Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/690482-9dec-49f2-ab55-721d252f3526/1/ZhbKY68ZCP5dHLfPqad-MRy62b4.roa
File:                     ZhbKY68ZCP5dHLfPqad-MRy62b4.roa (raw, json)
Hash identifier:          6v3FFdYybVW3gSh+53zSwqUwkvNfzAe/5HfnY+CT1c8=
Subject key identifier:   66:16:CA:63:AF:19:08:FE:5D:1C:B7:CF:A9:A7:7E:31:1C:BA:D9:BE
Certificate issuer:       /CN=2abb5cd85f525302fd04ff2b6721862b204064d4
Certificate serial:       018B80301238D012AE33C124FACDFE578B0B
Authority key identifier: 2A:BB:5C:D8:5F:52:53:02:FD:04:FF:2B:67:21:86:2B:20:40:64:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Krtc2F9SUwL9BP8rZyGGKyBAZNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/690482-9dec-49f2-ab55-721d252f3526/1/ZhbKY68ZCP5dHLfPqad-MRy62b4.roa
Signing time:             Mon 30 Oct 2023 10:45:15 +0000
ROA not before:           Mon 30 Oct 2023 10:45:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13060
IP address blocks:        194.153.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:80:30:12:38:d0:12:ae:33:c1:24:fa:cd:fe:57:8b:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2abb5cd85f525302fd04ff2b6721862b204064d4
        Validity
            Not Before: Oct 30 10:45:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6616ca63af1908fe5d1cb7cfa9a77e311cbad9be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ff:3f:2f:17:f1:2c:cd:50:7f:56:88:f1:a4:
                    43:cd:a6:f0:b8:cd:a4:54:20:c3:d7:54:89:fd:a1:
                    e5:e7:c6:f4:d2:ac:b8:6a:25:8a:8d:c1:70:db:4e:
                    33:72:09:c2:7e:e7:2b:a6:af:60:8e:59:30:e5:93:
                    50:d5:ad:b1:e8:df:5d:e7:24:c7:23:99:77:f4:00:
                    d8:7d:f6:82:73:9a:2c:8c:61:72:c4:4f:e9:af:a6:
                    68:c6:dd:ab:29:5a:08:bb:51:28:7e:32:70:de:d7:
                    02:26:28:63:05:aa:7d:71:63:70:14:8d:bf:d0:51:
                    7e:6a:0f:c4:cc:84:81:cb:c3:48:a0:d2:58:f0:1f:
                    d7:a4:71:86:15:bc:13:75:08:90:83:9f:d6:0f:bc:
                    60:6d:f6:2b:9b:5c:58:46:53:b6:12:fa:83:9f:f0:
                    08:15:eb:d8:fb:15:37:69:79:04:e5:64:8f:af:e5:
                    ef:20:57:91:cc:39:41:8c:d1:74:b2:d8:5c:9d:04:
                    db:8c:90:65:a7:1a:27:46:3e:bd:d9:ff:49:3e:ff:
                    56:3b:73:ad:5b:95:0e:11:f4:e8:0a:39:4d:17:a4:
                    20:40:57:c4:ab:54:bf:38:3c:65:1f:04:8d:55:45:
                    43:55:1e:8d:f1:a9:2e:75:81:28:d9:3a:61:fb:1d:
                    51:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:16:CA:63:AF:19:08:FE:5D:1C:B7:CF:A9:A7:7E:31:1C:BA:D9:BE
            X509v3 Authority Key Identifier:
                keyid:2A:BB:5C:D8:5F:52:53:02:FD:04:FF:2B:67:21:86:2B:20:40:64:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Krtc2F9SUwL9BP8rZyGGKyBAZNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/690482-9dec-49f2-ab55-721d252f3526/1/ZhbKY68ZCP5dHLfPqad-MRy62b4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/690482-9dec-49f2-ab55-721d252f3526/1/Krtc2F9SUwL9BP8rZyGGKyBAZNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.153.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:e7:5b:79:a7:ff:a5:85:e7:0f:a0:2c:3c:a6:4d:32:7c:de:
         3b:4c:b8:34:21:eb:40:f0:63:24:11:4f:d3:c6:f3:3b:16:56:
         12:17:97:95:9e:41:23:b7:e8:c9:18:39:17:2f:2e:9a:cb:f7:
         27:2f:85:49:5c:bd:dd:a9:07:aa:51:d0:21:58:11:e9:59:c0:
         43:94:fa:90:a0:4e:56:70:30:35:33:20:50:b4:69:a3:a2:4a:
         5c:31:71:28:12:65:1e:c3:3e:47:f1:cc:fc:72:a0:80:ee:9d:
         c6:92:23:b0:91:37:42:22:29:c9:c1:e7:74:95:ff:59:ad:5e:
         d3:56:9c:98:34:b1:00:78:b9:0c:77:79:07:a8:b2:aa:f4:86:
         b0:25:b3:12:86:27:9d:9c:df:20:fa:62:ee:c5:b9:05:3a:ce:
         1c:e0:94:5c:f6:78:49:36:55:c6:53:ae:9f:a9:41:f7:ec:95:
         fd:77:59:32:af:d5:5f:d6:7d:23:2b:dc:ff:f3:63:b1:e6:ef:
         1e:b8:a8:9e:57:95:e9:a4:6b:c7:ea:17:0f:d0:ad:ac:77:51:
         c0:16:09:41:64:1f:bd:88:19:93:2d:e6:25:af:ab:11:17:da:
         f9:01:0d:ec:b1:f2:f0:31:64:08:48:64:22:03:98:e6:06:f9:
         58:38:b9:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuAMBI40BKuM8Ek+s3+V4sLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYmI1Y2Q4NWY1MjUzMDJmZDA0ZmYyYjY3MjE4NjJiMjA0
MDY0ZDQwHhcNMjMxMDMwMTA0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjE2Y2E2M2FmMTkwOGZlNWQxY2I3Y2ZhOWE3N2UzMTFjYmFkOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv8/LxfxLM1Qf1aI8aRDzabwuM2k
VCDD11SJ/aHl58b00qy4aiWKjcFw204zcgnCfucrpq9gjlkw5ZNQ1a2x6N9d5yTH
I5l39ADYffaCc5osjGFyxE/pr6Zoxt2rKVoIu1EofjJw3tcCJihjBap9cWNwFI2/
0FF+ag/EzISBy8NIoNJY8B/XpHGGFbwTdQiQg5/WD7xgbfYrm1xYRlO2EvqDn/AI
FevY+xU3aXkE5WSPr+XvIFeRzDlBjNF0sthcnQTbjJBlpxonRj692f9JPv9WO3Ot
W5UOEfToCjlNF6QgQFfEq1S/ODxlHwSNVUVDVR6N8akudYEo2Tph+x1RkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGYWymOvGQj+XRy3z6mnfjEcutm+MB8GA1UdIwQY
MBaAFCq7XNhfUlMC/QT/K2chhisgQGTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3J0YzJGOVNVd0w5QlA4clp5R0dLeUJBWk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi82OTA0ODItOWRlYy00OWYyLWFiNTUt
NzIxZDI1MmYzNTI2LzEvWmhiS1k2OFpDUDVkSExmUHFhZC1NUnk2MmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi82OTA0ODItOWRlYy00OWYyLWFiNTUtNzIxZDI1MmYzNTI2
LzEvS3J0YzJGOVNVd0w5QlA4clp5R0dLeUJBWk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpmDMA0G
CSqGSIb3DQEBCwUAA4IBAQAj51t5p/+lhecPoCw8pk0yfN47TLg0IetA8GMkEU/T
xvM7FlYSF5eVnkEjt+jJGDkXLy6ay/cnL4VJXL3dqQeqUdAhWBHpWcBDlPqQoE5W
cDA1MyBQtGmjokpcMXEoEmUewz5H8cz8cqCA7p3GkiOwkTdCIinJwed0lf9ZrV7T
VpyYNLEAeLkMd3kHqLKq9IawJbMShiednN8g+mLuxbkFOs4c4JRc9nhJNlXGU66f
qUH37JX9d1kyr9Vf1n0jK9z/82Ox5u8euKieV5XppGvH6hcP0K2sd1HAFglBZB+9
iBmTLeYlr6sRF9r5AQ3ssfLwMWQISGQiA5jmBvlYOLmy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:51 2024 by rpki-client on console-fra.rpki-client.org