Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/3HC8aV5JwN2BSJV9q1HOeiBt5uU.roa
File:                     3HC8aV5JwN2BSJV9q1HOeiBt5uU.roa (raw, json)
Hash identifier:          AXZaOXfSu3YIeyldvHhSnRwEhBEyv3LTATyL7IH8NhE=
Subject key identifier:   DC:70:BC:69:5E:49:C0:DD:81:48:95:7D:AB:51:CE:7A:20:6D:E6:E5
Certificate issuer:       /CN=b9d9305fcbd59cda4b68f888df6020485b74e982
Certificate serial:       0189F82BD037E8B6E4793DCF41E1B4F56493
Authority key identifier: B9:D9:30:5F:CB:D5:9C:DA:4B:68:F8:88:DF:60:20:48:5B:74:E9:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udkwX8vVnNpLaPiI32AgSFt06YI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/3HC8aV5JwN2BSJV9q1HOeiBt5uU.roa
Signing time:             Tue 15 Aug 2023 07:49:28 +0000
ROA not before:           Tue 15 Aug 2023 07:49:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12703
IP address blocks:        185.38.104.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f8:2b:d0:37:e8:b6:e4:79:3d:cf:41:e1:b4:f5:64:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d9305fcbd59cda4b68f888df6020485b74e982
        Validity
            Not Before: Aug 15 07:49:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dc70bc695e49c0dd8148957dab51ce7a206de6e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:32:32:ac:a7:cd:d2:ef:3b:47:a7:a6:5a:e2:
                    10:84:93:6d:f4:cc:9d:8b:d9:ae:ec:65:3e:32:10:
                    e9:06:2e:6f:32:d9:8a:75:4e:17:fa:a4:d6:14:01:
                    b9:23:53:e4:89:8c:cd:7a:62:f2:0f:36:05:c9:d5:
                    31:1f:16:83:7f:69:75:b9:9b:61:66:53:c5:0a:87:
                    74:b0:1c:77:61:a0:d0:43:09:a4:22:17:d8:e1:31:
                    ab:0f:62:ce:77:ac:c0:61:40:49:75:e5:2a:24:94:
                    87:a2:13:18:8d:79:4d:e6:91:c6:69:8f:02:a0:ff:
                    dc:ee:7f:02:df:42:40:5e:94:83:dd:a8:2d:f2:d4:
                    af:fb:6c:7f:5b:bd:dd:82:11:30:5a:ce:cb:80:9f:
                    a9:08:0c:5f:0d:14:ec:64:2e:ea:7e:a9:fb:56:d9:
                    b6:94:e2:e7:13:69:5c:3f:63:df:84:42:83:0d:78:
                    34:36:66:f8:49:e0:bc:1a:6e:bc:74:53:62:5d:75:
                    16:0a:0d:1d:23:c2:5c:fb:2f:95:0a:71:35:f5:3a:
                    37:74:6c:6e:e0:f2:2c:f5:eb:f6:90:67:eb:e0:1c:
                    d0:a0:19:c2:bc:2f:8f:a0:a6:9c:69:e7:16:0c:5a:
                    2a:bb:52:be:76:1b:a0:2d:10:71:ca:7b:4d:2f:53:
                    bf:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:70:BC:69:5E:49:C0:DD:81:48:95:7D:AB:51:CE:7A:20:6D:E6:E5
            X509v3 Authority Key Identifier:
                keyid:B9:D9:30:5F:CB:D5:9C:DA:4B:68:F8:88:DF:60:20:48:5B:74:E9:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udkwX8vVnNpLaPiI32AgSFt06YI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/3HC8aV5JwN2BSJV9q1HOeiBt5uU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/19f37b-446c-4910-9c6f-1d09c79b2540/1/udkwX8vVnNpLaPiI32AgSFt06YI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:d0:8b:41:06:96:86:59:a0:91:d6:f9:38:1c:46:52:02:41:
         6c:06:0c:70:73:bb:21:3e:c7:9f:68:a3:df:63:6a:b0:ee:10:
         d1:d2:dc:54:f5:8f:8b:2b:56:44:e1:4e:d3:49:9a:f3:e7:69:
         d8:35:b4:4e:ff:ae:34:87:c6:1e:5c:4d:e2:db:c8:ff:e5:c3:
         dc:ce:4b:96:32:9b:7a:73:56:d1:a4:b9:fe:ed:73:17:8e:e7:
         83:54:0b:64:11:a6:7c:85:68:7f:b0:f6:19:68:dc:d3:18:15:
         e8:a3:03:ec:d8:ed:20:ae:20:15:b9:2a:f3:6f:7b:7a:77:b4:
         df:ec:59:26:14:87:8d:07:3d:a3:e8:1f:b8:b7:80:34:90:eb:
         1d:51:9a:d3:5a:90:2c:47:ad:0b:b0:1c:8c:1c:22:4b:35:ab:
         42:9c:9a:2d:41:44:d1:d5:b2:be:44:a6:7d:d7:93:f3:57:cb:
         37:42:fe:79:19:68:17:c4:22:cd:e5:c0:27:d5:3c:45:6f:93:
         f9:bc:65:b5:a6:d3:1d:d7:a2:51:32:ff:02:a0:0b:2e:3a:1d:
         6e:3f:dc:9b:5e:6b:51:a0:53:ff:58:50:fa:3d:fd:34:a9:ca:
         27:ca:4b:ab:d4:f7:9e:73:06:53:7c:35:34:1f:7c:9f:c4:58:
         6f:d4:da:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn4K9A36LbkeT3PQeG09WSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDkzMDVmY2JkNTljZGE0YjY4Zjg4OGRmNjAyMDQ4NWI3
NGU5ODIwHhcNMjMwODE1MDc0OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzcwYmM2OTVlNDljMGRkODE0ODk1N2RhYjUxY2U3YTIwNmRlNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jIyrKfN0u87R6emWuIQhJNt9Myd
i9mu7GU+MhDpBi5vMtmKdU4X+qTWFAG5I1PkiYzNemLyDzYFydUxHxaDf2l1uZth
ZlPFCod0sBx3YaDQQwmkIhfY4TGrD2LOd6zAYUBJdeUqJJSHohMYjXlN5pHGaY8C
oP/c7n8C30JAXpSD3agt8tSv+2x/W73dghEwWs7LgJ+pCAxfDRTsZC7qfqn7Vtm2
lOLnE2lcP2PfhEKDDXg0Nmb4SeC8Gm68dFNiXXUWCg0dI8Jc+y+VCnE19To3dGxu
4PIs9ev2kGfr4BzQoBnCvC+PoKacaecWDFoqu1K+dhugLRBxyntNL1O/sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxwvGleScDdgUiVfatRznogbeblMB8GA1UdIwQY
MBaAFLnZMF/L1ZzaS2j4iN9gIEhbdOmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRrd1g4dlZuTnBMYVBpSTMyQWdTRnQwNllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xOWYzN2ItNDQ2Yy00OTEwLTljNmYt
MWQwOWM3OWIyNTQwLzEvM0hDOGFWNUp3TjJCU0pWOXExSE9laUJ0NXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xOWYzN2ItNDQ2Yy00OTEwLTljNmYtMWQwOWM3OWIyNTQw
LzEvdWRrd1g4dlZuTnBMYVBpSTMyQWdTRnQwNllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSZoMA0G
CSqGSIb3DQEBCwUAA4IBAQBx0ItBBpaGWaCR1vk4HEZSAkFsBgxwc7shPsefaKPf
Y2qw7hDR0txU9Y+LK1ZE4U7TSZrz52nYNbRO/640h8YeXE3i28j/5cPczkuWMpt6
c1bRpLn+7XMXjueDVAtkEaZ8hWh/sPYZaNzTGBXoowPs2O0griAVuSrzb3t6d7Tf
7FkmFIeNBz2j6B+4t4A0kOsdUZrTWpAsR60LsByMHCJLNatCnJotQUTR1bK+RKZ9
15PzV8s3Qv55GWgXxCLN5cAn1TxFb5P5vGW1ptMd16JRMv8CoAsuOh1uP9ybXmtR
oFP/WFD6Pf00qconykur1PeecwZTfDU0H3yfxFhv1Npq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:34 2024 by rpki-client on console-ams.rpki-client.org