Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/obIuN_CbERePodnZ5jwGAu-kJWg.roa
File:                     obIuN_CbERePodnZ5jwGAu-kJWg.roa (raw, json)
Hash identifier:          Rwv9KHhdOdbmSPAPisIeiMYTEQDPeUiRROEFCF874RU=
Subject key identifier:   A1:B2:2E:37:F0:9B:11:17:8F:A1:D9:D9:E6:3C:06:02:EF:A4:25:68
Certificate issuer:       /CN=c59c41daf0092b703bc059ba1353f071ed12199b
Certificate serial:       018571F0DF9B7F685869EC4C49F32EB9D333
Authority key identifier: C5:9C:41:DA:F0:09:2B:70:3B:C0:59:BA:13:53:F0:71:ED:12:19:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZxB2vAJK3A7wFm6E1Pwce0SGZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/obIuN_CbERePodnZ5jwGAu-kJWg.roa
Signing time:             Mon 02 Jan 2023 10:04:49 +0000
ROA not before:           Mon 02 Jan 2023 10:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3303
IP address blocks:        195.8.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f0:df:9b:7f:68:58:69:ec:4c:49:f3:2e:b9:d3:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c59c41daf0092b703bc059ba1353f071ed12199b
        Validity
            Not Before: Jan  2 10:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1b22e37f09b11178fa1d9d9e63c0602efa42568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:42:19:e3:f8:52:aa:98:0d:1e:d2:a2:8b:d5:
                    9a:09:c4:91:2b:c6:38:f8:9f:b0:ec:5b:3b:cd:17:
                    7b:05:bb:bc:c0:92:b2:af:40:69:50:74:b2:eb:9c:
                    84:f1:06:18:10:bc:d0:b5:f7:b6:50:0a:c9:9d:9b:
                    3d:1d:92:b3:e5:f5:92:4c:0a:6d:53:d4:92:9a:51:
                    b2:a6:a9:32:13:ff:0b:33:91:66:a3:47:6b:47:de:
                    5c:1c:dd:91:99:a9:dc:7f:87:32:f8:b6:a4:1f:d8:
                    05:da:49:af:4c:ac:40:71:5a:7a:b9:31:11:42:be:
                    71:53:d2:91:45:ed:b5:52:e8:fa:f4:92:2d:ca:f1:
                    ac:0f:1d:3d:d8:3d:3e:52:ba:85:cb:0f:b7:db:86:
                    59:b9:a9:7a:cb:76:5d:7d:0b:2f:b3:14:7e:a1:de:
                    5b:83:49:76:81:86:75:7c:c0:8f:1b:f3:75:4e:d8:
                    7d:5e:0e:0d:39:a5:81:ff:6c:a2:a8:2f:16:d5:20:
                    a8:e3:57:86:de:7c:42:f7:85:4a:75:98:e2:4c:75:
                    23:d7:62:2e:ee:1b:bc:46:40:87:e5:34:62:d7:63:
                    28:6e:b6:77:ef:c7:d1:f9:81:3a:02:19:86:b5:44:
                    5b:ed:b2:e1:4b:ca:62:86:dd:e9:f6:45:dc:77:88:
                    7b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:B2:2E:37:F0:9B:11:17:8F:A1:D9:D9:E6:3C:06:02:EF:A4:25:68
            X509v3 Authority Key Identifier:
                keyid:C5:9C:41:DA:F0:09:2B:70:3B:C0:59:BA:13:53:F0:71:ED:12:19:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZxB2vAJK3A7wFm6E1Pwce0SGZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/obIuN_CbERePodnZ5jwGAu-kJWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/d54d2b-2126-4542-a5e4-c5493fe82e26/1/xZxB2vAJK3A7wFm6E1Pwce0SGZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.8.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:9b:13:d7:3c:fe:6e:9d:38:74:0f:85:a6:98:e0:fa:e8:31:
         bd:1d:45:27:de:be:e9:72:78:2f:00:5a:d9:8f:f2:40:70:9e:
         5b:ed:7d:b1:e6:38:f3:a3:d6:74:e4:8d:f6:e3:cb:64:00:d2:
         d8:d7:33:89:81:89:93:b0:6a:9a:d9:6a:f0:fc:5f:3e:36:f6:
         9c:b3:ee:88:b0:c6:e6:6d:8d:4e:d0:8c:34:e6:d0:cd:05:7e:
         63:52:0f:ee:f9:6d:e6:8f:c0:8f:83:07:1c:2d:f7:b0:e3:f8:
         fd:ff:89:52:64:31:4e:27:bf:0e:ae:06:1c:08:c3:e0:e9:94:
         b0:48:6b:2a:39:09:af:5a:1f:85:bc:22:68:fc:ef:42:d7:e7:
         01:58:ea:2f:d7:23:d7:02:5f:9d:3b:2f:ec:ce:ba:65:12:d7:
         96:dd:af:2f:f0:2a:e0:bc:99:e5:75:1a:ed:73:d7:db:b8:90:
         95:e7:36:20:59:3c:94:6b:51:09:0c:cd:e9:ca:d1:06:e5:9f:
         e0:a6:c3:1e:6b:1f:de:33:79:8a:ce:5f:0a:0f:4c:f4:18:2d:
         41:5a:ca:bc:25:c3:dd:1f:20:bb:56:f3:2b:a8:7c:f1:b7:db:
         8e:e7:a2:c4:2e:97:2a:24:ad:27:29:9f:a8:66:cf:d1:f4:94:
         0a:33:6f:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8N+bf2hYaexMSfMuudMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWM0MWRhZjAwOTJiNzAzYmMwNTliYTEzNTNmMDcxZWQx
MjE5OWIwHhcNMjMwMTAyMTAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWIyMmUzN2YwOWIxMTE3OGZhMWQ5ZDllNjNjMDYwMmVmYTQyNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEIZ4/hSqpgNHtKii9WaCcSRK8Y4
+J+w7Fs7zRd7Bbu8wJKyr0BpUHSy65yE8QYYELzQtfe2UArJnZs9HZKz5fWSTApt
U9SSmlGypqkyE/8LM5Fmo0drR95cHN2Rmancf4cy+LakH9gF2kmvTKxAcVp6uTER
Qr5xU9KRRe21Uuj69JItyvGsDx092D0+UrqFyw+324ZZual6y3ZdfQsvsxR+od5b
g0l2gYZ1fMCPG/N1Tth9Xg4NOaWB/2yiqC8W1SCo41eG3nxC94VKdZjiTHUj12Iu
7hu8RkCH5TRi12MobrZ378fR+YE6AhmGtURb7bLhS8piht3p9kXcd4h7UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGyLjfwmxEXj6HZ2eY8BgLvpCVoMB8GA1UdIwQY
MBaAFMWcQdrwCStwO8BZuhNT8HHtEhmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp4QjJ2QUpLM0E3d0ZtNkUxUHdjZTBTR1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kNTRkMmItMjEyNi00NTQyLWE1ZTQt
YzU0OTNmZTgyZTI2LzEvb2JJdU5fQ2JFUmVQb2RuWjVqd0dBdS1rSldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kNTRkMmItMjEyNi00NTQyLWE1ZTQtYzU0OTNmZTgyZTI2
LzEveFp4QjJ2QUpLM0E3d0ZtNkUxUHdjZTBTR1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwhsMA0G
CSqGSIb3DQEBCwUAA4IBAQBvmxPXPP5unTh0D4WmmOD66DG9HUUn3r7pcngvAFrZ
j/JAcJ5b7X2x5jjzo9Z05I3248tkANLY1zOJgYmTsGqa2Wrw/F8+Nvacs+6IsMbm
bY1O0Iw05tDNBX5jUg/u+W3mj8CPgwccLfew4/j9/4lSZDFOJ78OrgYcCMPg6ZSw
SGsqOQmvWh+FvCJo/O9C1+cBWOov1yPXAl+dOy/szrplEteW3a8v8CrgvJnldRrt
c9fbuJCV5zYgWTyUa1EJDM3pytEG5Z/gpsMeax/eM3mKzl8KD0z0GC1BWsq8JcPd
HyC7VvMrqHzxt9uO56LELpcqJK0nKZ+oZs/R9JQKM2+T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:07 2024 by rpki-client on console-fra.rpki-client.org