Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/ZoquHxd4oYzGhLDJ17B6CR1nTiE.roa
File:                     ZoquHxd4oYzGhLDJ17B6CR1nTiE.roa (raw, json)
Hash identifier:          BmI8ezYMW/4bL+4CUAJv5rr6w5vFsiaTforw+bThOXM=
Subject key identifier:   66:8A:AE:1F:17:78:A1:8C:C6:84:B0:C9:D7:B0:7A:09:1D:67:4E:21
Certificate issuer:       /CN=16ea37a8e73e7679a933d70f7b9c872081024455
Certificate serial:       01856D53D72AD29E16CA64661D0D06C17FDA
Authority key identifier: 16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/ZoquHxd4oYzGhLDJ17B6CR1nTiE.roa
Signing time:             Sun 01 Jan 2023 12:34:49 +0000
ROA not before:           Sun 01 Jan 2023 12:34:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201227
IP address blocks:        194.59.171.0/24 maxlen: 24
                          185.81.96.0/24 maxlen: 24
                          185.81.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:d7:2a:d2:9e:16:ca:64:66:1d:0d:06:c1:7f:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16ea37a8e73e7679a933d70f7b9c872081024455
        Validity
            Not Before: Jan  1 12:34:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=668aae1f1778a18cc684b0c9d7b07a091d674e21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:2c:00:6d:6e:7c:10:c8:c0:20:63:66:6c:47:
                    20:30:df:57:4d:fc:69:1a:94:40:c1:a5:52:05:77:
                    86:fd:d7:d1:1e:ab:6a:3c:0e:be:2a:26:fe:37:f0:
                    56:43:3a:ee:64:c0:62:bf:f3:3a:d5:ca:ff:da:5c:
                    bb:dc:10:4b:22:be:8f:65:2a:62:d7:3f:60:80:87:
                    42:59:52:af:38:03:99:73:06:1d:27:ff:b3:45:27:
                    f6:1a:13:9e:fa:0c:fe:79:55:01:79:11:a2:53:d2:
                    9a:d9:6f:05:a9:58:b9:5c:39:b8:06:e8:6d:89:9f:
                    b2:f6:1f:c6:87:da:e4:ad:04:6e:0c:75:3f:d9:4d:
                    2f:c4:c1:16:aa:6c:48:18:e5:03:9d:0d:91:f6:ce:
                    7d:8a:47:62:67:15:8e:7e:f4:7f:61:82:d2:3e:41:
                    fc:dd:61:ab:28:e9:2b:e7:b2:d0:bb:76:74:28:93:
                    05:1a:b0:cc:2b:93:e9:9f:22:a9:44:95:6e:60:eb:
                    93:83:45:10:ef:9c:72:df:c2:53:e7:c6:f9:4d:c7:
                    b8:8e:53:16:96:07:4c:a3:23:ba:3f:ed:1f:39:93:
                    45:6d:d7:eb:87:2f:ed:3d:c6:c1:a8:3f:9f:d2:56:
                    19:12:b7:fe:a7:a7:98:19:e2:e6:93:13:17:11:4e:
                    8e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:8A:AE:1F:17:78:A1:8C:C6:84:B0:C9:D7:B0:7A:09:1D:67:4E:21
            X509v3 Authority Key Identifier:
                keyid:16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/ZoquHxd4oYzGhLDJ17B6CR1nTiE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Fuo3qOc-dnmpM9cPe5yHIIECRFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.96.0/24
                  185.81.99.0/24
                  194.59.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:26:1e:03:2d:00:d1:c1:2c:dc:81:aa:a1:19:08:ea:4b:b6:
         ac:fc:c4:88:0c:65:97:94:b5:b2:9c:41:b9:d1:25:ad:3c:f2:
         62:6e:86:e8:50:b1:ee:aa:0b:06:96:e6:d0:09:e0:c3:16:a3:
         10:7e:12:61:b2:e1:02:88:31:24:db:67:42:d1:62:b4:5f:19:
         56:0a:77:6c:ee:c8:6e:cb:84:72:d6:d8:fc:2e:2a:38:96:ab:
         4c:16:ec:18:4a:88:be:db:b8:ea:a2:41:cb:13:8c:1e:da:a0:
         fe:e1:37:f3:13:c8:6a:9d:13:9d:0e:c1:5a:e9:fe:3b:98:24:
         41:ad:44:ec:1b:4f:3a:0d:5b:f1:f9:36:65:31:d8:74:f5:6c:
         96:29:5e:67:d3:c0:e1:2d:38:2f:97:ea:8e:18:55:74:23:a9:
         c0:b5:1f:78:96:bc:61:6b:3d:97:48:b6:09:e1:35:ea:f4:a1:
         71:2d:44:c6:73:8d:d1:cd:8d:df:ac:70:6d:25:55:69:1e:52:
         d5:4c:a1:a4:1d:9a:5e:ca:8d:cf:68:75:8f:82:d2:0d:73:5a:
         6e:13:20:fc:a5:f9:69:ff:81:6f:5d:23:ef:91:ab:8a:f5:e6:
         68:aa:a1:75:6e:79:7a:75:3a:38:72:2f:7e:85:0e:b0:a6:67:
         fc:ea:2c:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtU9cq0p4WymRmHQ0GwX/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZWEzN2E4ZTczZTc2NzlhOTMzZDcwZjdiOWM4NzIwODEw
MjQ0NTUwHhcNMjMwMTAxMTIzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjhhYWUxZjE3NzhhMThjYzY4NGIwYzlkN2IwN2EwOTFkNjc0ZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmywAbW58EMjAIGNmbEcgMN9XTfxp
GpRAwaVSBXeG/dfRHqtqPA6+Kib+N/BWQzruZMBiv/M61cr/2ly73BBLIr6PZSpi
1z9ggIdCWVKvOAOZcwYdJ/+zRSf2GhOe+gz+eVUBeRGiU9Ka2W8FqVi5XDm4Buht
iZ+y9h/Gh9rkrQRuDHU/2U0vxMEWqmxIGOUDnQ2R9s59ikdiZxWOfvR/YYLSPkH8
3WGrKOkr57LQu3Z0KJMFGrDMK5PpnyKpRJVuYOuTg0UQ75xy38JT58b5Tce4jlMW
lgdMoyO6P+0fOZNFbdfrhy/tPcbBqD+f0lYZErf+p6eYGeLmkxMXEU6OUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGaKrh8XeKGMxoSwydewegkdZ04hMB8GA1UdIwQY
MBaAFBbqN6jnPnZ5qTPXD3uchyCBAkRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnVvM3FPYy1kbm1wTTljUGU1eUhJSUVDUkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My81MWNkOTQtYTA1NS00M2VlLWEwOWIt
NDcyYjBkMDcyZTgzLzEvWm9xdUh4ZDRvWXpHaExESjE3QjZDUjFuVGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My81MWNkOTQtYTA1NS00M2VlLWEwOWItNDcyYjBkMDcyZTgz
LzEvRnVvM3FPYy1kbm1wTTljUGU1eUhJSUVDUkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVFgAwQA
uVFjAwQAwjurMA0GCSqGSIb3DQEBCwUAA4IBAQANJh4DLQDRwSzcgaqhGQjqS7as
/MSIDGWXlLWynEG50SWtPPJiboboULHuqgsGlubQCeDDFqMQfhJhsuECiDEk22dC
0WK0XxlWCnds7shuy4Ry1tj8Lio4lqtMFuwYSoi+27jqokHLE4we2qD+4TfzE8hq
nROdDsFa6f47mCRBrUTsG086DVvx+TZlMdh09WyWKV5n08DhLTgvl+qOGFV0I6nA
tR94lrxhaz2XSLYJ4TXq9KFxLUTGc43RzY3frHBtJVVpHlLVTKGkHZpeyo3PaHWP
gtINc1puEyD8pflp/4FvXSPvkauK9eZoqqF1bnl6dTo4ci9+hQ6wpmf86ixD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:54 2024 by rpki-client on console-ams.rpki-client.org