Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/ogS7zUARXEOBC3HG-4BZdByYH-w.roa
File:                     ogS7zUARXEOBC3HG-4BZdByYH-w.roa (raw, json)
Hash identifier:          aUxR3BThHmlGLFN6kX+PMmSRfGW2ID1K6+7P+xOhyZM=
Subject key identifier:   A2:04:BB:CD:40:11:5C:43:81:0B:71:C6:FB:80:59:74:1C:98:1F:EC
Certificate issuer:       /CN=d34403a30b313759af9626afd8d3d23805fcc80e
Certificate serial:       0186EEC36115877258E7E4DA6908B52C039E
Authority key identifier: D3:44:03:A3:0B:31:37:59:AF:96:26:AF:D8:D3:D2:38:05:FC:C8:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/00QDowsxN1mvliav2NPSOAX8yA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/ogS7zUARXEOBC3HG-4BZdByYH-w.roa
Signing time:             Fri 17 Mar 2023 08:50:27 +0000
ROA not before:           Fri 17 Mar 2023 08:50:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57454
IP address blocks:        178.217.235.0/24 maxlen: 24
                          2a0c:cd40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 25 May 2023 16:59:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ee:c3:61:15:87:72:58:e7:e4:da:69:08:b5:2c:03:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d34403a30b313759af9626afd8d3d23805fcc80e
        Validity
            Not Before: Mar 17 08:50:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a204bbcd40115c43810b71c6fb8059741c981fec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:48:78:f7:d7:bc:2e:33:de:e7:27:63:37:09:
                    cc:c3:6f:0c:b6:69:46:6f:f9:25:56:e2:5d:ad:3f:
                    39:29:bc:6c:26:42:75:fe:d4:98:a0:fd:1e:e5:7b:
                    0e:9a:31:86:76:e3:a9:05:47:e4:0f:47:80:86:55:
                    1c:a3:62:67:9c:e8:08:8d:d0:52:99:4f:4d:e8:73:
                    13:2d:ea:17:88:22:aa:71:e5:cb:f5:b4:21:dd:2d:
                    0c:60:24:e0:66:42:9e:54:71:06:ec:d1:07:67:93:
                    0d:ed:d4:85:31:de:55:08:ed:99:9d:59:cb:82:61:
                    56:fc:89:6e:c0:f9:0c:d8:1b:26:4c:3b:83:e7:d4:
                    70:27:68:58:c0:96:72:b3:55:e8:29:a7:87:ee:18:
                    95:21:bb:26:9a:af:cb:db:8d:a3:d1:c9:6c:2e:ce:
                    f2:f1:03:ab:32:c9:2b:a7:a3:b3:e0:ca:c7:0f:d2:
                    dd:54:a1:b1:a8:9e:d0:5f:71:b3:d1:a6:62:94:a4:
                    49:fb:b2:e8:12:8c:03:e8:48:14:d5:62:47:5c:ed:
                    7f:7f:3a:24:9e:5a:25:c5:1e:7d:54:54:ea:fb:4c:
                    2b:63:02:54:5a:30:a0:40:27:ea:99:af:c3:d0:fd:
                    f4:8d:c5:e3:64:0b:1e:41:d1:d6:d6:10:15:88:0a:
                    9d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:04:BB:CD:40:11:5C:43:81:0B:71:C6:FB:80:59:74:1C:98:1F:EC
            X509v3 Authority Key Identifier:
                keyid:D3:44:03:A3:0B:31:37:59:AF:96:26:AF:D8:D3:D2:38:05:FC:C8:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00QDowsxN1mvliav2NPSOAX8yA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/ogS7zUARXEOBC3HG-4BZdByYH-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/00QDowsxN1mvliav2NPSOAX8yA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.217.235.0/24
                IPv6:
                  2a0c:cd40::/29

    Signature Algorithm: sha256WithRSAEncryption
         16:f2:2c:15:25:c6:88:b5:9f:99:c0:dd:bf:b4:14:99:9e:cb:
         94:76:b0:f8:79:1e:10:83:c1:08:25:86:36:70:47:d0:8c:97:
         cb:e5:9d:6c:75:79:4b:34:86:11:b2:b1:2d:01:6a:ed:28:e1:
         8d:19:51:16:71:b2:85:cf:e5:c9:df:3e:9c:9b:99:fd:5f:01:
         83:92:2c:3f:2d:7a:9a:a0:ef:a4:19:a4:eb:fd:6c:3e:1d:50:
         b3:9a:0b:fa:95:62:c2:ee:ec:82:7e:79:62:67:44:e8:9d:47:
         0b:96:45:05:c9:6d:9c:98:bd:e1:05:49:c2:4e:04:85:3a:a1:
         1c:0c:57:2a:ae:37:5b:85:62:6f:82:b7:04:09:ba:a6:4e:f2:
         92:fb:cb:41:b8:73:1b:49:d0:b9:8a:e6:93:2b:fd:5a:08:f6:
         0e:01:70:21:7f:a0:8a:c8:10:19:9e:35:7c:48:4d:a1:c5:1c:
         a0:36:9a:98:c4:d4:35:1f:fb:4f:43:ef:a6:b5:bb:3b:c3:ff:
         d8:84:bd:01:ba:bf:7a:70:19:53:ac:d8:4f:85:c7:63:0f:0b:
         1e:8d:2f:40:3d:7d:7d:97:b9:db:47:eb:9f:65:bb:67:83:33:
         cf:f3:1c:67:52:42:d1:25:42:ea:76:d1:04:dc:5d:34:5b:9a:
         37:3b:30:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbuw2EVh3JY5+TaaQi1LAOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNDQwM2EzMGIzMTM3NTlhZjk2MjZhZmQ4ZDNkMjM4MDVm
Y2M4MGUwHhcNMjMwMzE3MDg1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA0YmJjZDQwMTE1YzQzODEwYjcxYzZmYjgwNTk3NDFjOTgxZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkh499e8LjPe5ydjNwnMw28MtmlG
b/klVuJdrT85KbxsJkJ1/tSYoP0e5XsOmjGGduOpBUfkD0eAhlUco2JnnOgIjdBS
mU9N6HMTLeoXiCKqceXL9bQh3S0MYCTgZkKeVHEG7NEHZ5MN7dSFMd5VCO2ZnVnL
gmFW/IluwPkM2BsmTDuD59RwJ2hYwJZys1XoKaeH7hiVIbsmmq/L242j0clsLs7y
8QOrMskrp6Oz4MrHD9LdVKGxqJ7QX3Gz0aZilKRJ+7LoEowD6EgU1WJHXO1/fzok
nlolxR59VFTq+0wrYwJUWjCgQCfqma/D0P30jcXjZAseQdHW1hAViAqdiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKIEu81AEVxDgQtxxvuAWXQcmB/sMB8GA1UdIwQY
MBaAFNNEA6MLMTdZr5Ymr9jT0jgF/MgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBRRG93c3hOMW12bGlhdjJOUFNPQVg4eUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81Njc4Y2QtZDc3Yi00NTYzLWFmZTMt
YjQwNTI3ZGQ0M2ZjLzEvb2dTN3pVQVJYRU9CQzNIRy00QlpkQnlZSC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81Njc4Y2QtZDc3Yi00NTYzLWFmZTMtYjQwNTI3ZGQ0M2Zj
LzEvMDBRRG93c3hOMW12bGlhdjJOUFNPQVg4eUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAstnrMA0E
AgACMAcDBQMqDM1AMA0GCSqGSIb3DQEBCwUAA4IBAQAW8iwVJcaItZ+ZwN2/tBSZ
nsuUdrD4eR4Qg8EIJYY2cEfQjJfL5Z1sdXlLNIYRsrEtAWrtKOGNGVEWcbKFz+XJ
3z6cm5n9XwGDkiw/LXqaoO+kGaTr/Ww+HVCzmgv6lWLC7uyCfnliZ0TonUcLlkUF
yW2cmL3hBUnCTgSFOqEcDFcqrjdbhWJvgrcECbqmTvKS+8tBuHMbSdC5iuaTK/1a
CPYOAXAhf6CKyBAZnjV8SE2hxRygNpqYxNQ1H/tPQ++mtbs7w//YhL0Bur96cBlT
rNhPhcdjDwsejS9APX19l7nbR+ufZbtngzPP8xxnUkLRJULqdtEE3F00W5o3OzDP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:16 2024 by rpki-client on console-ams.rpki-client.org