Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/ryjIHr3uxiOHc6XK7RzVWr7JeBI.roa
File:                     ryjIHr3uxiOHc6XK7RzVWr7JeBI.roa (raw, json)
Hash identifier:          BKN1KBVK/1UKQo8P6rAhFlYMidJGtHkL2LKINCyxs50=
Subject key identifier:   AF:28:C8:1E:BD:EE:C6:23:87:73:A5:CA:ED:1C:D5:5A:BE:C9:78:12
Certificate issuer:       /CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Certificate serial:       018E32E224C682B2E1C1E4E2E26B6BAD24D4
Authority key identifier: D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/ryjIHr3uxiOHc6XK7RzVWr7JeBI.roa
Signing time:             Tue 12 Mar 2024 13:37:45 +0000
ROA not before:           Tue 12 Mar 2024 13:37:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8943
IP address blocks:        185.73.44.0/22 maxlen: 22
                          194.33.11.0/24 maxlen: 24
                          212.13.192.0/19 maxlen: 19
                          2001:ba8::/32 maxlen: 32
                          2001:baa::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 04 Nov 2024 20:17:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:32:e2:24:c6:82:b2:e1:c1:e4:e2:e2:6b:6b:ad:24:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
        Validity
            Not Before: Mar 12 13:37:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=af28c81ebdeec6238773a5caed1cd55abec97812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e3:e5:04:f9:d1:8c:69:17:6d:57:14:3a:4c:
                    2a:ce:64:4b:33:d5:c5:4c:47:19:3e:4a:4c:86:35:
                    b9:a8:17:b6:08:62:2e:e4:29:ef:e8:70:46:f8:a3:
                    0f:cb:99:38:a6:5d:b4:f5:47:cb:54:92:f1:79:74:
                    3c:b8:26:1e:63:ca:64:ec:b7:9e:71:fc:05:ff:15:
                    00:7d:3d:b7:2d:68:84:a9:ca:d9:84:c7:a8:62:17:
                    14:92:c9:b8:7a:af:bd:10:44:a2:c4:1f:e2:0b:6f:
                    dc:6f:dc:7f:42:e3:32:05:b5:b9:7d:40:4a:41:c2:
                    c2:aa:c7:bd:49:2b:65:81:76:32:4e:94:64:58:cf:
                    f3:e0:8d:bc:b8:ce:61:bf:8a:14:f0:d4:43:f7:13:
                    e5:24:28:de:79:b8:7b:a5:2c:f5:7b:73:2b:07:38:
                    86:73:49:dc:6b:bd:fc:6e:02:53:3a:bf:11:bd:de:
                    dc:0f:24:ab:dc:f6:08:b2:d5:f8:77:3c:27:37:9d:
                    4e:ae:69:53:ef:bb:09:b8:db:7c:1a:a8:93:ea:49:
                    8c:51:ee:66:56:ae:96:43:0f:e3:06:ce:5f:86:a1:
                    34:2e:c8:3b:80:1d:aa:c2:a3:c1:08:47:94:69:27:
                    11:78:c6:dd:dd:8a:16:21:fc:e8:ea:2b:25:6d:0d:
                    51:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:28:C8:1E:BD:EE:C6:23:87:73:A5:CA:ED:1C:D5:5A:BE:C9:78:12
            X509v3 Authority Key Identifier:
                keyid:D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/ryjIHr3uxiOHc6XK7RzVWr7JeBI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.44.0/22
                  194.33.11.0/24
                  212.13.192.0/19
                IPv6:
                  2001:ba8::/32
                  2001:baa::/32

    Signature Algorithm: sha256WithRSAEncryption
         c5:54:98:11:d8:a2:29:22:68:fe:b7:59:5f:2d:88:2e:cb:16:
         3e:ab:e2:d3:d7:9d:4a:24:37:7f:91:b8:d2:c1:3f:fd:bc:07:
         68:06:d1:a9:9f:d9:74:69:ed:1b:27:72:f5:96:83:fe:20:96:
         61:3e:3d:50:3d:f7:e4:03:f1:83:c0:a6:a3:82:14:c0:1a:41:
         a2:d8:4a:77:ec:0b:e1:bf:35:15:49:ed:e5:78:94:63:c4:5a:
         14:0c:40:c3:91:9a:f9:e4:d7:15:17:12:b9:a4:02:4f:81:67:
         45:30:a2:a0:6d:e3:ca:23:12:bb:7f:b9:79:d6:9f:8e:b9:72:
         6b:db:7f:eb:30:13:84:87:3f:5d:48:85:4c:71:61:70:16:be:
         0c:c7:42:f5:82:2b:f7:6d:9e:94:d1:ad:69:33:34:8d:97:b0:
         0a:df:b8:1b:ce:bd:97:39:0d:24:f4:e3:8e:7c:5b:34:95:30:
         b8:7a:dd:9f:30:db:1a:6d:97:1c:5f:56:a4:67:32:80:97:63:
         ae:4b:20:45:81:48:ad:48:da:d5:d5:08:b2:4e:42:c5:81:6b:
         84:07:8e:36:4f:f5:d7:06:4d:2f:e8:15:45:76:cd:00:bc:36:
         e3:d0:09:74:36:58:05:ef:00:de:1a:28:73:5a:33:da:ef:d9:
         90:c1:e5:7d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY4y4iTGgrLhweTi4mtrrSTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzNiZmEwMTRiOTE5MmYyNzAwYWNhZjZmMjc5ZGJlZjhh
MGFmZjIwHhcNMjQwMzEyMTMzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjI4YzgxZWJkZWVjNjIzODc3M2E1Y2FlZDFjZDU1YWJlYzk3ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+PlBPnRjGkXbVcUOkwqzmRLM9XF
TEcZPkpMhjW5qBe2CGIu5Cnv6HBG+KMPy5k4pl209UfLVJLxeXQ8uCYeY8pk7Lee
cfwF/xUAfT23LWiEqcrZhMeoYhcUksm4eq+9EESixB/iC2/cb9x/QuMyBbW5fUBK
QcLCqse9SStlgXYyTpRkWM/z4I28uM5hv4oU8NRD9xPlJCjeebh7pSz1e3MrBziG
c0nca738bgJTOr8Rvd7cDySr3PYIstX4dzwnN51OrmlT77sJuNt8GqiT6kmMUe5m
Vq6WQw/jBs5fhqE0Lsg7gB2qwqPBCEeUaScReMbd3YoWIfzo6islbQ1R1QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFK8oyB697sYjh3Olyu0c1Vq+yXgSMB8GA1UdIwQY
MBaAFNgzv6AUuRkvJwCsr28nnb74oK/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEt
NWMwMTdiZDQzNjYzLzEvcnlqSUhyM3V4aU9IYzZYSzdSelZXcjdKZUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEtNWMwMTdiZDQzNjYz
LzEvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuUksAwQA
wiELAwQF1A3AMBQEAgACMA4DBQAgAQuoAwUAIAELqjANBgkqhkiG9w0BAQsFAAOC
AQEAxVSYEdiiKSJo/rdZXy2ILssWPqvi09edSiQ3f5G40sE//bwHaAbRqZ/ZdGnt
Gydy9ZaD/iCWYT49UD335APxg8Cmo4IUwBpBothKd+wL4b81FUnt5XiUY8RaFAxA
w5Ga+eTXFRcSuaQCT4FnRTCioG3jyiMSu3+5edafjrlya9t/6zAThIc/XUiFTHFh
cBa+DMdC9YIr922elNGtaTM0jZewCt+4G869lzkNJPTjjnxbNJUwuHrdnzDbGm2X
HF9WpGcygJdjrksgRYFIrUja1dUIsk5CxYFrhAeONk/11wZNL+gVRXbNALw249AJ
dDZYBe8A3hooc1oz2u/ZkMHlfQ==
-----END CERTIFICATE-----
Generated at Tue Nov 5 00:13:35 2024 by rpki-client on console-ams.rpki-client.org