Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/kUuBY58VpycsMFO7L2ae-sRz8gQ.roa
File:                     kUuBY58VpycsMFO7L2ae-sRz8gQ.roa (raw, json)
Hash identifier:          +duUAt728PA9JVpJMhuLoKAmLO5W9K8CoZ71R3+XC10=
Subject key identifier:   91:4B:81:63:9F:15:A7:27:2C:30:53:BB:2F:66:9E:FA:C4:73:F2:04
Certificate issuer:       /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial:       018A1BD392F53DEDDF892093B2623E1BDFFC
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/kUuBY58VpycsMFO7L2ae-sRz8gQ.roa
Signing time:             Tue 22 Aug 2023 05:59:24 +0000
ROA not before:           Tue 22 Aug 2023 05:59:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398465
IP address blocks:        194.1.132.0/22 maxlen: 22
                          194.1.136.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 01 Sep 2023 06:58:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:1b:d3:92:f5:3d:ed:df:89:20:93:b2:62:3e:1b:df:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
        Validity
            Not Before: Aug 22 05:59:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=914b81639f15a7272c3053bb2f669efac473f204
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:cb:91:77:06:53:19:6b:d3:b1:c1:e6:a2:27:
                    91:f7:4c:d6:06:6b:7a:e6:90:01:6d:95:ad:61:bc:
                    89:90:c7:00:f2:f1:9e:77:90:00:ed:08:f9:4a:2e:
                    dc:77:1c:2b:55:84:41:cf:b7:92:2a:ed:58:83:05:
                    3f:da:9f:08:12:8f:16:fd:d4:43:59:92:c3:4d:50:
                    32:0d:d0:71:4d:36:6a:8c:54:47:9b:8a:b3:66:1b:
                    26:92:d8:0f:ab:a3:7d:d5:f0:2c:a1:0b:ff:c4:9e:
                    4e:c0:2b:9d:d1:96:29:73:3d:b4:87:b8:cb:a0:56:
                    12:d6:1c:10:6d:22:bc:d0:60:ea:b1:0a:3e:f8:f3:
                    bb:10:1c:a2:06:aa:ae:63:57:a3:fe:d8:5b:ae:39:
                    03:5f:9f:cf:79:0f:1a:9c:2f:26:27:df:a9:1f:d6:
                    3f:a2:0e:fc:e6:76:9d:82:17:47:40:53:c4:26:c8:
                    fc:b8:cc:12:a4:c4:ae:85:44:ce:7c:0a:c6:2f:3f:
                    ce:48:a8:df:0f:40:47:6f:12:20:18:54:43:01:bb:
                    ee:31:83:7c:8a:24:d1:13:66:38:fc:14:f8:e4:08:
                    e8:98:de:1b:ae:19:39:44:e9:a9:0c:d5:82:c6:1a:
                    9a:5c:67:b9:a2:5d:c1:44:a6:4f:51:ee:8c:27:dc:
                    74:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:4B:81:63:9F:15:A7:27:2C:30:53:BB:2F:66:9E:FA:C4:73:F2:04
            X509v3 Authority Key Identifier:
                keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/kUuBY58VpycsMFO7L2ae-sRz8gQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.1.132.0-194.1.139.255

    Signature Algorithm: sha256WithRSAEncryption
         89:50:5f:5a:f7:02:d0:a3:02:1d:38:27:36:1c:60:c1:32:40:
         b8:02:12:71:39:8e:f8:cc:30:df:2b:53:68:66:e5:3c:c9:7b:
         64:d5:8f:f1:90:8f:8a:8c:a5:83:9e:57:5c:72:57:ca:b6:4b:
         59:ed:67:17:af:bb:bd:1e:42:fd:b4:d1:ac:14:4f:88:8f:c0:
         a6:6d:58:a7:4e:8d:db:a3:5f:9d:3b:c1:aa:68:f1:30:ab:94:
         df:65:68:16:bf:eb:d9:91:d4:70:d7:16:2b:3a:8d:2d:be:15:
         38:a4:80:dd:11:90:65:35:e6:82:44:59:fa:6a:92:7f:97:5e:
         fd:2e:fb:37:f1:5a:93:a1:2f:15:95:e7:9e:33:02:4c:af:d6:
         1a:09:b5:bf:7e:6a:97:2f:d5:6f:49:48:8d:43:13:31:11:a0:
         e3:35:d4:5c:a6:61:f1:fa:3f:77:24:79:43:0f:b6:22:6c:48:
         0a:d9:44:19:db:77:d3:b0:a0:8f:ec:10:a0:16:a7:5b:9b:39:
         50:a9:e8:aa:7b:a7:1f:93:9f:65:5e:23:4f:64:f4:e7:a9:ff:
         a7:50:be:a8:d3:c9:51:11:c4:e5:62:e4:62:eb:63:eb:ba:6e:
         71:22:16:bb:aa:8c:7c:1d:7c:2f:84:a9:e5:38:11:63:24:3a:
         21:26:ae:6b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYob05L1Pe3fiSCTsmI+G9/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjMwODIyMDU1OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRiODE2MzlmMTVhNzI3MmMzMDUzYmIyZjY2OWVmYWM0NzNmMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicuRdwZTGWvTscHmoieR90zWBmt6
5pABbZWtYbyJkMcA8vGed5AA7Qj5Si7cdxwrVYRBz7eSKu1YgwU/2p8IEo8W/dRD
WZLDTVAyDdBxTTZqjFRHm4qzZhsmktgPq6N91fAsoQv/xJ5OwCud0ZYpcz20h7jL
oFYS1hwQbSK80GDqsQo++PO7EByiBqquY1ej/thbrjkDX5/PeQ8anC8mJ9+pH9Y/
og785nadghdHQFPEJsj8uMwSpMSuhUTOfArGLz/OSKjfD0BHbxIgGFRDAbvuMYN8
iiTRE2Y4/BT45AjomN4brhk5ROmpDNWCxhqaXGe5ol3BRKZPUe6MJ9x07QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJFLgWOfFacnLDBTuy9mnvrEc/IEMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEva1V1Qlk1OFZweWNzTUZPN0wyYWUtc1J6OGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCAYQD
BALCAYgwDQYJKoZIhvcNAQELBQADggEBAIlQX1r3AtCjAh04JzYcYMEyQLgCEnE5
jvjMMN8rU2hm5TzJe2TVj/GQj4qMpYOeV1xyV8q2S1ntZxevu70eQv200awUT4iP
wKZtWKdOjdujX507wapo8TCrlN9laBa/69mR1HDXFis6jS2+FTikgN0RkGU15oJE
Wfpqkn+XXv0u+zfxWpOhLxWV554zAkyv1hoJtb9+apcv1W9JSI1DEzERoOM11Fym
YfH6P3ckeUMPtiJsSArZRBnbd9OwoI/sEKAWp1ubOVCp6Kp7px+Tn2VeI09k9Oep
/6dQvqjTyVERxOVi5GLrY+u6bnEiFruqjHwdfC+EqeU4EWMkOiEmrms=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-fra.rpki-client.org