Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/oEkn9i2Jxz_PIQhLFXFT0i3PVHg.roa
File:                     oEkn9i2Jxz_PIQhLFXFT0i3PVHg.roa (raw, json)
Hash identifier:          VhgZJwAvnPRusXcxezXL0EFjTxbkC6M4Bi4hbonWYiE=
Subject key identifier:   A0:49:27:F6:2D:89:C7:3F:CF:21:08:4B:15:71:53:D2:2D:CF:54:78
Certificate issuer:       /CN=b9762db1282ffd084761232038f81f5d29e640d5
Certificate serial:       0188DC8BB76D7EF72CEADC85FA55F520FC08
Authority key identifier: B9:76:2D:B1:28:2F:FD:08:47:61:23:20:38:F8:1F:5D:29:E6:40:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uXYtsSgv_QhHYSMgOPgfXSnmQNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/oEkn9i2Jxz_PIQhLFXFT0i3PVHg.roa
Signing time:             Wed 21 Jun 2023 06:02:03 +0000
ROA not before:           Wed 21 Jun 2023 06:02:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.139.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 01 Jul 2023 20:39:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:dc:8b:b7:6d:7e:f7:2c:ea:dc:85:fa:55:f5:20:fc:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9762db1282ffd084761232038f81f5d29e640d5
        Validity
            Not Before: Jun 21 06:02:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a04927f62d89c73fcf21084b157153d22dcf5478
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b5:86:0b:fd:3d:85:31:1f:e2:4d:e2:2c:23:
                    49:dd:0d:c8:c8:b4:6b:57:4a:2d:ad:58:79:00:c1:
                    89:8f:83:1e:8f:ea:4e:8e:97:0e:83:73:8c:b5:4c:
                    09:28:38:cf:b9:77:80:66:d1:31:4e:ee:be:80:9e:
                    33:61:7b:f3:96:30:7f:6f:e2:61:54:31:e9:dc:43:
                    64:b2:f1:19:a8:d8:e8:d7:b7:56:1a:01:26:ac:e4:
                    ae:a1:8e:c7:98:4f:80:f8:71:2b:31:4f:36:74:32:
                    c3:28:a9:c5:71:94:c0:25:46:6a:ac:f2:bf:ad:ac:
                    50:f2:27:3e:2a:83:9a:33:df:9a:4d:bc:42:e5:b4:
                    22:93:c8:10:62:ff:6a:bc:b5:52:12:a0:0c:d1:70:
                    8a:55:e6:02:e5:be:7a:71:95:64:9f:4a:c7:47:6a:
                    71:00:cf:73:46:ba:75:49:04:33:c8:c2:39:fd:2a:
                    85:18:42:c9:6d:03:5e:75:1d:26:0b:cf:16:d3:23:
                    e5:19:87:83:6e:bc:d2:c2:fb:33:ff:b7:a2:f2:d0:
                    87:1e:4b:85:3b:76:da:97:e9:55:66:4e:f0:f8:45:
                    d3:1d:c5:9d:77:b6:53:2d:50:a6:3c:fa:51:1a:7c:
                    7b:61:77:ee:a2:4c:d0:5c:41:02:cb:bf:93:1c:f5:
                    76:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:49:27:F6:2D:89:C7:3F:CF:21:08:4B:15:71:53:D2:2D:CF:54:78
            X509v3 Authority Key Identifier:
                keyid:B9:76:2D:B1:28:2F:FD:08:47:61:23:20:38:F8:1F:5D:29:E6:40:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXYtsSgv_QhHYSMgOPgfXSnmQNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/oEkn9i2Jxz_PIQhLFXFT0i3PVHg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/f81915-405e-4b54-9cb4-70a556ba8a11/1/uXYtsSgv_QhHYSMgOPgfXSnmQNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.139.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:b3:0d:4d:cc:cd:a8:a9:3f:35:a1:a7:45:c2:2a:61:d7:e2:
         de:55:14:e8:c5:e3:d0:2c:1c:83:f3:99:d1:82:91:be:ab:ec:
         1f:ed:0a:8f:66:26:2b:68:65:85:08:cc:6c:ce:7a:4b:4a:9b:
         38:11:2e:a0:ee:dc:5e:95:3e:69:c7:8d:84:6c:39:cb:19:1a:
         2d:e9:d8:9f:bc:a2:d5:dc:28:8f:a6:46:89:b6:19:e9:b3:0a:
         53:56:bf:81:71:60:0c:b4:db:7a:12:9f:ac:80:6b:af:5f:6f:
         92:e3:ae:f4:31:cf:fb:1d:ea:92:30:e0:43:b9:8a:7c:0f:ed:
         37:f1:2f:6d:11:9b:b9:90:e0:02:29:c7:89:dd:32:78:20:20:
         6b:91:5a:8b:12:8c:3d:96:1c:b4:a6:e6:c0:a8:d7:9d:8d:c6:
         a0:c4:7e:b9:29:02:b2:9e:a6:14:30:1f:be:58:91:fe:52:e2:
         11:af:e9:04:28:ec:b4:3d:2f:29:2a:12:a0:41:2d:7f:b6:5b:
         8b:6f:e5:56:a6:2c:c7:de:c6:4b:2c:8c:f0:94:39:b7:0e:f6:
         20:c9:7d:e0:95:bd:9c:40:37:bf:5a:fe:f1:75:5a:78:4a:e3:
         87:4f:f4:e8:c7:71:0b:73:27:63:2c:31:90:53:8d:b4:41:e4:
         01:64:27:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjci7dtfvcs6tyF+lX1IPwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NzYyZGIxMjgyZmZkMDg0NzYxMjMyMDM4ZjgxZjVkMjll
NjQwZDUwHhcNMjMwNjIxMDYwMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ5MjdmNjJkODljNzNmY2YyMTA4NGIxNTcxNTNkMjJkY2Y1NDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbWGC/09hTEf4k3iLCNJ3Q3IyLRr
V0otrVh5AMGJj4Mej+pOjpcOg3OMtUwJKDjPuXeAZtExTu6+gJ4zYXvzljB/b+Jh
VDHp3ENksvEZqNjo17dWGgEmrOSuoY7HmE+A+HErMU82dDLDKKnFcZTAJUZqrPK/
raxQ8ic+KoOaM9+aTbxC5bQik8gQYv9qvLVSEqAM0XCKVeYC5b56cZVkn0rHR2px
AM9zRrp1SQQzyMI5/SqFGELJbQNedR0mC88W0yPlGYeDbrzSwvsz/7ei8tCHHkuF
O3bal+lVZk7w+EXTHcWdd7ZTLVCmPPpRGnx7YXfuokzQXEECy7+THPV2JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBJJ/Yticc/zyEISxVxU9Itz1R4MB8GA1UdIwQY
MBaAFLl2LbEoL/0IR2EjIDj4H10p5kDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhZdHNTZ3ZfUWhIWVNNZ09QZ2ZYU25tUU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mODE5MTUtNDA1ZS00YjU0LTljYjQt
NzBhNTU2YmE4YTExLzEvb0VrbjlpMkp4el9QSVFoTEZYRlQwaTNQVkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mODE5MTUtNDA1ZS00YjU0LTljYjQtNzBhNTU2YmE4YTEx
LzEvdVhZdHNTZ3ZfUWhIWVNNZ09QZ2ZYU25tUU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYsiMA0G
CSqGSIb3DQEBCwUAA4IBAQCmsw1NzM2oqT81oadFwiph1+LeVRToxePQLByD85nR
gpG+q+wf7QqPZiYraGWFCMxsznpLSps4ES6g7txelT5px42EbDnLGRot6difvKLV
3CiPpkaJthnpswpTVr+BcWAMtNt6Ep+sgGuvX2+S4670Mc/7HeqSMOBDuYp8D+03
8S9tEZu5kOACKceJ3TJ4ICBrkVqLEow9lhy0pubAqNedjcagxH65KQKynqYUMB++
WJH+UuIRr+kEKOy0PS8pKhKgQS1/tluLb+VWpizH3sZLLIzwlDm3DvYgyX3glb2c
QDe/Wv7xdVp4SuOHT/Tox3ELcydjLDGQU420QeQBZCce
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-fra.rpki-client.org