:77:c3:9e:c5:8d:79:6a:4f:44:07:87:6c:
         f3:25:05:78:4e:46:5d:32:79:54:59:90:ca:1f:0d:a1:89:bf:
         bb:2b:f6:1a:33:a7:48:ba:85:72:3d:1a:09:f2:c5:a5:47:4d:
         af:f2:41:12:c5:5d:2e:51:52:73:e9:74:19:d6:c8:be:6e:fa:
         b2:bc:e0:33:31:d9:20:3e:1d:86:e1:b3:d8:2d:0a:9d:ad:7b:
         98:db:2e:05:79:6a:8e:9b:ff:6b:aa:31:f5:3f:0b:d8:31:a2:
         8d:cc:54:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5kti8omG396j98wqytwNzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDU5OTk0ZjJhZjc5NTk5Y2ZiM2ZmMmUzZTk4ZTUxOGY5
MTRmYmEwHhcNMjQwMzIyMDU1MDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzBhMmU2MDEwODU3YjIwZTZjOTJhNWUzNDA4ZGU5Mjc4YWYzZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjzYWxSzkOqPWVES5i2V5PlKekAD
tfNwbsjxlBy7XWO3d5gGREiMR3UgAPyY7yNuSDkzV40439P6jTobj8KR84Uib4LC
35ZhUSjvRqkKaSPdcp5D3Zhdg4DsowJDk1PNbjv+EvlWtfRtv76aXLXhofoLMzAR
gM4SmdP4SzuVJbk6js89I0lB9E4GglZkKId0qA2mtwXtObY+JCmeg3du3AGphDBI
pUtjMlQBulLPJIAVcjhCrRY1T4lKLXEX7ZCsnYGBi1NB0WKsqneJjJ13fvMNv2sQ
cmp1+50CaifbFqAfvJoVg0ZpUnIKTdSlTveaOuh+5yBKe2aFsZscxO0UpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwKLmAQhXsg5skqXjQI3pJ4rz1pMB8GA1UdIwQY
MBaAFCrVmZTyr3lZnPs/8uPpjlGPkU+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDct
YmJlMmM0ZDg4YzJmLzEvdkFvdVlCQ0ZleURteVNwZU5BamVrbml2UFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDctYmJlMmM0ZDg4YzJm
LzEvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+9sMA0G
CSqGSIb3DQEBCwUAA4IBAQBNIf8tYU2r2xvufjFYj6q8luNUhw8XCmP4yOnN6kMo
Cvv1al30G6wQp4ZhEUHx7KaoX6N4fxs3voNo5wL3cMAl4uxdqurBXc34Lt0HbSFv
PpPca8BuzXRZXZNAHjvYnRB2cPOJlJvUx330hO59QbNxovDOJ5ZxWfsqZ7Os27Xn
criwbtVhg30X/dDnu0OPqmxIIEag7jt3w57FjXlqT0QHh2zzJQV4TkZdMnlUWZDK
Hw2hib+7K/YaM6dIuoVyPRoJ8sWlR02v8kESxV0uUVJz6XQZ1si+bvqyvOAzMdkg
Ph2G4bPYLQqdrXuY2y4FeWqOm/9rqjH1PwvYMaKNzFSH
-----END CERTIFICATE-----
Generated at Sun Sep 29 15:26:10 2024 by rpki-client on console-ams.rpki-client.org