Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/b7KmUALltHAh-1lONtbzyenxdas.roa
File:                     b7KmUALltHAh-1lONtbzyenxdas.roa (raw, json)
Hash identifier:          E5TN5mkd4WLrzi5S6eZ7SrhbHDJnKc9tbgHNteesaU8=
Subject key identifier:   6F:B2:A6:50:02:E5:B4:70:21:FB:59:4E:36:D6:F3:C9:E9:F1:75:AB
Certificate issuer:       /CN=330fe971b3e36b16a92be85f59985be45968b864
Certificate serial:       018572BA717CC25DFDCAAC34285E9C366DD3
Authority key identifier: 33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/b7KmUALltHAh-1lONtbzyenxdas.roa
Signing time:             Mon 02 Jan 2023 13:44:59 +0000
ROA not before:           Mon 02 Jan 2023 13:44:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        185.1.112.0/24 maxlen: 24
                          2001:7f8:83::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:71:7c:c2:5d:fd:ca:ac:34:28:5e:9c:36:6d:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=330fe971b3e36b16a92be85f59985be45968b864
        Validity
            Not Before: Jan  2 13:44:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6fb2a65002e5b47021fb594e36d6f3c9e9f175ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5d:f9:44:8f:e1:3a:7c:e0:a5:7a:23:07:5e:
                    d4:db:0c:f3:d8:3d:b8:86:49:42:f9:1c:4d:9d:b2:
                    06:86:a8:c3:3d:ee:50:a2:cd:84:ad:4e:27:cf:62:
                    42:f7:f2:ee:9b:92:35:72:b8:43:7b:0a:2e:07:d9:
                    31:6a:72:22:d2:88:c3:5a:3d:10:a0:e6:b9:f0:3a:
                    21:88:10:0c:86:59:df:07:34:47:c8:30:39:d6:8c:
                    46:58:b6:21:39:6c:a6:f9:79:d1:9b:80:f6:d1:5a:
                    4b:e7:98:1f:c9:3d:f2:9e:9d:b8:fc:c9:ab:91:01:
                    4e:b9:13:70:56:3a:da:cb:fe:3f:e1:f3:e7:7a:f8:
                    c5:23:d2:65:73:b9:df:82:2a:65:26:83:38:f8:7b:
                    a0:1e:79:77:b8:49:a8:c9:ef:67:27:bf:89:6a:89:
                    5c:60:c4:3f:06:79:bc:c6:7c:c0:65:fb:ed:7d:79:
                    86:2b:fa:c3:e3:5a:52:8c:e5:4c:c5:b2:5a:49:df:
                    c2:1a:82:1f:4b:3c:82:c0:6b:e0:c6:1e:69:d0:5a:
                    67:98:cb:f3:97:56:a0:6c:d5:ac:3b:40:7b:cd:36:
                    63:bf:a0:e1:c4:22:5f:78:ed:5c:6a:a8:8e:d9:c7:
                    f4:c8:d9:1d:39:e7:15:e8:ff:5f:33:fc:fc:f7:7a:
                    26:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:B2:A6:50:02:E5:B4:70:21:FB:59:4E:36:D6:F3:C9:E9:F1:75:AB
            X509v3 Authority Key Identifier:
                keyid:33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/b7KmUALltHAh-1lONtbzyenxdas.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.112.0/24
                IPv6:
                  2001:7f8:83::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:9c:49:57:6b:6c:a5:a4:df:b0:a9:6c:04:0c:53:d6:63:67:
         c3:81:52:4d:80:32:56:b0:b6:8b:28:4f:3e:a1:9f:e8:ea:c7:
         78:2e:81:4d:12:a1:89:5b:64:21:93:3c:55:06:cc:b4:5c:65:
         eb:6a:85:d1:97:60:48:67:ee:19:53:10:f6:88:41:f3:72:07:
         33:f5:35:0d:71:96:61:d0:11:cf:f6:98:8a:d2:00:b0:94:2c:
         5d:ad:04:5e:af:05:39:b0:12:ba:9b:fc:df:1e:d8:98:76:40:
         45:ee:7a:b4:6d:f2:bf:0f:0b:76:53:31:8e:62:ab:8e:d0:cc:
         65:f6:5e:3f:ef:27:5e:5f:fc:16:60:d1:26:c4:db:2a:76:d7:
         67:a2:8c:5a:8e:00:8c:8a:39:4f:a7:7b:0e:fd:5f:f2:ec:89:
         a4:22:0c:34:19:9f:83:1f:a6:a0:af:6d:d5:7d:58:5d:a5:40:
         a1:95:60:13:e3:f7:0a:55:b4:80:7d:c3:52:fb:ee:a8:ea:04:
         60:6b:b0:ce:95:d2:63:6a:b3:5b:00:9d:6d:23:6c:a3:5a:ab:
         d0:f5:81:85:5e:46:2d:9c:10:7c:a8:17:eb:1f:9d:0e:72:4b:
         ce:68:38:c1:99:16:fe:e8:ac:c1:1a:d2:f0:8a:09:68:82:5d:
         a8:c9:d6:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyunF8wl39yqw0KF6cNm3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMGZlOTcxYjNlMzZiMTZhOTJiZTg1ZjU5OTg1YmU0NTk2
OGI4NjQwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmIyYTY1MDAyZTViNDcwMjFmYjU5NGUzNmQ2ZjNjOWU5ZjE3NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu135RI/hOnzgpXojB17U2wzz2D24
hklC+RxNnbIGhqjDPe5Qos2ErU4nz2JC9/Lum5I1crhDewouB9kxanIi0ojDWj0Q
oOa58DohiBAMhlnfBzRHyDA51oxGWLYhOWym+XnRm4D20VpL55gfyT3ynp24/Mmr
kQFOuRNwVjray/4/4fPnevjFI9Jlc7nfgiplJoM4+HugHnl3uEmoye9nJ7+Jaolc
YMQ/Bnm8xnzAZfvtfXmGK/rD41pSjOVMxbJaSd/CGoIfSzyCwGvgxh5p0FpnmMvz
l1agbNWsO0B7zTZjv6DhxCJfeO1caqiO2cf0yNkdOecV6P9fM/z893ompQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG+yplAC5bRwIftZTjbW88np8XWrMB8GA1UdIwQY
MBaAFDMP6XGz42sWqSvoX1mYW+RZaLhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWIt
MTFlOWU5ZjAxMzQzLzEvYjdLbVVBTGx0SEFoLTFsT050Ynp5ZW54ZGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWItMTFlOWU5ZjAxMzQz
LzEvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFwMA8E
AgACMAkDBwAgAQf4AIMwDQYJKoZIhvcNAQELBQADggEBAJScSVdrbKWk37CpbAQM
U9ZjZ8OBUk2AMlawtosoTz6hn+jqx3gugU0SoYlbZCGTPFUGzLRcZetqhdGXYEhn
7hlTEPaIQfNyBzP1NQ1xlmHQEc/2mIrSALCULF2tBF6vBTmwErqb/N8e2Jh2QEXu
erRt8r8PC3ZTMY5iq47QzGX2Xj/vJ15f/BZg0SbE2yp212eijFqOAIyKOU+new79
X/LsiaQiDDQZn4MfpqCvbdV9WF2lQKGVYBPj9wpVtIB9w1L77qjqBGBrsM6V0mNq
s1sAnW0jbKNaq9D1gYVeRi2cEHyoF+sfnQ5yS85oOMGZFv7orMEa0vCKCWiCXajJ
1ss=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:52 2024 by rpki-client on console-fra.rpki-client.org