Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/oCS0TGG-ZyS14RifvfE4saM_yEs.roa
File: oCS0TGG-ZyS14RifvfE4saM_yEs.roa (raw, json)
Hash identifier: RXNNPhGK5q7VU30UqnAi8ejbbRrkuNtnHvrZ/zPd2EU=
Subject key identifier: A0:24:B4:4C:61:BE:67:24:B5:E1:18:9F:BD:F1:38:B1:A3:3F:C8:4B
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 01857315F6BE5FD4D99FC3F8B5435B39BC20
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/oCS0TGG-ZyS14RifvfE4saM_yEs.roa
Signing time: Mon 02 Jan 2023 15:24:57 +0000
ROA not before: Mon 02 Jan 2023 15:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59922
IP address blocks: 2a0a:8887:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f6:be:5f:d4:d9:9f:c3:f8:b5:43:5b:39:bc:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 2 15:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a024b44c61be6724b5e1189fbdf138b1a33fc84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:86:e0:3c:fa:c4:e2:88:92:1f:23:91:f8:13:
6f:f3:cd:68:3d:58:30:61:d0:34:10:eb:23:6a:22:
3f:28:9c:62:b7:f3:ca:24:af:78:be:0a:ae:d4:cc:
be:01:d9:a8:9d:3e:f2:94:96:df:a2:b4:54:db:c2:
59:cd:b8:9e:a5:d8:59:56:c6:9c:d2:30:82:19:6a:
f7:45:b8:2c:46:cc:70:76:d3:36:54:d2:db:fb:e8:
4e:20:18:45:35:7f:58:ba:1c:4b:2f:1d:c6:f8:05:
1c:53:5b:06:8e:a0:94:b0:67:7c:ec:d6:18:75:32:
6a:77:94:63:73:38:f9:bb:fd:ac:b0:2e:bd:c0:69:
59:88:e4:83:ab:78:ee:ea:bb:2d:48:2f:75:ea:11:
ca:ab:e5:24:90:41:7e:60:99:35:ad:e4:30:88:3f:
5e:06:21:10:32:15:4e:26:85:79:e6:50:b5:13:9a:
01:9a:4c:82:14:43:31:ce:62:d7:d7:db:41:11:49:
b6:f1:40:6f:35:78:ca:b1:14:c9:dd:e3:72:6f:e7:
26:f6:87:fd:83:bb:ea:10:2c:1d:5b:fb:69:68:84:
c4:2d:14:6a:09:f5:9c:42:4e:78:ea:30:5a:46:4a:
f0:13:1b:e3:cb:3a:94:b2:45:a6:8e:46:9d:00:43:
f0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:24:B4:4C:61:BE:67:24:B5:E1:18:9F:BD:F1:38:B1:A3:3F:C8:4B
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/oCS0TGG-ZyS14RifvfE4saM_yEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:8887:1::/48
Signature Algorithm: sha256WithRSAEncryption
47:9b:dc:11:5d:62:22:6d:12:36:91:73:13:d0:cd:d5:c4:e2:
eb:95:60:85:d9:44:6d:8b:b5:a5:2e:f1:01:f9:00:7f:9c:05:
c2:e0:80:dc:0d:e8:bc:38:bb:0a:19:0b:2f:23:40:c5:52:29:
47:a5:81:e7:f2:69:ee:0f:71:b4:36:ed:bc:00:b2:4d:b6:ed:
a0:1a:0c:9e:71:e3:88:3d:64:d6:9b:fa:f4:e7:92:35:45:05:
43:6a:b6:76:e8:1f:b8:f6:1a:2e:fa:0f:90:47:89:29:02:b8:
56:76:3c:6e:0e:c9:c6:6c:03:d9:2c:2d:3e:28:8f:bf:6c:12:
fb:24:59:1f:f4:08:11:f7:8f:36:5b:b4:dc:d8:de:22:06:17:
a1:25:82:a7:b5:6c:6a:2c:e5:30:85:2a:f2:0e:21:23:e4:22:
21:ba:ce:bb:72:b7:ec:37:4a:09:a7:b6:b8:8c:11:d0:72:7d:
e6:8b:cd:41:20:f0:c0:7c:20:62:e8:d1:57:39:43:c2:71:89:
e7:18:c8:d8:fb:7d:47:36:30:7d:02:8a:3e:a5:a7:e0:58:18:
46:84:d2:9c:5d:f9:02:61:0f:66:11:2d:22:19:e1:b6:60:a1:
fa:e6:34:50:d6:e6:78:c7:84:03:15:6b:5e:82:a2:90:e9:2f:
b1:04:33:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzFfa+X9TZn8P4tUNbObwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjMwMTAyMTUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI0YjQ0YzYxYmU2NzI0YjVlMTE4OWZiZGYxMzhiMWEzM2ZjODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4bgPPrE4oiSHyOR+BNv881oPVgw
YdA0EOsjaiI/KJxit/PKJK94vgqu1My+AdmonT7ylJbforRU28JZzbiepdhZVsac
0jCCGWr3RbgsRsxwdtM2VNLb++hOIBhFNX9YuhxLLx3G+AUcU1sGjqCUsGd87NYY
dTJqd5Rjczj5u/2ssC69wGlZiOSDq3ju6rstSC916hHKq+UkkEF+YJk1reQwiD9e
BiEQMhVOJoV55lC1E5oBmkyCFEMxzmLX19tBEUm28UBvNXjKsRTJ3eNyb+cm9of9
g7vqECwdW/tpaITELRRqCfWcQk546jBaRkrwExvjyzqUskWmjkadAEPwMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKAktExhvmckteEYn73xOLGjP8hLMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvb0NTMFRHRy1aeVMxNFJpZnZmRTRzYU1feUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgqIhwAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBHm9wRXWIibRI2kXMT0M3VxOLrlWCF2URti7Wl
LvEB+QB/nAXC4IDcDei8OLsKGQsvI0DFUilHpYHn8mnuD3G0Nu28ALJNtu2gGgye
ceOIPWTWm/r055I1RQVDarZ26B+49hou+g+QR4kpArhWdjxuDsnGbAPZLC0+KI+/
bBL7JFkf9AgR9482W7Tc2N4iBhehJYKntWxqLOUwhSryDiEj5CIhus67crfsN0oJ
p7a4jBHQcn3mi81BIPDAfCBi6NFXOUPCcYnnGMjY+31HNjB9Aoo+pafgWBhGhNKc
XfkCYQ9mES0iGeG2YKH65jRQ1uZ4x4QDFWtegqKQ6S+xBDNY
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:31 2024 by rpki-client on console-ams.rpki-client.org