Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/CXGWlV7YDOQgHmVibsSagfmVSis.roa
File:                     CXGWlV7YDOQgHmVibsSagfmVSis.roa (raw, json)
Hash identifier:          TP8xf9gYWhSUc07DbvJWCLQH1DklltdW3GZKn30X2KY=
Subject key identifier:   09:71:96:95:5E:D8:0C:E4:20:1E:65:62:6E:C4:9A:81:F9:95:4A:2B
Certificate issuer:       /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial:       01867B31F7B3A83548B88E2EC97659A30BBA
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/CXGWlV7YDOQgHmVibsSagfmVSis.roa
Signing time:             Wed 22 Feb 2023 22:15:17 +0000
ROA not before:           Wed 22 Feb 2023 22:15:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62119
IP address blocks:        194.147.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7b:31:f7:b3:a8:35:48:b8:8e:2e:c9:76:59:a3:0b:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
        Validity
            Not Before: Feb 22 22:15:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=097196955ed80ce4201e65626ec49a81f9954a2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e5:09:ca:bf:4c:7d:82:af:5c:b6:87:5b:32:
                    7b:36:5f:ef:10:73:c7:1e:3f:e3:26:97:9d:e1:fa:
                    20:44:a4:d5:f3:9a:70:bb:54:96:59:38:a4:c5:89:
                    98:72:8b:cc:9e:c4:f7:b0:f7:d6:1b:6a:db:93:54:
                    11:12:ca:c4:78:69:70:7a:08:ba:71:b3:2e:d8:6c:
                    70:3c:35:5e:f5:d4:72:e8:f5:c3:a5:84:e0:54:60:
                    41:58:74:62:9f:52:b8:61:ed:ef:fc:42:7b:02:eb:
                    dc:d1:76:f3:c6:2e:24:cd:35:de:48:82:e5:d4:50:
                    96:0d:ab:c2:1d:30:bc:31:5f:83:ed:1b:89:ec:2f:
                    e2:e5:25:6c:04:8a:f2:d1:ca:b1:44:bd:49:3d:51:
                    c1:75:50:13:c1:81:f8:96:9e:00:f2:c0:86:15:8c:
                    99:78:53:de:0a:d6:19:fe:5a:42:01:67:dd:23:4b:
                    42:87:50:29:c3:24:d2:d4:7e:48:55:01:ad:37:32:
                    0a:ed:31:11:01:e0:54:0b:60:02:d5:5f:a1:0a:bf:
                    26:f0:cc:85:c9:61:de:16:2f:d2:36:ba:41:f1:bd:
                    2c:bd:74:e7:7b:8e:be:af:c0:a5:82:2f:95:cb:29:
                    82:a7:da:c4:ca:aa:7f:e6:9e:d3:ae:7c:64:a1:94:
                    39:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:71:96:95:5E:D8:0C:E4:20:1E:65:62:6E:C4:9A:81:F9:95:4A:2B
            X509v3 Authority Key Identifier:
                keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/CXGWlV7YDOQgHmVibsSagfmVSis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:71:a2:27:b4:d1:6c:0e:b4:ab:51:f7:a0:84:d5:c7:21:bc:
         c1:0c:93:b1:9e:df:a8:f6:34:7f:3a:11:0e:96:87:76:24:3f:
         71:7c:57:c3:89:71:e5:32:11:9d:f6:5e:f4:9a:ea:78:4b:72:
         8d:ec:d2:79:e4:22:00:af:b0:fb:34:3a:7f:0c:2f:68:eb:72:
         bc:3d:58:16:59:f8:04:b0:14:0b:fc:dd:44:9e:12:f6:f6:80:
         48:7a:00:f4:ea:59:0b:44:eb:57:45:5e:d3:28:12:f9:de:8d:
         df:83:f7:94:50:20:0a:ae:33:8b:21:c8:d6:59:0e:c9:69:41:
         17:a8:34:0d:47:f2:d7:bc:4f:21:1e:1c:1b:25:fd:1e:df:56:
         be:4a:ab:00:8c:00:16:ad:66:80:6b:42:b6:21:64:fe:b6:ab:
         0a:7f:ed:c7:db:f3:44:8d:0b:58:19:f6:8f:fe:f0:e2:cc:e9:
         55:2b:08:ab:f8:4a:ea:83:c0:1a:f0:c4:f7:45:d2:dd:e0:14:
         92:25:13:fa:67:a8:2e:ae:ac:b6:40:f2:ec:a5:77:fc:e6:75:
         15:96:9e:b7:39:17:f6:2e:9a:4e:70:8b:80:ba:1e:9e:4b:0f:
         7d:d4:97:13:2a:bf:27:0c:c0:60:b1:e1:f7:ec:ad:ee:9f:e1:
         94:32:c6:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ7MfezqDVIuI4uyXZZowu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwMjIyMjIxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTcxOTY5NTVlZDgwY2U0MjAxZTY1NjI2ZWM0OWE4MWY5OTU0YTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+UJyr9MfYKvXLaHWzJ7Nl/vEHPH
Hj/jJped4fogRKTV85pwu1SWWTikxYmYcovMnsT3sPfWG2rbk1QREsrEeGlwegi6
cbMu2GxwPDVe9dRy6PXDpYTgVGBBWHRin1K4Ye3v/EJ7Auvc0Xbzxi4kzTXeSILl
1FCWDavCHTC8MV+D7RuJ7C/i5SVsBIry0cqxRL1JPVHBdVATwYH4lp4A8sCGFYyZ
eFPeCtYZ/lpCAWfdI0tCh1ApwyTS1H5IVQGtNzIK7TERAeBUC2AC1V+hCr8m8MyF
yWHeFi/SNrpB8b0svXTne46+r8Clgi+VyymCp9rEyqp/5p7TrnxkoZQ5ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlxlpVe2AzkIB5lYm7EmoH5lUorMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvQ1hHV2xWN1lET1FnSG1WaWJzU2FnZm1WU2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpNhMA0G
CSqGSIb3DQEBCwUAA4IBAQBqcaIntNFsDrSrUfeghNXHIbzBDJOxnt+o9jR/OhEO
lod2JD9xfFfDiXHlMhGd9l70mup4S3KN7NJ55CIAr7D7NDp/DC9o63K8PVgWWfgE
sBQL/N1EnhL29oBIegD06lkLROtXRV7TKBL53o3fg/eUUCAKrjOLIcjWWQ7JaUEX
qDQNR/LXvE8hHhwbJf0e31a+SqsAjAAWrWaAa0K2IWT+tqsKf+3H2/NEjQtYGfaP
/vDizOlVKwir+Erqg8Aa8MT3RdLd4BSSJRP6Z6gurqy2QPLspXf85nUVlp63ORf2
LppOcIuAuh6eSw991JcTKr8nDMBgseH37K3un+GUMsbf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:35 2024 by rpki-client on console-ams.rpki-client.org