Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/q2ekAv5beLsX8DmEOhJD0n4jjDk.roa
File:                     q2ekAv5beLsX8DmEOhJD0n4jjDk.roa (raw, json)
Hash identifier:          7RHat8n+Y+tPVRongdGSG4r5nk2xkmyXRs4B2ZWb1H0=
Subject key identifier:   AB:67:A4:02:FE:5B:78:BB:17:F0:39:84:3A:12:43:D2:7E:23:8C:39
Certificate issuer:       /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial:       018679264843514DFAAD57FB50AD6F0B0C04
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/q2ekAv5beLsX8DmEOhJD0n4jjDk.roa
Signing time:             Wed 22 Feb 2023 12:43:17 +0000
ROA not before:           Wed 22 Feb 2023 12:43:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210001
IP address blocks:        185.235.141.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 Mar 2023 17:40:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:79:26:48:43:51:4d:fa:ad:57:fb:50:ad:6f:0b:0c:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
        Validity
            Not Before: Feb 22 12:43:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ab67a402fe5b78bb17f039843a1243d27e238c39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:51:f6:6b:6c:38:e9:86:4e:dd:a3:69:7e:14:
                    88:f9:04:96:64:26:36:32:68:2a:68:11:75:2d:ba:
                    1b:6f:16:05:8f:cc:57:0b:ab:8f:ed:d3:99:9a:8c:
                    51:ca:2c:8a:cb:1a:bb:2d:06:e2:ac:29:78:51:1c:
                    26:22:79:8d:64:34:85:d7:33:ed:2e:06:f7:2c:9b:
                    71:a4:92:d1:97:87:e3:04:e6:b6:b4:4c:99:c2:e4:
                    f7:fe:e8:6f:ce:97:91:9d:ef:b5:15:94:7d:99:87:
                    f9:d2:18:9d:cf:5f:06:8a:7e:85:75:c7:49:32:9e:
                    f1:cd:7d:64:75:10:08:9f:26:37:f7:36:26:43:58:
                    e9:f6:f3:44:0a:9f:44:95:cb:3c:4e:bd:f2:25:c5:
                    81:e8:79:36:67:6b:2c:ee:52:0c:93:f9:ea:bb:ca:
                    ba:a1:7c:d3:04:30:52:5e:18:59:42:28:f7:c1:4c:
                    cb:d0:02:96:1b:3e:83:48:96:88:7e:e3:35:ac:ac:
                    dc:f5:a2:e2:45:7d:50:a2:77:3c:67:0c:40:e9:6c:
                    e9:82:54:ee:5d:51:ca:7f:db:ab:58:d7:34:e2:e4:
                    6f:45:58:3d:56:e3:6b:e6:87:73:40:11:cf:f0:21:
                    2d:d9:a9:d1:fa:22:79:bd:79:3e:ad:27:5a:93:3c:
                    7c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:67:A4:02:FE:5B:78:BB:17:F0:39:84:3A:12:43:D2:7E:23:8C:39
            X509v3 Authority Key Identifier:
                keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/q2ekAv5beLsX8DmEOhJD0n4jjDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.235.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:09:78:fa:d4:7a:4c:5e:7f:5b:cf:b3:25:80:62:33:21:0c:
         36:c4:36:45:c9:10:84:ba:90:97:43:e6:c4:8f:a2:01:47:b3:
         94:d9:0d:b2:f2:14:08:db:cd:89:fa:8b:b6:8d:8f:a7:93:6a:
         f2:fc:fd:49:e6:6f:64:2c:a7:17:ec:dc:eb:bc:a5:5f:2b:af:
         91:5e:9e:60:44:3c:2f:1d:b5:c9:24:88:d9:75:e1:1c:be:71:
         8a:7c:1c:87:cb:23:a4:9b:f8:a8:e7:df:c3:1f:e9:22:49:56:
         70:07:e0:fb:bf:2f:e5:47:70:f4:db:6d:6c:d5:ab:34:d6:5f:
         52:d8:ab:66:b8:90:aa:27:1b:c6:25:6d:09:b0:cf:99:86:68:
         23:12:18:42:e2:15:ea:4c:bc:67:39:7c:77:05:e6:06:06:0b:
         ba:10:5c:be:ab:dc:de:84:d3:9a:50:3e:6f:45:a9:5a:e8:ec:
         fe:d4:ad:39:e4:63:f0:79:fc:a7:10:99:b5:9c:e0:52:5f:6d:
         b0:2a:1b:e8:31:f3:38:ce:da:7e:69:d0:8d:9e:b9:a7:2d:08:
         b5:24:2b:e5:bb:cd:7c:2e:a4:16:e6:8f:1a:c3:ec:13:d0:7c:
         e8:1f:1d:c7:c0:fc:03:e9:4a:24:5f:fd:6a:10:57:3c:a7:04:
         7a:ac:a7:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ5JkhDUU36rVf7UK1vCwwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjMwMjIyMTI0MzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjY3YTQwMmZlNWI3OGJiMTdmMDM5ODQzYTEyNDNkMjdlMjM4YzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFH2a2w46YZO3aNpfhSI+QSWZCY2
MmgqaBF1LbobbxYFj8xXC6uP7dOZmoxRyiyKyxq7LQbirCl4URwmInmNZDSF1zPt
Lgb3LJtxpJLRl4fjBOa2tEyZwuT3/uhvzpeRne+1FZR9mYf50hidz18Gin6FdcdJ
Mp7xzX1kdRAInyY39zYmQ1jp9vNECp9Elcs8Tr3yJcWB6Hk2Z2ss7lIMk/nqu8q6
oXzTBDBSXhhZQij3wUzL0AKWGz6DSJaIfuM1rKzc9aLiRX1Qonc8ZwxA6WzpglTu
XVHKf9urWNc04uRvRVg9VuNr5odzQBHP8CEt2anR+iJ5vXk+rSdakzx8+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtnpAL+W3i7F/A5hDoSQ9J+I4w5MB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvcTJla0F2NWJlTHNYOERtRU9oSkQwbjRqakRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueuNMA0G
CSqGSIb3DQEBCwUAA4IBAQAxCXj61HpMXn9bz7MlgGIzIQw2xDZFyRCEupCXQ+bE
j6IBR7OU2Q2y8hQI282J+ou2jY+nk2ry/P1J5m9kLKcX7NzrvKVfK6+RXp5gRDwv
HbXJJIjZdeEcvnGKfByHyyOkm/io59/DH+kiSVZwB+D7vy/lR3D0221s1as01l9S
2KtmuJCqJxvGJW0JsM+ZhmgjEhhC4hXqTLxnOXx3BeYGBgu6EFy+q9zehNOaUD5v
Rala6Oz+1K055GPwefynEJm1nOBSX22wKhvoMfM4ztp+adCNnrmnLQi1JCvlu818
LqQW5o8aw+wT0HzoHx3HwPwD6UokX/1qEFc8pwR6rKfR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:27 2024 by rpki-client on console-ams.rpki-client.org