Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/bdab9d-458b-4d6a-9d9b-aeec7a859c59/1/z2YIcoaa6hBewVwj9boRmXybWPI.roa
File:                     z2YIcoaa6hBewVwj9boRmXybWPI.roa (raw, json)
Hash identifier:          m1serkN9/zcti7MyjvayoHlK1y80c8dHO2pmb3nXlnQ=
Subject key identifier:   CF:66:08:72:86:9A:EA:10:5E:C1:5C:23:F5:BA:11:99:7C:9B:58:F2
Certificate issuer:       /CN=a61ada61202413cd8fca2f49742527ad021f9676
Certificate serial:       01856F021B9A9C86ACB348DD433830EC2165
Authority key identifier: A6:1A:DA:61:20:24:13:CD:8F:CA:2F:49:74:25:27:AD:02:1F:96:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/phraYSAkE82Pyi9JdCUnrQIflnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/bdab9d-458b-4d6a-9d9b-aeec7a859c59/1/z2YIcoaa6hBewVwj9boRmXybWPI.roa
Signing time:             Sun 01 Jan 2023 20:24:47 +0000
ROA not before:           Sun 01 Jan 2023 20:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     395651
IP address blocks:        185.38.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:1b:9a:9c:86:ac:b3:48:dd:43:38:30:ec:21:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a61ada61202413cd8fca2f49742527ad021f9676
        Validity
            Not Before: Jan  1 20:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf660872869aea105ec15c23f5ba11997c9b58f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:46:70:04:90:95:96:d3:0a:10:49:94:7f:42:
                    ac:48:90:d8:16:26:f0:39:c4:54:b9:b9:95:9e:c3:
                    9a:a1:b4:5f:38:79:ad:13:0c:96:5d:c5:07:1f:d2:
                    fb:d5:fc:13:42:63:ac:83:9f:70:eb:b5:5b:a4:7d:
                    a7:fb:1c:f2:7c:7b:38:fd:aa:ab:5d:ac:90:f4:32:
                    ce:83:0c:0e:de:2b:6c:42:7d:3e:57:ac:1a:ae:a5:
                    3a:f7:c7:31:1f:52:ed:e9:d9:26:86:ed:b7:f3:47:
                    c8:f8:bd:19:98:57:88:97:7d:81:64:9b:b0:27:e0:
                    08:85:3d:7a:ca:c3:ec:1b:e6:bd:23:4f:0c:89:01:
                    c1:56:d7:2f:c0:06:f4:24:6f:78:ed:f9:8b:89:16:
                    a4:27:09:06:44:42:5b:c6:03:80:30:bd:92:32:ce:
                    33:dc:d9:36:5a:ca:dc:58:7d:8e:d1:dc:d3:3e:81:
                    c7:40:cf:38:56:e2:25:d4:3a:77:98:8b:ce:78:8b:
                    f7:73:9d:ba:8b:5b:0e:5f:eb:a5:63:3e:22:ad:7f:
                    3f:2f:84:01:f9:3f:a7:30:d9:bb:4c:9e:13:89:3d:
                    39:e7:03:41:2f:3f:53:ca:a1:4f:fa:37:b7:23:24:
                    d8:7f:c2:32:c1:61:55:28:8e:e6:e0:f2:4c:40:6b:
                    a4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:66:08:72:86:9A:EA:10:5E:C1:5C:23:F5:BA:11:99:7C:9B:58:F2
            X509v3 Authority Key Identifier:
                keyid:A6:1A:DA:61:20:24:13:CD:8F:CA:2F:49:74:25:27:AD:02:1F:96:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/phraYSAkE82Pyi9JdCUnrQIflnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/bdab9d-458b-4d6a-9d9b-aeec7a859c59/1/z2YIcoaa6hBewVwj9boRmXybWPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/bdab9d-458b-4d6a-9d9b-aeec7a859c59/1/phraYSAkE82Pyi9JdCUnrQIflnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:03:42:dd:50:c5:11:7b:43:9c:ec:f7:a4:28:5c:d9:c2:65:
         2c:9a:64:8a:27:2a:eb:32:91:3b:66:af:2f:48:41:3e:a9:fa:
         fd:51:31:3e:3f:30:0f:e1:fd:94:94:a7:d8:b5:62:17:37:a9:
         ba:53:16:47:55:70:7c:07:b8:29:87:28:c6:8c:78:75:83:17:
         ca:4c:06:c4:1b:92:c1:59:29:21:b7:ec:18:50:61:f4:5b:a2:
         b8:5a:8a:68:76:be:a1:40:d4:e2:03:d0:47:ba:ac:89:0e:9e:
         f2:ef:e1:2e:87:d5:01:00:77:07:33:27:16:25:84:ac:68:25:
         86:ee:14:1a:d6:f2:7a:6e:41:71:d3:fa:f5:6b:88:f5:5b:ee:
         52:de:59:47:99:45:59:9e:e6:23:13:cc:45:52:ea:c3:90:44:
         86:18:7a:bf:6d:bb:7a:87:e6:aa:6f:8c:84:83:68:f8:dd:6c:
         50:b5:66:31:65:b6:a0:c4:52:8f:c3:b3:a5:1a:a5:1d:1d:a1:
         4d:ec:51:eb:c2:ff:59:9c:bc:31:29:6e:68:da:c0:b7:cd:e9:
         cd:83:36:a2:28:a4:e8:b9:81:7d:f2:e6:02:af:82:53:d6:32:
         cc:ea:b5:4c:3e:ef:02:d5:c4:b8:ee:b5:af:4c:38:bb:04:6b:
         a7:8b:0c:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAhuanIass0jdQzgw7CFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MWFkYTYxMjAyNDEzY2Q4ZmNhMmY0OTc0MjUyN2FkMDIx
Zjk2NzYwHhcNMjMwMTAxMjAyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjY2MDg3Mjg2OWFlYTEwNWVjMTVjMjNmNWJhMTE5OTdjOWI1OGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kZwBJCVltMKEEmUf0KsSJDYFibw
OcRUubmVnsOaobRfOHmtEwyWXcUHH9L71fwTQmOsg59w67VbpH2n+xzyfHs4/aqr
XayQ9DLOgwwO3itsQn0+V6warqU698cxH1Lt6dkmhu2380fI+L0ZmFeIl32BZJuw
J+AIhT16ysPsG+a9I08MiQHBVtcvwAb0JG947fmLiRakJwkGREJbxgOAML2SMs4z
3Nk2WsrcWH2O0dzTPoHHQM84VuIl1Dp3mIvOeIv3c526i1sOX+ulYz4irX8/L4QB
+T+nMNm7TJ4TiT055wNBLz9TyqFP+je3IyTYf8IywWFVKI7m4PJMQGukRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9mCHKGmuoQXsFcI/W6EZl8m1jyMB8GA1UdIwQY
MBaAFKYa2mEgJBPNj8ovSXQlJ60CH5Z2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGhyYVlTQWtFODJQeWk5SmRDVW5yUUlmbG5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iZGFiOWQtNDU4Yi00ZDZhLTlkOWIt
YWVlYzdhODU5YzU5LzEvejJZSWNvYWE2aEJld1Z3ajlib1JtWHliV1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iZGFiOWQtNDU4Yi00ZDZhLTlkOWItYWVlYzdhODU5YzU5
LzEvcGhyYVlTQWtFODJQeWk5SmRDVW5yUUlmbG5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSbxMA0G
CSqGSIb3DQEBCwUAA4IBAQCGA0LdUMURe0Oc7PekKFzZwmUsmmSKJyrrMpE7Zq8v
SEE+qfr9UTE+PzAP4f2UlKfYtWIXN6m6UxZHVXB8B7gphyjGjHh1gxfKTAbEG5LB
WSkht+wYUGH0W6K4Wopodr6hQNTiA9BHuqyJDp7y7+Euh9UBAHcHMycWJYSsaCWG
7hQa1vJ6bkFx0/r1a4j1W+5S3llHmUVZnuYjE8xFUurDkESGGHq/bbt6h+aqb4yE
g2j43WxQtWYxZbagxFKPw7OlGqUdHaFN7FHrwv9ZnLwxKW5o2sC3zenNgzaiKKTo
uYF98uYCr4JT1jLM6rVMPu8C1cS47rWvTDi7BGuniwwA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:36 2024 by rpki-client on console-ams.rpki-client.org