Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/153fq72d_xiLyLuvS0ps4ml36KM.roa
File:                     153fq72d_xiLyLuvS0ps4ml36KM.roa (raw, json)
Hash identifier:          Bnp6iAiU1WIo6Lv30LTo+F+QCn24vZRb6eLv5UGvaxk=
Subject key identifier:   D7:9D:DF:AB:BD:9D:FF:18:8B:C8:BB:AF:4B:4A:6C:E2:69:77:E8:A3
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       01856B4A2069A11D2185979DC32DF0B1F12A
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/153fq72d_xiLyLuvS0ps4ml36KM.roa
Signing time:             Sun 01 Jan 2023 03:04:58 +0000
ROA not before:           Sun 01 Jan 2023 03:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8492
IP address blocks:        141.101.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 09:24:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:4a:20:69:a1:1d:21:85:97:9d:c3:2d:f0:b1:f1:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: Jan  1 03:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d79ddfabbd9dff188bc8bbaf4b4a6ce26977e8a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c3:ce:d1:27:6d:d9:30:38:56:b0:8b:d5:b3:
                    84:b5:f6:31:a4:81:f7:e9:eb:6e:7b:6e:0c:e4:0d:
                    2e:d2:c1:e6:53:03:73:19:1b:d0:23:88:74:7e:93:
                    98:7c:37:94:45:aa:bb:bf:f5:11:55:da:b0:08:4e:
                    09:7b:ab:16:22:9a:5f:ab:d5:8a:3f:06:df:92:eb:
                    d8:73:9f:22:9b:df:a2:fb:df:a0:91:d0:63:57:16:
                    51:e6:31:69:86:da:e5:7d:88:0a:af:76:2e:46:ec:
                    eb:b7:06:cb:4d:47:27:b3:fe:3f:1d:b5:72:c5:89:
                    a3:d9:82:fe:08:68:5e:34:e8:e4:68:64:ea:1f:92:
                    76:1f:d5:f9:80:02:22:ad:90:e8:3b:2c:fa:d4:91:
                    11:26:d7:50:32:de:9c:e8:1d:7b:4e:31:9c:1c:3a:
                    ee:02:4f:76:87:60:d0:62:9a:8f:fa:60:cd:c6:a4:
                    22:5d:16:f0:20:ff:da:0d:d2:92:a4:22:a8:e6:8a:
                    ae:63:45:c4:1c:0e:62:61:33:c6:fa:48:d9:72:43:
                    ec:56:7b:c6:1f:95:9b:c3:f9:ce:ef:a2:73:9f:0e:
                    2a:74:34:ea:cc:e0:ae:5f:b4:fd:da:31:76:64:aa:
                    42:8e:f4:79:25:4d:ef:fc:27:81:66:d5:b2:7f:3e:
                    25:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:9D:DF:AB:BD:9D:FF:18:8B:C8:BB:AF:4B:4A:6C:E2:69:77:E8:A3
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/153fq72d_xiLyLuvS0ps4ml36KM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.101.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:7b:86:58:83:4b:2d:71:11:9d:f8:9c:27:d8:3a:65:ca:46:
         36:3b:d2:dc:87:f3:31:c2:f0:1c:ef:56:d6:6b:0b:34:6c:55:
         64:10:f8:c8:71:16:73:07:5c:52:f5:3c:1d:48:bd:6d:f2:69:
         42:07:8b:16:5e:21:e8:80:73:e5:9c:1f:64:20:63:06:1a:1e:
         0b:37:d8:8c:44:99:e5:65:02:a3:a5:99:a6:36:d4:79:30:5d:
         bd:31:d8:9f:7d:07:bf:56:85:a6:92:56:67:72:af:30:5f:46:
         95:d8:d1:a2:56:f8:f0:43:da:2a:7b:de:5b:14:7f:53:2f:7d:
         04:c3:44:f9:f4:cd:72:33:7b:8f:03:f0:63:7e:c0:0d:57:8e:
         de:af:7e:75:3e:3c:0b:ae:5d:51:d4:40:3e:96:be:8c:0d:02:
         7b:1b:36:ad:6d:72:94:b6:bd:dc:32:3e:19:05:70:ae:24:db:
         63:c2:00:50:a7:d5:8c:fc:93:fc:0b:a0:63:39:13:d8:d5:75:
         d9:6f:e5:f2:f1:8c:8b:20:ca:16:59:d7:19:6e:62:e1:e4:b4:
         a9:de:f7:0e:9f:df:b5:de:47:65:66:4f:0a:0a:b8:5f:89:19:
         d6:59:e1:48:32:a8:40:36:c7:7d:7d:0c:43:b6:f2:31:14:d0:
         b1:37:33:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSiBpoR0hhZedwy3wsfEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzlkZGZhYmJkOWRmZjE4OGJjOGJiYWY0YjRhNmNlMjY5NzdlOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMPO0Sdt2TA4VrCL1bOEtfYxpIH3
6etue24M5A0u0sHmUwNzGRvQI4h0fpOYfDeURaq7v/URVdqwCE4Je6sWIppfq9WK
PwbfkuvYc58im9+i+9+gkdBjVxZR5jFphtrlfYgKr3YuRuzrtwbLTUcns/4/HbVy
xYmj2YL+CGheNOjkaGTqH5J2H9X5gAIirZDoOyz61JERJtdQMt6c6B17TjGcHDru
Ak92h2DQYpqP+mDNxqQiXRbwIP/aDdKSpCKo5oquY0XEHA5iYTPG+kjZckPsVnvG
H5Wbw/nO76Jznw4qdDTqzOCuX7T92jF2ZKpCjvR5JU3v/CeBZtWyfz4lHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNed36u9nf8Yi8i7r0tKbOJpd+ijMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvMTUzZnE3MmRfeGlMeUx1dlMwcHM0bWwzNktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWXHMA0G
CSqGSIb3DQEBCwUAA4IBAQDIe4ZYg0stcRGd+Jwn2DplykY2O9Lch/MxwvAc71bW
aws0bFVkEPjIcRZzB1xS9TwdSL1t8mlCB4sWXiHogHPlnB9kIGMGGh4LN9iMRJnl
ZQKjpZmmNtR5MF29MdiffQe/VoWmklZncq8wX0aV2NGiVvjwQ9oqe95bFH9TL30E
w0T59M1yM3uPA/BjfsANV47er351PjwLrl1R1EA+lr6MDQJ7GzatbXKUtr3cMj4Z
BXCuJNtjwgBQp9WM/JP8C6BjORPY1XXZb+Xy8YyLIMoWWdcZbmLh5LSp3vcOn9+1
3kdlZk8KCrhfiRnWWeFIMqhANsd9fQxDtvIxFNCxNzNF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org