Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/e4VKFlVJuSmAN_NmlDSNkyYvwRM.roa
File:                     e4VKFlVJuSmAN_NmlDSNkyYvwRM.roa (raw, json)
Hash identifier:          5c9AJpXZxQA5xkmxIPdsVyFPzC0omzezFtVlf47jMRE=
Subject key identifier:   7B:85:4A:16:55:49:B9:29:80:37:F3:66:94:34:8D:93:26:2F:C1:13
Certificate issuer:       /CN=45962ea566054656ef82aace2d71c76d1b0b88bb
Certificate serial:       01856F2FFCD1F3E810380E087D61969A7C84
Authority key identifier: 45:96:2E:A5:66:05:46:56:EF:82:AA:CE:2D:71:C7:6D:1B:0B:88:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZYupWYFRlbvgqrOLXHHbRsLiLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/e4VKFlVJuSmAN_NmlDSNkyYvwRM.roa
Signing time:             Sun 01 Jan 2023 21:14:53 +0000
ROA not before:           Sun 01 Jan 2023 21:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        130.193.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:2f:fc:d1:f3:e8:10:38:0e:08:7d:61:96:9a:7c:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45962ea566054656ef82aace2d71c76d1b0b88bb
        Validity
            Not Before: Jan  1 21:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b854a165549b9298037f36694348d93262fc113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:13:c5:3f:73:69:14:c3:dc:b2:c1:87:cf:72:
                    5b:bb:ce:84:42:23:02:d0:07:99:c5:1a:1d:15:e7:
                    4d:7c:b2:a7:9c:ca:a2:95:e8:0c:ae:56:ce:53:9d:
                    4c:8f:7c:e6:0e:87:b9:b3:21:e0:fa:6c:4f:93:69:
                    b1:57:ba:5b:47:2b:2d:42:6b:35:9e:9c:5a:05:04:
                    76:38:03:d4:4e:12:92:4b:04:67:b2:ab:76:71:65:
                    b0:37:b3:e4:f2:7d:2d:4e:2d:e0:3b:33:d0:6d:4a:
                    86:4c:81:c6:22:d3:74:9c:18:e3:f8:3a:e0:f8:96:
                    7b:4e:db:38:34:41:de:59:e9:79:06:cf:b5:82:b0:
                    47:3d:89:80:a0:d9:ed:4b:d0:7f:4b:2e:4c:c2:f7:
                    6d:eb:0d:28:f7:60:f2:9a:7a:9e:1d:5f:09:f8:02:
                    9d:6f:6f:0e:f4:c0:94:94:e8:d6:6c:a9:ce:b8:db:
                    df:bc:59:aa:6c:a6:1c:54:e3:e8:c9:74:8b:79:9c:
                    ab:16:12:da:18:45:6e:3a:93:21:48:76:c0:d9:e0:
                    2d:b7:92:6f:96:b3:53:09:77:b0:4a:ed:72:9d:b8:
                    3d:f4:33:92:12:b5:33:41:d8:f3:05:3f:54:70:24:
                    1e:81:7d:2d:43:ce:3a:43:75:b7:2a:9b:77:fe:f2:
                    11:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:85:4A:16:55:49:B9:29:80:37:F3:66:94:34:8D:93:26:2F:C1:13
            X509v3 Authority Key Identifier:
                keyid:45:96:2E:A5:66:05:46:56:EF:82:AA:CE:2D:71:C7:6D:1B:0B:88:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZYupWYFRlbvgqrOLXHHbRsLiLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/e4VKFlVJuSmAN_NmlDSNkyYvwRM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/RZYupWYFRlbvgqrOLXHHbRsLiLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.193.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:ed:a1:49:27:1e:37:09:a3:37:41:05:74:83:fb:49:ca:d5:
         1d:43:a1:9f:de:8f:c6:ea:72:b9:0d:f6:ef:48:27:1b:b7:45:
         1d:30:cc:30:e9:5b:ef:74:71:d4:5a:08:92:8e:fa:33:cd:b5:
         8f:60:83:23:b2:31:1d:4e:cc:90:b1:66:d8:e8:11:ac:38:a7:
         08:b7:b8:10:a3:5b:2b:f9:24:da:24:25:63:0d:3d:75:ef:80:
         fb:46:d8:ae:6e:46:07:54:fd:93:a2:72:16:12:9e:c8:77:c2:
         53:b8:86:fe:32:6a:aa:ee:f0:95:26:97:89:53:67:91:df:a9:
         1f:a5:10:cb:9d:79:af:2f:a1:c4:62:04:a7:63:03:24:01:05:
         d9:c0:c0:73:c3:cf:d0:1f:e2:ff:6e:bc:8d:d5:a5:92:a5:52:
         2f:65:32:d3:7f:5e:69:82:38:1a:b2:da:1e:94:22:9b:04:48:
         bf:56:aa:31:d6:89:0b:9d:89:76:b0:4c:b1:cd:c7:73:cb:98:
         7b:ee:1f:5c:b6:be:95:75:32:48:65:39:62:cf:bf:72:49:eb:
         aa:1d:77:19:ec:1b:97:63:5f:c0:7b:6f:a3:b0:40:2a:6d:f7:
         f6:a5:83:79:fa:b1:0c:53:6d:e0:44:b8:67:ca:af:a1:ae:2b:
         9f:14:b4:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvL/zR8+gQOA4IfWGWmnyEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OTYyZWE1NjYwNTQ2NTZlZjgyYWFjZTJkNzFjNzZkMWIw
Yjg4YmIwHhcNMjMwMTAxMjExNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjg1NGExNjU1NDliOTI5ODAzN2YzNjY5NDM0OGQ5MzI2MmZjMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghPFP3NpFMPcssGHz3Jbu86EQiMC
0AeZxRodFedNfLKnnMqilegMrlbOU51Mj3zmDoe5syHg+mxPk2mxV7pbRystQms1
npxaBQR2OAPUThKSSwRnsqt2cWWwN7Pk8n0tTi3gOzPQbUqGTIHGItN0nBjj+Drg
+JZ7Tts4NEHeWel5Bs+1grBHPYmAoNntS9B/Sy5Mwvdt6w0o92DymnqeHV8J+AKd
b28O9MCUlOjWbKnOuNvfvFmqbKYcVOPoyXSLeZyrFhLaGEVuOpMhSHbA2eAtt5Jv
lrNTCXewSu1ynbg99DOSErUzQdjzBT9UcCQegX0tQ846Q3W3Kpt3/vIRjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHuFShZVSbkpgDfzZpQ0jZMmL8ETMB8GA1UdIwQY
MBaAFEWWLqVmBUZW74Kqzi1xx20bC4i7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpZdXBXWUZSbGJ2Z3FyT0xYSEhiUnNMaUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xZWQzZTItYTA5Yy00OWMyLTk5Mjgt
YzVjMDgyYTMxM2Y3LzEvZTRWS0ZsVkp1U21BTl9ObWxEU05reVl2d1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xZWQzZTItYTA5Yy00OWMyLTk5MjgtYzVjMDgyYTMxM2Y3
LzEvUlpZdXBXWUZSbGJ2Z3FyT0xYSEhiUnNMaUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsECMA0G
CSqGSIb3DQEBCwUAA4IBAQBx7aFJJx43CaM3QQV0g/tJytUdQ6Gf3o/G6nK5Dfbv
SCcbt0UdMMww6VvvdHHUWgiSjvozzbWPYIMjsjEdTsyQsWbY6BGsOKcIt7gQo1sr
+STaJCVjDT1174D7RtiubkYHVP2TonIWEp7Id8JTuIb+Mmqq7vCVJpeJU2eR36kf
pRDLnXmvL6HEYgSnYwMkAQXZwMBzw8/QH+L/bryN1aWSpVIvZTLTf15pgjgastoe
lCKbBEi/Vqox1okLnYl2sEyxzcdzy5h77h9ctr6VdTJIZTliz79ySeuqHXcZ7BuX
Y1/Ae2+jsEAqbff2pYN5+rEMU23gRLhnyq+hriufFLRk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:07 2024 by rpki-client on console-fra.rpki-client.org