Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yAfx8IrdiJWeqOEe4iPjXWZMaPg.roa
File:                     yAfx8IrdiJWeqOEe4iPjXWZMaPg.roa (raw, json)
Hash identifier:          GF9HXR4lKWLde4P2UEl/+WEa3XJ53s0E3fIYIgnWJCU=
Subject key identifier:   C8:07:F1:F0:8A:DD:88:95:9E:A8:E1:1E:E2:23:E3:5D:66:4C:68:F8
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       01872DAC74E337C98E2B1C8113CC8A6B2C62
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yAfx8IrdiJWeqOEe4iPjXWZMaPg.roa
Signing time:             Wed 29 Mar 2023 14:01:29 +0000
ROA not before:           Wed 29 Mar 2023 14:01:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        80.71.231.0/24 maxlen: 24
                          80.71.233.0/24 maxlen: 24
                          80.71.236.0/24 maxlen: 24
                          80.71.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Apr 2023 16:54:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2d:ac:74:e3:37:c9:8e:2b:1c:81:13:cc:8a:6b:2c:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Mar 29 14:01:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c807f1f08add88959ea8e11ee223e35d664c68f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:4e:a6:67:30:7a:d2:68:21:05:7e:9d:fe:96:
                    a0:6d:33:73:2d:ae:29:95:7b:d8:58:e6:44:b2:68:
                    17:b0:7c:d1:ed:6d:5f:ee:6d:8f:55:b3:5e:48:b0:
                    e2:6f:cc:ea:e1:5a:06:92:5d:7d:24:84:ff:a0:a3:
                    3f:5f:2e:9b:cc:b0:14:c3:bb:cb:07:81:d6:83:c7:
                    d0:58:44:19:3b:4f:8b:87:ce:e3:39:60:b4:6f:f4:
                    fa:26:06:c0:14:01:6f:11:1f:de:ea:6d:fb:68:9b:
                    3c:77:ba:04:a8:e7:2e:79:2e:67:a5:ed:15:19:7e:
                    cf:b1:af:35:e8:71:25:eb:af:c3:6d:3f:5e:2a:2a:
                    50:b6:33:94:03:89:9b:f3:4a:ce:45:f0:9d:76:96:
                    5c:61:fe:49:a1:c3:2b:8e:9d:93:71:49:78:f5:bc:
                    f9:7c:38:13:ad:5c:fe:89:c8:84:69:32:c3:6d:03:
                    56:cb:87:77:39:0a:7f:cb:3e:ee:ab:de:0b:f2:d2:
                    46:7e:c6:b4:37:3e:68:e5:f0:85:10:0d:7b:8c:7a:
                    e8:9d:ac:aa:2d:df:4e:83:07:0a:09:1c:99:71:5f:
                    59:6b:97:f4:0b:34:b5:ba:ab:33:dd:45:ac:dd:ba:
                    31:85:63:a4:a1:f0:d7:5b:4f:a1:2e:fc:1f:22:5f:
                    73:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:07:F1:F0:8A:DD:88:95:9E:A8:E1:1E:E2:23:E3:5D:66:4C:68:F8
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yAfx8IrdiJWeqOEe4iPjXWZMaPg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.231.0/24
                  80.71.233.0-80.71.234.255
                  80.71.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:f9:58:d3:8f:9f:71:1d:fd:c6:e5:b3:a0:f1:84:93:6a:2b:
         99:c5:06:40:a9:f7:50:61:66:9f:4e:a8:36:99:04:82:f0:ad:
         61:43:4c:1b:bb:6d:b2:91:cf:74:02:95:b0:23:af:fd:7c:49:
         94:ec:c6:33:81:7e:c7:4f:0a:26:6b:20:aa:7c:cd:34:b9:a2:
         0c:06:08:ab:32:39:05:9b:aa:f0:de:79:02:d8:2d:1f:af:6d:
         d0:fb:68:07:ce:25:1d:a7:7f:c3:45:ab:62:bc:4f:cf:98:06:
         e8:e5:0f:08:e4:ef:d3:f2:27:a0:b3:b6:8c:ee:00:bd:ef:88:
         62:33:91:c2:64:32:1f:22:74:8c:ae:46:5e:7c:98:e3:71:ca:
         fa:5e:14:aa:78:43:5c:76:79:ab:eb:c2:74:7a:35:8b:13:26:
         25:d8:e8:3f:1c:73:91:58:62:a2:bb:95:bc:ae:6e:00:63:b2:
         a4:c7:02:b0:87:92:e8:66:9e:ef:7f:82:7a:55:86:12:86:8a:
         06:75:ca:eb:63:b6:f1:91:86:ef:7f:e9:f2:36:b4:89:29:25:
         ae:e9:df:d0:b9:c5:df:e8:67:d2:e3:d4:5c:30:7b:c3:0f:f1:
         b7:33:18:31:09:8c:f1:a4:d4:ff:20:89:63:30:59:1b:0f:10:
         ad:c3:02:cb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYctrHTjN8mOKxyBE8yKayxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMzI5MTQwMTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODA3ZjFmMDhhZGQ4ODk1OWVhOGUxMWVlMjIzZTM1ZDY2NGM2OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk6mZzB60mghBX6d/pagbTNzLa4p
lXvYWOZEsmgXsHzR7W1f7m2PVbNeSLDib8zq4VoGkl19JIT/oKM/Xy6bzLAUw7vL
B4HWg8fQWEQZO0+Lh87jOWC0b/T6JgbAFAFvER/e6m37aJs8d7oEqOcueS5npe0V
GX7Psa816HEl66/DbT9eKipQtjOUA4mb80rORfCddpZcYf5JocMrjp2TcUl49bz5
fDgTrVz+iciEaTLDbQNWy4d3OQp/yz7uq94L8tJGfsa0Nz5o5fCFEA17jHronayq
Ld9OgwcKCRyZcV9Za5f0CzS1uqsz3UWs3boxhWOkofDXW0+hLvwfIl9zSQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMgH8fCK3YiVnqjhHuIj411mTGj4MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEveUFmeDhJcmRpSldlcU9FZTRpUGpYV1pNYVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUEfnMAwD
BABQR+kDBABQR+oDBABQR+wwDQYJKoZIhvcNAQELBQADggEBACL5WNOPn3Ed/cbl
s6DxhJNqK5nFBkCp91BhZp9OqDaZBILwrWFDTBu7bbKRz3QClbAjr/18SZTsxjOB
fsdPCiZrIKp8zTS5ogwGCKsyOQWbqvDeeQLYLR+vbdD7aAfOJR2nf8NFq2K8T8+Y
BujlDwjk79PyJ6CztozuAL3viGIzkcJkMh8idIyuRl58mONxyvpeFKp4Q1x2eavr
wnR6NYsTJiXY6D8cc5FYYqK7lbyubgBjsqTHArCHkuhmnu9/gnpVhhKGigZ1yutj
tvGRhu9/6fI2tIkpJa7p39C5xd/oZ9Lj1Fwwe8MP8bczGDEJjPGk1P8giWMwWRsP
EK3DAss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org