Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/813kB9NuEETDkcJJX5hbMpz358o.roa
File:                     813kB9NuEETDkcJJX5hbMpz358o.roa (raw, json)
Hash identifier:          oXPB/3SHbvUpHtOS/5Vc6FNE6TlFD1R6aKws2vuKAik=
Subject key identifier:   F3:5D:E4:07:D3:6E:10:44:C3:91:C2:49:5F:98:5B:32:9C:F7:E7:CA
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0189CFF7EB3EBDEDAEEACD4A9A90A79025DB
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/813kB9NuEETDkcJJX5hbMpz358o.roa
Signing time:             Mon 07 Aug 2023 12:27:58 +0000
ROA not before:           Mon 07 Aug 2023 12:27:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        80.71.229.0/24 maxlen: 24
                          80.71.232.0/24 maxlen: 24
                          81.29.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 05:24:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:cf:f7:eb:3e:bd:ed:ae:ea:cd:4a:9a:90:a7:90:25:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Aug  7 12:27:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f35de407d36e1044c391c2495f985b329cf7e7ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:73:25:8a:4f:b0:bc:d4:66:c1:3b:0d:c4:f7:
                    45:d1:be:1b:8a:fe:bd:6c:9f:a6:d9:fa:ce:85:9d:
                    67:dc:69:48:be:fe:f4:00:fb:cf:99:e5:39:d0:b2:
                    9a:13:04:d8:c2:67:fb:7b:a1:6e:77:51:c3:ce:4f:
                    9e:56:a4:3c:ac:c1:a6:b4:97:b2:57:35:09:ee:09:
                    01:cd:f7:a8:4f:0b:0e:88:a4:b9:20:6b:1a:9a:32:
                    57:6e:2a:8a:33:03:d0:03:69:aa:b3:4e:5e:40:f7:
                    03:5c:a8:46:f9:ee:2e:6d:2c:bf:99:cb:e6:30:2e:
                    e3:9e:fe:dd:10:2a:47:60:01:80:4e:cc:e7:0f:f5:
                    0a:27:79:55:cb:f1:68:34:05:9e:4c:d8:f1:ba:eb:
                    ff:b2:b3:7e:d6:45:ce:88:95:20:31:50:f3:89:9a:
                    78:bb:ff:d9:a3:c8:fb:7e:ae:47:3f:ef:15:2a:d2:
                    3c:d4:1e:43:a6:dd:23:ec:c5:b8:0b:6f:30:49:af:
                    9b:f2:0a:4c:7f:02:a4:bb:33:15:1a:28:90:f8:92:
                    1a:ab:bc:f2:29:e4:e4:c6:06:8f:bd:3f:34:a1:5f:
                    58:72:3b:13:0b:e7:f8:d0:90:fb:da:45:1b:63:6b:
                    f9:22:43:06:4b:da:d8:3a:7d:89:f8:a4:fc:45:8f:
                    81:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:5D:E4:07:D3:6E:10:44:C3:91:C2:49:5F:98:5B:32:9C:F7:E7:CA
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/813kB9NuEETDkcJJX5hbMpz358o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.229.0/24
                  80.71.232.0/24
                  81.29.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:a1:f2:ab:ce:8b:ec:a6:91:b0:07:88:a1:aa:b6:26:8f:7f:
         d8:07:fc:28:72:03:00:01:4d:a7:bb:5a:ff:00:11:b3:6b:47:
         d2:78:97:c3:4a:e4:41:49:17:90:8a:45:b3:d2:50:29:b0:70:
         95:c0:02:95:f6:f0:f0:6b:ec:b8:1e:c9:64:d0:63:bc:d7:19:
         86:59:4f:41:96:f0:aa:30:6f:aa:50:51:5c:37:f8:c9:38:32:
         a4:e1:02:09:44:57:58:73:61:02:d3:a2:f2:c7:db:ac:33:b4:
         23:eb:de:0b:a5:82:12:58:e5:0a:df:e5:f6:12:84:54:d4:ea:
         18:9f:8d:01:2a:fa:b2:8e:ff:f1:e9:8e:f8:ac:9b:a9:2e:1c:
         62:29:48:32:b9:fc:55:ce:e8:18:02:a5:b4:25:90:12:c8:ce:
         ce:b8:a7:c2:fc:c8:b2:72:29:56:ae:c6:a6:c1:16:b5:d0:12:
         c3:38:c9:39:a8:f2:ae:91:59:79:7e:78:67:51:f9:c9:1c:bf:
         1b:25:d7:fe:9a:59:3e:3b:1a:88:fc:53:35:8c:fe:69:ce:01:
         ef:8e:54:4d:1a:e3:71:e6:23:ed:f3:b3:8b:77:4b:7a:db:07:
         fe:64:5c:db:53:78:19:4c:cc:d3:51:ce:af:c0:59:56:c6:6c:
         57:09:68:dd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnP9+s+ve2u6s1KmpCnkCXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwODA3MTIyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzVkZTQwN2QzNmUxMDQ0YzM5MWMyNDk1Zjk4NWIzMjljZjdlN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Mlik+wvNRmwTsNxPdF0b4biv69
bJ+m2frOhZ1n3GlIvv70APvPmeU50LKaEwTYwmf7e6Fud1HDzk+eVqQ8rMGmtJey
VzUJ7gkBzfeoTwsOiKS5IGsamjJXbiqKMwPQA2mqs05eQPcDXKhG+e4ubSy/mcvm
MC7jnv7dECpHYAGATsznD/UKJ3lVy/FoNAWeTNjxuuv/srN+1kXOiJUgMVDziZp4
u//Zo8j7fq5HP+8VKtI81B5Dpt0j7MW4C28wSa+b8gpMfwKkuzMVGiiQ+JIaq7zy
KeTkxgaPvT80oV9YcjsTC+f40JD72kUbY2v5IkMGS9rYOn2J+KT8RY+BdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNd5AfTbhBEw5HCSV+YWzKc9+fKMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvODEza0I5TnVFRVREa2NKSlg1aGJNcHozNThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEflAwQA
UEfoAwQAUR2dMA0GCSqGSIb3DQEBCwUAA4IBAQAyofKrzovsppGwB4ihqrYmj3/Y
B/wocgMAAU2nu1r/ABGza0fSeJfDSuRBSReQikWz0lApsHCVwAKV9vDwa+y4Hslk
0GO81xmGWU9BlvCqMG+qUFFcN/jJODKk4QIJRFdYc2EC06Lyx9usM7Qj694LpYIS
WOUK3+X2EoRU1OoYn40BKvqyjv/x6Y74rJupLhxiKUgyufxVzugYAqW0JZASyM7O
uKfC/MiycilWrsamwRa10BLDOMk5qPKukVl5fnhnUfnJHL8bJdf+mlk+OxqI/FM1
jP5pzgHvjlRNGuNx5iPt87OLd0t62wf+ZFzbU3gZTMzTUc6vwFlWxmxXCWjd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org