Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/woZXsOUiUSR7W5TZMmIyBDUIXrk.roa
File:                     woZXsOUiUSR7W5TZMmIyBDUIXrk.roa (raw, json)
Hash identifier:          kUbVJhzmeHN1yziWe4RAvNIOtr7rXnGKcqHixUNbEfM=
Subject key identifier:   C2:86:57:B0:E5:22:51:24:7B:5B:94:D9:32:62:32:04:35:08:5E:B9
Certificate issuer:       /CN=e1977859d071f7150837b2acb4353ff33efd831c
Certificate serial:       018CC803076D1182B6AC61CEAEFABA8F35AB
Authority key identifier: E1:97:78:59:D0:71:F7:15:08:37:B2:AC:B4:35:3F:F3:3E:FD:83:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4Zd4WdBx9xUIN7KstDU_8z79gxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/woZXsOUiUSR7W5TZMmIyBDUIXrk.roa
Signing time:             Tue 02 Jan 2024 02:31:30 +0000
ROA not before:           Tue 02 Jan 2024 02:31:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        193.221.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 11:48:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:03:07:6d:11:82:b6:ac:61:ce:ae:fa:ba:8f:35:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1977859d071f7150837b2acb4353ff33efd831c
        Validity
            Not Before: Jan  2 02:31:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c28657b0e52251247b5b94d93262320435085eb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:59:4f:a3:5d:50:5a:46:1c:54:7b:49:10:00:
                    3f:fe:40:7a:d8:df:5b:01:ef:8e:2a:76:be:40:c0:
                    20:89:0a:dc:87:50:c4:34:47:f7:e3:60:4c:d6:5f:
                    b8:2b:28:c2:8d:ad:de:00:84:eb:7b:23:61:2f:57:
                    0b:e5:79:4d:e0:c1:b5:e2:50:b4:ab:89:d7:70:97:
                    66:68:ed:64:1a:41:49:6a:aa:2a:1d:ed:10:fa:d1:
                    88:00:d5:21:ed:df:a2:7f:ac:2d:17:62:70:d5:f0:
                    f4:b1:14:5a:3a:d5:41:7c:0c:ac:76:b4:8c:26:04:
                    01:b1:dc:e4:37:5a:09:29:bb:36:bc:62:5b:4c:aa:
                    cb:cb:6e:50:4c:00:ac:c3:e5:34:21:a1:53:37:3d:
                    b4:4e:73:04:34:a0:7a:31:86:99:32:2b:99:3a:2f:
                    62:17:da:49:6f:c5:c9:3c:dc:00:ac:32:73:77:4b:
                    ef:87:4b:b4:a2:aa:8e:36:b8:41:56:25:b1:03:38:
                    8e:e7:23:f4:f7:b9:25:98:e8:a8:7b:9c:25:ff:dc:
                    92:ba:8b:e3:2e:64:d8:f3:f8:ee:bc:dd:57:09:54:
                    0a:0d:c2:9d:f8:53:d5:47:22:6d:4f:87:89:64:db:
                    81:92:55:db:d6:45:71:80:1d:23:c0:45:49:2d:da:
                    7b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:86:57:B0:E5:22:51:24:7B:5B:94:D9:32:62:32:04:35:08:5E:B9
            X509v3 Authority Key Identifier:
                keyid:E1:97:78:59:D0:71:F7:15:08:37:B2:AC:B4:35:3F:F3:3E:FD:83:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Zd4WdBx9xUIN7KstDU_8z79gxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/woZXsOUiUSR7W5TZMmIyBDUIXrk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9d7cd7-ee63-4886-8fe1-b5ce6b6fd4d1/1/4Zd4WdBx9xUIN7KstDU_8z79gxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.221.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:a2:7c:af:bd:d9:cb:06:52:0c:27:70:29:d2:8d:8a:22:e0:
         dc:ea:ba:95:40:fd:a1:dc:47:67:34:ac:78:af:1c:95:ba:86:
         4b:a1:6d:f6:f6:68:8d:6f:59:20:3f:20:61:11:47:af:0a:ca:
         fe:d7:67:93:dd:1c:b4:69:44:3d:22:2d:88:19:25:78:f7:71:
         f7:0d:ab:74:19:96:f0:33:62:5a:62:41:e3:08:51:53:e2:f9:
         68:2e:46:2c:f7:9e:ca:cb:5e:20:81:da:59:15:e5:1c:60:70:
         d1:bc:65:c6:b1:72:7b:0d:6e:46:56:9c:bd:28:e7:8c:d8:ea:
         49:87:5a:a4:eb:87:81:5f:ca:c6:16:13:b9:ed:74:cd:d2:d1:
         6d:a9:11:0d:3d:f7:f8:00:0d:d1:dc:a0:5c:7d:a0:d6:8d:cc:
         da:c7:2a:92:18:06:e0:0c:bb:81:cc:f0:2f:94:ca:58:74:92:
         64:c5:10:07:08:e5:6a:03:34:ca:17:7c:e7:bc:8f:bb:dc:22:
         cc:df:8d:c7:46:06:de:3e:34:8c:01:c2:f8:2c:e0:1a:f7:ab:
         b0:76:0e:be:a8:f0:16:9e:22:46:19:bc:7c:10:6c:89:9a:a4:
         d9:38:b9:f6:b6:e6:88:30:a0:ea:09:d6:5e:fa:7f:eb:0c:c9:
         de:a9:f2:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAwdtEYK2rGHOrvq6jzWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxOTc3ODU5ZDA3MWY3MTUwODM3YjJhY2I0MzUzZmYzM2Vm
ZDgzMWMwHhcNMjQwMTAyMDIzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjg2NTdiMGU1MjI1MTI0N2I1Yjk0ZDkzMjYyMzIwNDM1MDg1ZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1lPo11QWkYcVHtJEAA//kB62N9b
Ae+OKna+QMAgiQrch1DENEf342BM1l+4KyjCja3eAITreyNhL1cL5XlN4MG14lC0
q4nXcJdmaO1kGkFJaqoqHe0Q+tGIANUh7d+if6wtF2Jw1fD0sRRaOtVBfAysdrSM
JgQBsdzkN1oJKbs2vGJbTKrLy25QTACsw+U0IaFTNz20TnMENKB6MYaZMiuZOi9i
F9pJb8XJPNwArDJzd0vvh0u0oqqONrhBViWxAziO5yP097klmOioe5wl/9ySuovj
LmTY8/juvN1XCVQKDcKd+FPVRyJtT4eJZNuBklXb1kVxgB0jwEVJLdp71wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMKGV7DlIlEke1uU2TJiMgQ1CF65MB8GA1UdIwQY
MBaAFOGXeFnQcfcVCDeyrLQ1P/M+/YMcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFpkNFdkQng5eFVJTjdLc3REVV84ejc5Z3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85ZDdjZDctZWU2My00ODg2LThmZTEt
YjVjZTZiNmZkNGQxLzEvd29aWHNPVWlVU1I3VzVUWk1tSXlCRFVJWHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85ZDdjZDctZWU2My00ODg2LThmZTEtYjVjZTZiNmZkNGQx
LzEvNFpkNFdkQng5eFVJTjdLc3REVV84ejc5Z3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwd19MA0G
CSqGSIb3DQEBCwUAA4IBAQCGonyvvdnLBlIMJ3Ap0o2KIuDc6rqVQP2h3EdnNKx4
rxyVuoZLoW329miNb1kgPyBhEUevCsr+12eT3Ry0aUQ9Ii2IGSV493H3Dat0GZbw
M2JaYkHjCFFT4vloLkYs957Ky14ggdpZFeUcYHDRvGXGsXJ7DW5GVpy9KOeM2OpJ
h1qk64eBX8rGFhO57XTN0tFtqRENPff4AA3R3KBcfaDWjczaxyqSGAbgDLuBzPAv
lMpYdJJkxRAHCOVqAzTKF3znvI+73CLM343HRgbePjSMAcL4LOAa96uwdg6+qPAW
niJGGbx8EGyJmqTZOLn2tuaIMKDqCdZe+n/rDMneqfK8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:28 2024 by rpki-client on console-ams.rpki-client.org