Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/23fb1a-a791-400c-a41a-48ceed5e438e/1/hhLkdtCK3gNsrAFqKHMbiPdpCmI.roa
File:                     hhLkdtCK3gNsrAFqKHMbiPdpCmI.roa (raw, json)
Hash identifier:          pWUVQ6OsISFqFLVYXblCfNGDZq7qU4QmH2NQLjfYtUk=
Subject key identifier:   86:12:E4:76:D0:8A:DE:03:6C:AC:01:6A:28:73:1B:88:F7:69:0A:62
Certificate issuer:       /CN=bf98e8170959b5e6018f602b3a7487b2d8028106
Certificate serial:       01856D41B22387324DFD2EE8E393F8D26123
Authority key identifier: BF:98:E8:17:09:59:B5:E6:01:8F:60:2B:3A:74:87:B2:D8:02:81:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v5joFwlZteYBj2ArOnSHstgCgQY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/23fb1a-a791-400c-a41a-48ceed5e438e/1/hhLkdtCK3gNsrAFqKHMbiPdpCmI.roa
Signing time:             Sun 01 Jan 2023 12:14:59 +0000
ROA not before:           Sun 01 Jan 2023 12:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47631
IP address blocks:        93.187.226.0/24 maxlen: 24
                          93.187.224.0/21 maxlen: 21
                          93.187.225.0/24 maxlen: 24
                          93.187.224.0/24 maxlen: 24
                          93.187.228.0/24 maxlen: 24
                          93.187.227.0/24 maxlen: 24
                          93.187.231.0/24 maxlen: 24
                          93.187.230.0/24 maxlen: 24
                          93.187.229.0/24 maxlen: 24
                          185.34.124.0/24 maxlen: 24
                          185.34.127.0/24 maxlen: 24
                          2a00:9460::/32 maxlen: 32
                          2a00:9461::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:41:b2:23:87:32:4d:fd:2e:e8:e3:93:f8:d2:61:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf98e8170959b5e6018f602b3a7487b2d8028106
        Validity
            Not Before: Jan  1 12:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8612e476d08ade036cac016a28731b88f7690a62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:94:25:ca:9e:4b:08:ff:30:11:8c:6c:98:52:
                    c5:2d:32:02:86:89:19:ff:8a:30:9f:bc:d1:58:96:
                    8d:19:96:53:d9:6f:f1:5a:e7:d2:52:58:75:79:04:
                    7d:3d:62:20:3f:61:90:9a:fa:5d:57:48:88:89:e7:
                    e8:8c:19:89:ee:4e:75:c4:c2:02:f3:2e:ae:21:5d:
                    d8:bc:95:ea:03:a6:9b:2d:a2:61:aa:f0:ee:47:4b:
                    e6:74:3b:41:38:e9:4e:e9:39:ed:e6:11:1e:48:34:
                    0b:c0:1a:e4:2b:08:c3:05:31:0c:32:95:e0:7a:11:
                    a5:e4:c5:79:64:4a:58:59:55:6d:ec:08:a2:bb:4b:
                    6e:de:72:2c:1f:3d:48:88:a1:11:09:37:97:2f:ba:
                    a2:52:df:b7:55:dc:1a:76:6b:fc:42:a7:b3:05:f5:
                    1d:26:3e:3e:e5:18:ac:9b:74:18:b5:c6:bc:a4:1e:
                    00:34:a5:15:95:92:4a:92:2c:cf:fc:95:9e:d3:e5:
                    7a:4c:29:08:a9:bd:d5:0a:47:73:f3:e7:0e:aa:0d:
                    d6:0c:f2:dd:b3:2a:82:52:43:c9:e8:f1:bc:63:13:
                    e5:09:ca:0a:9c:ea:48:66:53:3a:67:98:fb:c0:40:
                    13:e3:a4:2e:fb:39:b8:84:7a:29:b6:15:05:77:bb:
                    80:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:12:E4:76:D0:8A:DE:03:6C:AC:01:6A:28:73:1B:88:F7:69:0A:62
            X509v3 Authority Key Identifier:
                keyid:BF:98:E8:17:09:59:B5:E6:01:8F:60:2B:3A:74:87:B2:D8:02:81:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v5joFwlZteYBj2ArOnSHstgCgQY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/23fb1a-a791-400c-a41a-48ceed5e438e/1/hhLkdtCK3gNsrAFqKHMbiPdpCmI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/23fb1a-a791-400c-a41a-48ceed5e438e/1/v5joFwlZteYBj2ArOnSHstgCgQY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.187.224.0/21
                  185.34.124.0/24
                  185.34.127.0/24
                IPv6:
                  2a00:9460::/31

    Signature Algorithm: sha256WithRSAEncryption
         55:3a:8e:73:14:6c:dd:49:5e:97:59:59:da:26:41:3e:6d:83:
         fd:5e:73:11:66:9d:2f:c8:d5:13:e7:9d:2c:85:8d:c5:0e:c6:
         b2:3d:82:5c:e8:3d:8c:33:95:fb:28:61:f9:2d:54:9e:52:33:
         9f:00:51:b1:b5:78:c8:78:69:0b:45:71:ac:ac:a4:fe:6a:58:
         22:18:08:58:6f:e6:a5:17:1d:37:a3:68:f9:f2:f1:e6:38:32:
         12:d4:7b:17:ad:c2:89:da:8a:c1:dc:e8:3b:6d:5b:87:ce:d8:
         fa:90:db:93:6d:c6:21:cf:79:d6:17:8d:d7:af:18:3e:95:ca:
         58:b4:81:9b:77:cb:5f:96:89:bf:d6:28:e1:44:4a:0c:7b:20:
         56:df:3c:c3:c0:76:11:cb:4d:af:4d:85:72:a2:07:16:3c:40:
         f8:93:04:fc:31:13:36:53:f2:47:66:f5:e4:6b:e9:8a:4b:91:
         c3:b4:1b:18:82:80:6f:91:0c:c1:c2:e7:37:77:8a:0e:f3:38:
         c0:53:90:4d:2e:72:67:3c:90:a3:0b:85:77:ef:ca:22:ff:0b:
         2e:d7:43:d2:94:f2:31:c7:0b:63:c2:d6:67:dd:85:28:a6:4d:
         ea:21:a6:75:0f:71:b9:ae:00:7d:82:b3:74:88:54:34:46:f6:
         78:ff:f8:22
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtQbIjhzJN/S7o45P40mEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmOThlODE3MDk1OWI1ZTYwMThmNjAyYjNhNzQ4N2IyZDgw
MjgxMDYwHhcNMjMwMTAxMTIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjEyZTQ3NmQwOGFkZTAzNmNhYzAxNmEyODczMWI4OGY3NjkwYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5Qlyp5LCP8wEYxsmFLFLTIChokZ
/4own7zRWJaNGZZT2W/xWufSUlh1eQR9PWIgP2GQmvpdV0iIiefojBmJ7k51xMIC
8y6uIV3YvJXqA6abLaJhqvDuR0vmdDtBOOlO6Tnt5hEeSDQLwBrkKwjDBTEMMpXg
ehGl5MV5ZEpYWVVt7Aiiu0tu3nIsHz1IiKERCTeXL7qiUt+3Vdwadmv8QqezBfUd
Jj4+5Rism3QYtca8pB4ANKUVlZJKkizP/JWe0+V6TCkIqb3VCkdz8+cOqg3WDPLd
syqCUkPJ6PG8YxPlCcoKnOpIZlM6Z5j7wEAT46Qu+zm4hHopthUFd7uA3QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIYS5HbQit4DbKwBaihzG4j3aQpiMB8GA1UdIwQY
MBaAFL+Y6BcJWbXmAY9gKzp0h7LYAoEGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjVqb0Z3bFp0ZVlCajJBck9uU0hzdGdDZ1FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yM2ZiMWEtYTc5MS00MDBjLWE0MWEt
NDhjZWVkNWU0MzhlLzEvaGhMa2R0Q0szZ05zckFGcUtITWJpUGRwQ21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yM2ZiMWEtYTc5MS00MDBjLWE0MWEtNDhjZWVkNWU0Mzhl
LzEvdjVqb0Z3bFp0ZVlCajJBck9uU0hzdGdDZ1FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXbvgAwQA
uSJ8AwQAuSJ/MA0EAgACMAcDBQEqAJRgMA0GCSqGSIb3DQEBCwUAA4IBAQBVOo5z
FGzdSV6XWVnaJkE+bYP9XnMRZp0vyNUT550shY3FDsayPYJc6D2MM5X7KGH5LVSe
UjOfAFGxtXjIeGkLRXGsrKT+algiGAhYb+alFx03o2j58vHmODIS1HsXrcKJ2orB
3Og7bVuHztj6kNuTbcYhz3nWF43Xrxg+lcpYtIGbd8tflom/1ijhREoMeyBW3zzD
wHYRy02vTYVyogcWPED4kwT8MRM2U/JHZvXka+mKS5HDtBsYgoBvkQzBwuc3d4oO
8zjAU5BNLnJnPJCjC4V378oi/wsu10PSlPIxxwtjwtZn3YUopk3qIaZ1D3G5rgB9
grN0iFQ0RvZ4//gi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:59 2024 by rpki-client on console-fra.rpki-client.org