Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/ReYVN0YFaJPZdM38RF0XUmxgu5E.roa
File:                     ReYVN0YFaJPZdM38RF0XUmxgu5E.roa (raw, json)
Hash identifier:          scGHhAqawB7/i9zSqZTNQjpFIVIAF/mZln91DOFHnsM=
Subject key identifier:   45:E6:15:37:46:05:68:93:D9:74:CD:FC:44:5D:17:52:6C:60:BB:91
Certificate issuer:       /CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Certificate serial:       018CF23AFAE5C92BB23B6EDC17D30BDB1CF4
Authority key identifier: 5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/ReYVN0YFaJPZdM38RF0XUmxgu5E.roa
Signing time:             Wed 10 Jan 2024 07:16:40 +0000
ROA not before:           Wed 10 Jan 2024 07:16:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29298
IP address blocks:        188.65.232.0/22 maxlen: 22
                          188.65.238.0/23 maxlen: 23
                          185.23.230.0/24 maxlen: 24
                          185.23.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 12:41:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f2:3a:fa:e5:c9:2b:b2:3b:6e:dc:17:d3:0b:db:1c:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dc6245ca820899d7eb4140302c21041b5dbca06
        Validity
            Not Before: Jan 10 07:16:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=45e6153746056893d974cdfc445d17526c60bb91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:fc:24:91:21:65:ff:b6:5a:99:40:19:8d:e8:
                    40:dd:41:a3:07:9d:de:16:38:ac:8d:7d:d9:20:2e:
                    77:d7:02:bb:83:f9:fa:8f:d7:19:93:3f:1e:b2:5f:
                    22:bd:c5:9d:1a:42:f4:30:64:71:94:77:0c:ca:dc:
                    99:64:1b:e0:39:cc:df:b3:02:f1:f9:c5:bb:e6:ab:
                    cd:ac:e2:5d:a2:4e:6d:46:a7:6d:de:c7:97:33:80:
                    3e:49:45:06:fc:b0:05:f4:fd:14:cc:ca:64:25:2e:
                    e5:86:c6:3b:c8:92:8f:89:0a:a9:2b:ea:74:45:5b:
                    dd:58:50:3c:61:d9:f8:e9:81:8e:03:71:86:5f:82:
                    e9:b7:a3:1c:fe:ed:ba:3b:0d:0a:06:32:9c:b2:7a:
                    64:eb:38:ff:03:86:79:73:91:bd:0b:b7:a9:fb:0f:
                    fc:f0:17:eb:42:98:f0:38:7f:7f:01:28:91:cc:85:
                    a2:5f:ca:9b:d3:31:0d:c8:9c:ac:46:88:8c:2e:82:
                    e2:f5:33:53:9a:e6:69:e3:5e:3f:d2:d6:32:ac:45:
                    ef:6c:e4:4c:55:15:0f:fe:4f:18:b0:33:61:09:5c:
                    1d:a6:3f:c2:b6:29:f0:59:25:ba:fe:1e:9f:ac:ba:
                    e9:52:a7:a1:16:8b:5e:98:08:d7:5a:b0:11:ac:66:
                    6a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:E6:15:37:46:05:68:93:D9:74:CD:FC:44:5D:17:52:6C:60:BB:91
            X509v3 Authority Key Identifier:
                keyid:5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/ReYVN0YFaJPZdM38RF0XUmxgu5E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.23.230.0/23
                  188.65.232.0/22
                  188.65.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:09:dc:a9:17:37:13:d8:e3:0f:80:b5:22:8a:2a:19:8b:78:
         e5:27:ba:65:c8:0b:62:2d:68:05:e9:1b:c5:df:f7:ea:69:c4:
         8d:0d:55:69:33:fb:f5:d1:b4:a5:c7:47:f2:b2:1b:ef:ab:df:
         8a:ac:e7:e8:72:7a:d1:29:49:d1:3c:c2:a6:27:83:df:e9:ae:
         c0:60:16:d2:ff:80:b4:e2:b4:d3:af:a1:2d:84:f4:de:dc:b4:
         a3:7b:d8:a4:93:41:dc:84:15:29:30:39:c6:ea:cf:98:dc:35:
         c3:db:99:72:4c:94:9f:fb:0c:68:e5:84:bc:1a:63:56:a0:6e:
         b8:ea:2f:6c:a6:b8:0c:88:77:ac:27:ca:b0:62:0b:2b:8b:6f:
         fa:a0:fd:ef:f6:f4:3d:d2:d1:15:d8:29:cc:26:9d:b9:78:0e:
         af:d0:1d:6e:ce:f2:ea:e1:0b:09:42:9a:81:bf:41:29:f6:08:
         82:17:5f:47:ea:de:37:99:10:4b:7c:e5:01:3f:e1:46:14:b0:
         5f:18:a6:f3:9c:36:5b:b7:f2:d9:de:d2:39:d9:70:0c:31:eb:
         1b:d6:ea:e3:ec:80:97:e9:1b:d5:bd:86:b1:d1:a4:d1:73:6c:
         ec:dc:88:21:41:49:d4:12:c9:b9:06:95:d3:40:b8:6c:88:08:
         db:64:a9:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzyOvrlySuyO27cF9ML2xz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzYyNDVjYTgyMDg5OWQ3ZWI0MTQwMzAyYzIxMDQxYjVk
YmNhMDYwHhcNMjQwMTEwMDcxNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWU2MTUzNzQ2MDU2ODkzZDk3NGNkZmM0NDVkMTc1MjZjNjBiYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/wkkSFl/7ZamUAZjehA3UGjB53e
FjisjX3ZIC531wK7g/n6j9cZkz8esl8ivcWdGkL0MGRxlHcMytyZZBvgOczfswLx
+cW75qvNrOJdok5tRqdt3seXM4A+SUUG/LAF9P0UzMpkJS7lhsY7yJKPiQqpK+p0
RVvdWFA8Ydn46YGOA3GGX4Lpt6Mc/u26Ow0KBjKcsnpk6zj/A4Z5c5G9C7ep+w/8
8BfrQpjwOH9/ASiRzIWiX8qb0zENyJysRoiMLoLi9TNTmuZp414/0tYyrEXvbORM
VRUP/k8YsDNhCVwdpj/CtinwWSW6/h6frLrpUqehFotemAjXWrARrGZqJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEXmFTdGBWiT2XTN/ERdF1JsYLuRMB8GA1UdIwQY
MBaAFF3GJFyoIImdfrQUAwLCEEG128oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDkt
MDc0ZWQ3MGI0NjczLzEvUmVZVk4wWUZhSlBaZE0zOFJGMFhVbXhndTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDktMDc0ZWQ3MGI0Njcz
LzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuRfmAwQC
vEHoAwQBvEHuMA0GCSqGSIb3DQEBCwUAA4IBAQBBCdypFzcT2OMPgLUiiioZi3jl
J7plyAtiLWgF6RvF3/fqacSNDVVpM/v10bSlx0fyshvvq9+KrOfocnrRKUnRPMKm
J4Pf6a7AYBbS/4C04rTTr6EthPTe3LSje9ikk0HchBUpMDnG6s+Y3DXD25lyTJSf
+wxo5YS8GmNWoG646i9sprgMiHesJ8qwYgsri2/6oP3v9vQ90tEV2CnMJp25eA6v
0B1uzvLq4QsJQpqBv0Ep9giCF19H6t43mRBLfOUBP+FGFLBfGKbznDZbt/LZ3tI5
2XAMMesb1urj7ICX6RvVvYax0aTRc2zs3IghQUnUEsm5BpXTQLhsiAjbZKkX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:04 2024 by rpki-client on console-fra.rpki-client.org