Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0d919f-c0e6-4735-9802-99d5e07bae76/1/CM2N1iDaJw2L2W0VNZyz_ca0M84.roa
File:                     CM2N1iDaJw2L2W0VNZyz_ca0M84.roa (raw, json)
Hash identifier:          P1o5nyByW/8TCrLfaccY6rwrSkIFi7HkAbTrVIsLRMA=
Subject key identifier:   08:CD:8D:D6:20:DA:27:0D:8B:D9:6D:15:35:9C:B3:FD:C6:B4:33:CE
Certificate issuer:       /CN=dc8cb4a11cabac204adfb8a5b587e32fee4a1b55
Certificate serial:       01856F66D775D0BF194C8FED86CDD5A49172
Authority key identifier: DC:8C:B4:A1:1C:AB:AC:20:4A:DF:B8:A5:B5:87:E3:2F:EE:4A:1B:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Iy0oRyrrCBK37iltYfjL-5KG1U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/0d919f-c0e6-4735-9802-99d5e07bae76/1/CM2N1iDaJw2L2W0VNZyz_ca0M84.roa
Signing time:             Sun 01 Jan 2023 22:14:48 +0000
ROA not before:           Sun 01 Jan 2023 22:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204630
IP address blocks:        185.244.64.0/23 maxlen: 23
                          185.244.66.0/23 maxlen: 23
                          2a0d:4280::/48 maxlen: 48
                          2a0d:4280::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 03 Jul 2023 17:29:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:d7:75:d0:bf:19:4c:8f:ed:86:cd:d5:a4:91:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc8cb4a11cabac204adfb8a5b587e32fee4a1b55
        Validity
            Not Before: Jan  1 22:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=08cd8dd620da270d8bd96d15359cb3fdc6b433ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cb:7a:0a:3c:50:33:4f:62:52:13:6d:7f:77:
                    1a:e7:eb:0f:f7:df:ea:b7:36:c7:9d:8a:0f:0e:9f:
                    1b:87:1c:97:b8:1d:7d:6a:e8:3f:ce:9c:cd:74:71:
                    89:06:de:28:6d:0a:08:9d:f9:cb:c1:fd:49:06:94:
                    3c:56:29:65:c1:cf:ab:55:ea:da:c5:c5:35:3c:e9:
                    ba:68:df:14:1f:c0:54:95:b3:93:a5:98:23:fc:c4:
                    d6:6e:38:51:43:7f:93:9a:20:ec:fd:b6:9b:26:83:
                    84:92:e8:fd:a7:d9:d3:a7:40:c4:38:f6:96:66:a3:
                    d6:c5:88:85:78:4f:07:12:f2:59:0c:10:cd:27:51:
                    cc:45:5e:c0:57:a4:37:25:1e:c6:b9:a7:e0:ca:5c:
                    aa:9b:ea:b8:c8:9c:52:09:6b:46:35:0f:72:92:9f:
                    af:79:8d:6a:36:1e:d9:4e:a2:b2:b4:52:f2:7d:25:
                    4d:4d:7e:ff:9d:b1:37:50:aa:5d:0f:40:43:d5:e0:
                    8b:1f:96:e7:ff:35:5b:ea:6e:23:bf:4a:01:58:ec:
                    88:ee:d9:38:b1:18:a3:ee:9b:26:16:b3:0f:c8:1c:
                    60:88:c4:c2:7f:0c:20:e0:ac:64:f9:bf:a0:2a:a4:
                    68:9f:a1:3f:ed:ca:31:09:07:b1:f7:d0:94:40:bd:
                    1a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:CD:8D:D6:20:DA:27:0D:8B:D9:6D:15:35:9C:B3:FD:C6:B4:33:CE
            X509v3 Authority Key Identifier:
                keyid:DC:8C:B4:A1:1C:AB:AC:20:4A:DF:B8:A5:B5:87:E3:2F:EE:4A:1B:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Iy0oRyrrCBK37iltYfjL-5KG1U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0d919f-c0e6-4735-9802-99d5e07bae76/1/CM2N1iDaJw2L2W0VNZyz_ca0M84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0d919f-c0e6-4735-9802-99d5e07bae76/1/3Iy0oRyrrCBK37iltYfjL-5KG1U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.244.64.0/22
                IPv6:
                  2a0d:4280::/29

    Signature Algorithm: sha256WithRSAEncryption
         5a:f7:f4:44:5a:99:a4:b1:d3:4c:e6:a3:60:c3:d4:9b:91:a8:
         1e:5f:d3:ad:ad:f2:7f:45:a5:96:f1:65:17:80:4e:1a:73:c5:
         45:27:fd:76:fa:0b:4a:47:85:db:80:c9:f5:a6:62:fd:13:53:
         75:17:cb:13:d5:2f:4e:32:42:f8:93:c5:eb:87:44:9c:71:34:
         73:8a:9d:c4:bc:54:6f:5c:54:fb:40:03:19:a1:5c:de:66:b0:
         c5:29:c7:40:96:8d:8d:ac:92:6b:3d:02:ad:e1:99:a9:ea:cf:
         c2:6a:05:20:d4:e3:ce:ed:75:b8:bf:63:9a:4a:85:26:da:de:
         f5:e1:cf:14:b6:81:a6:17:24:06:2c:33:5d:90:ef:14:c4:e4:
         82:70:23:1c:e9:53:8b:1a:22:c0:de:7e:6d:ec:d4:b3:23:0c:
         8b:15:42:ee:68:bf:08:fc:ff:67:ff:7e:f9:ef:20:73:46:23:
         f8:6f:71:3c:d8:7a:b8:b0:a9:e5:cf:bb:a4:09:67:26:51:73:
         95:27:05:39:9e:45:0a:08:c3:a5:ae:66:a7:d9:56:e0:dd:5d:
         28:e0:92:ce:4e:3c:5d:83:02:51:19:00:0e:76:57:a3:a2:2e:
         f4:d4:dc:f8:61:21:e9:77:7d:bc:e1:fe:60:85:b8:1d:04:23:
         7c:e5:b2:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvZtd10L8ZTI/ths3VpJFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOGNiNGExMWNhYmFjMjA0YWRmYjhhNWI1ODdlMzJmZWU0
YTFiNTUwHhcNMjMwMTAxMjIxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGNkOGRkNjIwZGEyNzBkOGJkOTZkMTUzNTljYjNmZGM2YjQzM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtst6CjxQM09iUhNtf3ca5+sP99/q
tzbHnYoPDp8bhxyXuB19aug/zpzNdHGJBt4obQoInfnLwf1JBpQ8Villwc+rVera
xcU1POm6aN8UH8BUlbOTpZgj/MTWbjhRQ3+TmiDs/babJoOEkuj9p9nTp0DEOPaW
ZqPWxYiFeE8HEvJZDBDNJ1HMRV7AV6Q3JR7Guafgylyqm+q4yJxSCWtGNQ9ykp+v
eY1qNh7ZTqKytFLyfSVNTX7/nbE3UKpdD0BD1eCLH5bn/zVb6m4jv0oBWOyI7tk4
sRij7psmFrMPyBxgiMTCfwwg4Kxk+b+gKqRon6E/7coxCQex99CUQL0aJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAjNjdYg2icNi9ltFTWcs/3GtDPOMB8GA1UdIwQY
MBaAFNyMtKEcq6wgSt+4pbWH4y/uShtVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0l5MG9SeXJyQ0JLMzdpbHRZZmpMLTVLRzFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wZDkxOWYtYzBlNi00NzM1LTk4MDIt
OTlkNWUwN2JhZTc2LzEvQ00yTjFpRGFKdzJMMlcwVk5aeXpfY2EwTTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wZDkxOWYtYzBlNi00NzM1LTk4MDItOTlkNWUwN2JhZTc2
LzEvM0l5MG9SeXJyQ0JLMzdpbHRZZmpMLTVLRzFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufRAMA0E
AgACMAcDBQMqDUKAMA0GCSqGSIb3DQEBCwUAA4IBAQBa9/REWpmksdNM5qNgw9Sb
kageX9OtrfJ/RaWW8WUXgE4ac8VFJ/12+gtKR4XbgMn1pmL9E1N1F8sT1S9OMkL4
k8Xrh0SccTRzip3EvFRvXFT7QAMZoVzeZrDFKcdAlo2NrJJrPQKt4Zmp6s/CagUg
1OPO7XW4v2OaSoUm2t714c8UtoGmFyQGLDNdkO8UxOSCcCMc6VOLGiLA3n5t7NSz
IwyLFULuaL8I/P9n/3757yBzRiP4b3E82Hq4sKnlz7ukCWcmUXOVJwU5nkUKCMOl
rman2Vbg3V0o4JLOTjxdgwJRGQAOdlejoi701Nz4YSHpd3284f5ghbgdBCN85bJm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:19 2024 by rpki-client on console-fra.rpki-client.org