Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/7aP9lK8Tb51qbmJ47fUZLCKOjoY.roa
File:                     7aP9lK8Tb51qbmJ47fUZLCKOjoY.roa (raw, json)
Hash identifier:          WFcLN8FXxKbAVchxNtNoFlF3TjXlyQYCB0OjSwzb3aY=
Subject key identifier:   ED:A3:FD:94:AF:13:6F:9D:6A:6E:62:78:ED:F5:19:2C:22:8E:8E:86
Certificate issuer:       /CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Certificate serial:       018C7C09A587C7A577CACCC04AB09CF661D5
Authority key identifier: 27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/7aP9lK8Tb51qbmJ47fUZLCKOjoY.roa
Signing time:             Mon 18 Dec 2023 08:27:36 +0000
ROA not before:           Mon 18 Dec 2023 08:27:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56582
IP address blocks:        91.102.162.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7c:09:a5:87:c7:a5:77:ca:cc:c0:4a:b0:9c:f6:61:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
        Validity
            Not Before: Dec 18 08:27:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eda3fd94af136f9d6a6e6278edf5192c228e8e86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0a:a2:e5:fe:78:f8:37:03:15:7f:7e:d2:f4:
                    9d:3e:68:04:ae:61:56:cb:71:41:0e:74:88:7c:8b:
                    62:80:9d:15:b0:06:b7:30:b5:10:00:fc:be:7e:4c:
                    3f:35:26:44:f2:eb:dc:d8:26:f9:a3:50:a8:fb:99:
                    18:79:13:10:e9:60:ef:fc:79:a6:c7:ad:d9:7c:b2:
                    22:0a:97:59:a9:32:b4:ae:75:fd:42:9b:65:a0:87:
                    2d:21:8d:db:01:16:47:45:ef:4d:ec:2a:63:d7:c1:
                    8d:cc:2c:b2:68:32:82:0a:d6:24:50:cd:3d:f6:1a:
                    9a:30:9d:e7:28:03:98:0f:6d:5c:36:a9:e9:0d:0f:
                    28:38:e7:08:49:fd:f0:15:c0:0b:d3:d9:c2:27:94:
                    5f:04:b1:cf:44:08:0a:c0:12:7f:9e:55:07:52:62:
                    36:94:9a:90:ba:5d:08:50:1d:f4:88:f5:85:7b:0d:
                    fc:b9:52:7b:79:81:7c:1c:ed:7d:04:46:cf:e1:69:
                    98:dc:5b:7b:2d:11:cb:cc:84:d2:0a:a7:8a:86:22:
                    a4:ed:4a:fa:6b:82:78:75:46:20:74:30:59:a3:60:
                    8a:2c:d9:6a:6a:f8:e8:fa:a8:df:e8:c3:f9:d2:7b:
                    d8:be:b2:5b:58:0e:f9:7e:56:75:2b:34:46:49:55:
                    de:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:A3:FD:94:AF:13:6F:9D:6A:6E:62:78:ED:F5:19:2C:22:8E:8E:86
            X509v3 Authority Key Identifier:
                keyid:27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/7aP9lK8Tb51qbmJ47fUZLCKOjoY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.102.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:23:15:b0:b1:c2:93:7b:25:24:dd:9c:5e:36:70:78:31:78:
         3f:7f:13:a9:8f:e7:6b:92:02:94:30:cc:90:b2:da:6f:4e:6c:
         ed:cd:c2:95:ed:b3:f4:04:bd:4e:ff:c1:6d:14:b2:fe:cd:ad:
         f0:b8:9c:2f:ee:a9:f7:a9:5d:4e:22:64:1f:67:2f:66:97:a9:
         a1:ba:c2:19:dd:41:35:1e:94:fa:9d:db:f0:b3:91:e5:2e:6f:
         99:63:88:96:11:c2:1c:20:23:1d:57:a7:d4:44:63:eb:20:43:
         41:0f:0d:54:6b:a1:96:80:3f:48:48:62:e9:ff:e1:9e:92:63:
         8d:be:c4:ff:75:c0:94:a7:c2:8b:c3:e1:1e:ef:b2:f7:16:d0:
         0b:e5:4e:a0:97:4b:ce:df:db:fa:51:02:5b:2c:98:c0:19:da:
         9b:a8:fa:19:59:35:fe:c2:48:38:1c:3d:f7:41:f6:23:5d:29:
         53:84:b9:51:74:c7:f6:09:b0:c2:3a:9c:94:d4:eb:b5:2f:38:
         7e:82:28:40:72:5e:ad:c3:66:21:51:f9:78:cd:46:5b:88:54:
         c0:77:c2:1f:7c:4e:f1:17:6b:a1:c2:47:f1:d7:b6:ca:c5:91:
         36:a6:0d:bc:75:00:a2:69:04:df:3f:87:44:a4:89:43:bd:b4:
         3f:d9:73:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx8CaWHx6V3yszASrCc9mHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzhiNDI3YzMxMzU5OGE5MmU4ZDhlYzYwZTI5NTBkYTM5
ZmMyYzkwHhcNMjMxMjE4MDgyNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGEzZmQ5NGFmMTM2ZjlkNmE2ZTYyNzhlZGY1MTkyYzIyOGU4ZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgqi5f54+DcDFX9+0vSdPmgErmFW
y3FBDnSIfItigJ0VsAa3MLUQAPy+fkw/NSZE8uvc2Cb5o1Co+5kYeRMQ6WDv/Hmm
x63ZfLIiCpdZqTK0rnX9QptloIctIY3bARZHRe9N7Cpj18GNzCyyaDKCCtYkUM09
9hqaMJ3nKAOYD21cNqnpDQ8oOOcISf3wFcAL09nCJ5RfBLHPRAgKwBJ/nlUHUmI2
lJqQul0IUB30iPWFew38uVJ7eYF8HO19BEbP4WmY3Ft7LRHLzITSCqeKhiKk7Ur6
a4J4dUYgdDBZo2CKLNlqavjo+qjf6MP50nvYvrJbWA75flZ1KzRGSVXeNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2j/ZSvE2+dam5ieO31GSwijo6GMB8GA1UdIwQY
MBaAFCfItCfDE1mKkujY7GDilQ2jn8LJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzct
MWM2ZWU0NGUxMWFkLzEvN2FQOWxLOFRiNTFxYm1KNDdmVVpMQ0tPam9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzctMWM2ZWU0NGUxMWFk
LzEvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2aiMA0G
CSqGSIb3DQEBCwUAA4IBAQB4IxWwscKTeyUk3ZxeNnB4MXg/fxOpj+drkgKUMMyQ
stpvTmztzcKV7bP0BL1O/8FtFLL+za3wuJwv7qn3qV1OImQfZy9ml6mhusIZ3UE1
HpT6ndvws5HlLm+ZY4iWEcIcICMdV6fURGPrIENBDw1Ua6GWgD9ISGLp/+GekmON
vsT/dcCUp8KLw+Ee77L3FtAL5U6gl0vO39v6UQJbLJjAGdqbqPoZWTX+wkg4HD33
QfYjXSlThLlRdMf2CbDCOpyU1Ou1Lzh+gihAcl6tw2YhUfl4zUZbiFTAd8IffE7x
F2uhwkfx17bKxZE2pg28dQCiaQTfP4dEpIlDvbQ/2XNI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org