Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Zwc6DtI0EktGcvqS4xweGmo7Elw.roa
File:                     Zwc6DtI0EktGcvqS4xweGmo7Elw.roa (raw, json)
Hash identifier:          Iv30auT1zhJEkGSSNwbE0I+y8n0nqTW1m99sAC0bcbs=
Subject key identifier:   67:07:3A:0E:D2:34:12:4B:46:72:FA:92:E3:1C:1E:1A:6A:3B:12:5C
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       018570305FD2F2DEBDB675E6E699607C1952
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Zwc6DtI0EktGcvqS4xweGmo7Elw.roa
Signing time:             Mon 02 Jan 2023 01:54:56 +0000
ROA not before:           Mon 02 Jan 2023 01:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25539
IP address blocks:        195.56.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:5f:d2:f2:de:bd:b6:75:e6:e6:99:60:7c:19:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  2 01:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67073a0ed234124b4672fa92e31c1e1a6a3b125c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d6:69:bb:2b:d8:35:a2:53:79:f9:48:99:e1:
                    4e:9a:ca:69:40:75:7a:15:b0:be:dc:0a:87:ad:88:
                    4e:be:e8:9c:fe:16:3f:3b:17:96:c6:0d:01:04:7c:
                    c7:e6:b5:42:47:60:28:5c:be:b0:13:67:4d:e0:23:
                    1e:e3:87:f5:d7:c3:4e:3a:8e:3a:2d:12:8c:0a:b2:
                    7e:1e:87:45:77:26:93:88:85:ba:71:97:f2:91:09:
                    cc:de:f7:ac:a4:5f:d0:6c:59:53:a7:77:58:df:a6:
                    d0:86:14:48:e2:16:30:0e:c6:9b:16:dc:c2:9b:c9:
                    45:e9:c5:a2:e0:3a:1c:0a:d7:12:0c:f4:81:33:0a:
                    2a:e8:4d:5b:b4:99:90:5c:fa:f2:5c:2a:d4:fb:e0:
                    23:8b:68:fa:80:57:b0:9d:21:e3:92:c8:f7:68:05:
                    25:ab:3f:9b:86:cf:4b:e3:c3:4d:f1:c3:c7:ba:ff:
                    49:34:2c:b8:b4:24:f5:43:40:a9:43:b4:5f:f2:60:
                    87:b2:10:89:ab:43:96:59:6a:f4:ae:7e:2b:51:75:
                    11:5f:f1:7e:a6:be:d8:97:16:53:75:d5:a3:18:2c:
                    80:e0:d1:53:fa:0b:bd:fa:30:24:c2:fb:05:52:af:
                    75:f6:17:09:57:0b:73:c8:77:9c:50:cc:4f:22:4e:
                    c3:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:07:3A:0E:D2:34:12:4B:46:72:FA:92:E3:1C:1E:1A:6A:3B:12:5C
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Zwc6DtI0EktGcvqS4xweGmo7Elw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.56.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:f9:96:02:9e:99:f4:cb:ad:69:18:05:dd:4d:0a:18:59:a6:
         6a:21:88:76:3a:f9:66:55:62:cc:24:3c:03:57:3d:02:f1:14:
         11:3e:c0:7a:ee:0a:93:1f:c7:30:9f:b6:0d:c4:45:84:69:a8:
         46:32:59:e5:53:4d:36:16:67:bf:5c:94:9c:e8:a5:db:53:c5:
         e1:ae:4c:35:cf:7c:2f:70:92:c7:ce:30:d2:9b:b8:5b:7c:fb:
         f4:11:8a:b9:83:4a:8e:da:a0:6d:42:e4:d3:10:36:f7:cb:fe:
         26:73:aa:45:f2:a2:8e:1f:0c:8a:2f:c9:28:54:27:4a:31:07:
         4a:99:37:d8:a9:a0:44:3d:45:f2:c1:3d:55:24:92:dc:68:a3:
         93:62:8a:df:b4:f8:3c:65:30:df:72:99:dc:f0:a6:4f:d3:c5:
         54:71:02:6f:26:4a:33:75:12:88:87:b0:1f:e7:75:4f:7d:26:
         13:0e:85:b9:be:2b:7d:82:65:5c:01:6e:87:4e:d6:a4:8a:c5:
         57:99:97:03:15:5d:65:17:42:a8:be:8c:0f:2a:1b:55:2c:d1:
         0e:a8:29:13:33:3e:a7:1f:a2:0b:20:a5:a8:52:95:57:d2:26:
         88:68:72:fa:ee:15:07:b6:5f:a1:cf:de:05:ea:2c:4e:94:65:
         47:97:a0:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMF/S8t69tnXm5plgfBlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA3M2EwZWQyMzQxMjRiNDY3MmZhOTJlMzFjMWUxYTZhM2IxMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtZpuyvYNaJTeflImeFOmsppQHV6
FbC+3AqHrYhOvuic/hY/OxeWxg0BBHzH5rVCR2AoXL6wE2dN4CMe44f118NOOo46
LRKMCrJ+HodFdyaTiIW6cZfykQnM3vespF/QbFlTp3dY36bQhhRI4hYwDsabFtzC
m8lF6cWi4DocCtcSDPSBMwoq6E1btJmQXPryXCrU++Aji2j6gFewnSHjksj3aAUl
qz+bhs9L48NN8cPHuv9JNCy4tCT1Q0CpQ7Rf8mCHshCJq0OWWWr0rn4rUXURX/F+
pr7YlxZTddWjGCyA4NFT+gu9+jAkwvsFUq919hcJVwtzyHecUMxPIk7DowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcHOg7SNBJLRnL6kuMcHhpqOxJcMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvWndjNkR0STBFa3RHY3ZxUzR4d2VHbW83RWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzhEMA0G
CSqGSIb3DQEBCwUAA4IBAQCK+ZYCnpn0y61pGAXdTQoYWaZqIYh2OvlmVWLMJDwD
Vz0C8RQRPsB67gqTH8cwn7YNxEWEaahGMlnlU002Fme/XJSc6KXbU8Xhrkw1z3wv
cJLHzjDSm7hbfPv0EYq5g0qO2qBtQuTTEDb3y/4mc6pF8qKOHwyKL8koVCdKMQdK
mTfYqaBEPUXywT1VJJLcaKOTYorftPg8ZTDfcpnc8KZP08VUcQJvJkozdRKIh7Af
53VPfSYTDoW5vit9gmVcAW6HTtakisVXmZcDFV1lF0KovowPKhtVLNEOqCkTMz6n
H6ILIKWoUpVX0iaIaHL67hUHtl+hz94F6ixOlGVHl6Cb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org