Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/DgPVnmfO-JZ_pl4JlnGwASZGgsI.roa
File:                     DgPVnmfO-JZ_pl4JlnGwASZGgsI.roa (raw, json)
Hash identifier:          EjNMeNdR7Ra9hbLz8SZ49xkrUheIa2E4li5HUHKp0bY=
Subject key identifier:   0E:03:D5:9E:67:CE:F8:96:7F:A6:5E:09:96:71:B0:01:26:46:82:C2
Certificate issuer:       /CN=ff56d837fe254fa92e1f3c2f861aa1e485521746
Certificate serial:       018573CCE9FE9FB0AEA6F1D07EA3E64069CA
Authority key identifier: FF:56:D8:37:FE:25:4F:A9:2E:1F:3C:2F:86:1A:A1:E4:85:52:17:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/DgPVnmfO-JZ_pl4JlnGwASZGgsI.roa
Signing time:             Mon 02 Jan 2023 18:44:47 +0000
ROA not before:           Mon 02 Jan 2023 18:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57039
IP address blocks:        94.143.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:cc:e9:fe:9f:b0:ae:a6:f1:d0:7e:a3:e6:40:69:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff56d837fe254fa92e1f3c2f861aa1e485521746
        Validity
            Not Before: Jan  2 18:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e03d59e67cef8967fa65e099671b001264682c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:1f:5b:13:92:8e:c2:dd:0e:3b:23:c0:cd:e9:
                    81:63:d6:9b:44:cc:84:fb:f1:78:af:26:f6:53:25:
                    3b:d0:3d:39:a8:27:b2:68:63:0a:d8:43:15:01:71:
                    af:d7:b1:b3:7f:06:4b:56:36:22:be:c0:3a:ca:7c:
                    d9:f1:5d:83:4d:01:56:7f:19:9a:74:05:86:9d:2f:
                    71:e7:38:55:c5:a4:2c:ac:43:af:c8:9f:11:8a:a1:
                    1b:ec:d1:60:ca:00:60:c7:d9:67:64:0c:17:8a:08:
                    33:03:c2:1e:12:01:73:b6:34:6e:e9:65:ad:cc:1a:
                    36:cf:70:9b:23:25:d1:4d:d3:e9:a1:0c:4d:c7:c9:
                    ff:71:0e:3e:3c:cb:1e:2f:fd:94:70:ae:a4:7a:0b:
                    b8:22:d7:ec:af:e2:2d:7e:f0:c2:82:1e:b3:b0:06:
                    49:50:cd:c0:7b:98:e6:0c:39:e4:73:05:2e:b5:f5:
                    be:95:22:5b:d9:fe:5e:d4:c2:85:d2:88:4e:a0:33:
                    38:cb:27:c4:60:1a:06:64:3d:13:80:02:45:0c:3d:
                    fa:3b:78:3d:ec:94:43:43:2a:ad:e3:72:ca:7c:04:
                    f2:97:7f:0d:22:20:74:0a:14:69:f8:86:ba:31:70:
                    e8:e8:58:72:55:04:fa:0f:fd:94:42:97:05:e2:40:
                    5f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:03:D5:9E:67:CE:F8:96:7F:A6:5E:09:96:71:B0:01:26:46:82:C2
            X509v3 Authority Key Identifier:
                keyid:FF:56:D8:37:FE:25:4F:A9:2E:1F:3C:2F:86:1A:A1:E4:85:52:17:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/DgPVnmfO-JZ_pl4JlnGwASZGgsI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.143.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:71:82:d9:e3:7f:27:a1:68:a0:55:3c:99:6a:31:f6:46:0f:
         19:bf:d7:01:84:b9:bf:1d:2f:29:aa:41:63:f2:7e:b6:20:c0:
         d5:1c:69:12:65:d3:2e:9c:76:0c:5f:6b:50:cb:c6:d2:33:9e:
         c0:50:56:35:6a:e0:f8:dd:12:3b:ee:32:03:95:38:42:50:b1:
         4f:6f:0b:35:12:0d:89:96:45:f1:e1:eb:c0:ba:20:94:54:2e:
         f5:a2:bb:0d:a4:39:b3:c6:ac:b1:ba:be:31:7b:72:63:53:ad:
         6d:37:e2:5d:9e:84:bb:db:84:22:c1:f1:46:14:af:c6:aa:4b:
         91:c3:4c:58:ff:f8:a4:ef:ae:2d:64:e1:81:0c:9e:b7:ae:ad:
         14:ed:55:dd:3f:88:a3:f0:65:00:34:b8:cf:a8:d1:d1:b7:98:
         f6:d1:0b:da:27:5b:db:af:7a:3c:76:96:84:a7:d9:13:7b:e8:
         d5:cf:a7:db:d3:13:c0:15:fa:2f:61:b7:00:67:cb:33:ed:17:
         d4:0b:42:89:d4:c2:1d:56:d8:e3:b8:bc:27:d6:9b:ca:7f:aa:
         1a:c1:a1:87:ef:59:8b:76:92:74:86:28:54:db:09:43:f1:10:
         c4:10:06:67:06:a2:f2:30:55:22:c8:e5:60:27:4a:b7:ae:40:
         c2:b7:51:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzzOn+n7CupvHQfqPmQGnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTZkODM3ZmUyNTRmYTkyZTFmM2MyZjg2MWFhMWU0ODU1
MjE3NDYwHhcNMjMwMTAyMTg0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTAzZDU5ZTY3Y2VmODk2N2ZhNjVlMDk5NjcxYjAwMTI2NDY4MmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiR9bE5KOwt0OOyPAzemBY9abRMyE
+/F4ryb2UyU70D05qCeyaGMK2EMVAXGv17GzfwZLVjYivsA6ynzZ8V2DTQFWfxma
dAWGnS9x5zhVxaQsrEOvyJ8RiqEb7NFgygBgx9lnZAwXiggzA8IeEgFztjRu6WWt
zBo2z3CbIyXRTdPpoQxNx8n/cQ4+PMseL/2UcK6kegu4Itfsr+ItfvDCgh6zsAZJ
UM3Ae5jmDDnkcwUutfW+lSJb2f5e1MKF0ohOoDM4yyfEYBoGZD0TgAJFDD36O3g9
7JRDQyqt43LKfATyl38NIiB0ChRp+Ia6MXDo6FhyVQT6D/2UQpcF4kBfcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4D1Z5nzviWf6ZeCZZxsAEmRoLCMB8GA1UdIwQY
MBaAFP9W2Df+JU+pLh88L4YaoeSFUhdGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFiWU5fNGxUNmt1SHp3dmhocWg1SVZTRjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xYjM3NDktOTY3My00MTJkLWIzNDgt
NTBmYzRkNTU3ZDA4LzEvRGdQVm5tZk8tSlpfcGw0SmxuR3dBU1pHZ3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xYjM3NDktOTY3My00MTJkLWIzNDgtNTBmYzRkNTU3ZDA4
LzEvXzFiWU5fNGxUNmt1SHp3dmhocWg1SVZTRjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo9jMA0G
CSqGSIb3DQEBCwUAA4IBAQBNcYLZ438noWigVTyZajH2Rg8Zv9cBhLm/HS8pqkFj
8n62IMDVHGkSZdMunHYMX2tQy8bSM57AUFY1auD43RI77jIDlThCULFPbws1Eg2J
lkXx4evAuiCUVC71orsNpDmzxqyxur4xe3JjU61tN+JdnoS724QiwfFGFK/GqkuR
w0xY//ik764tZOGBDJ63rq0U7VXdP4ij8GUANLjPqNHRt5j20QvaJ1vbr3o8dpaE
p9kTe+jVz6fb0xPAFfovYbcAZ8sz7RfUC0KJ1MIdVtjjuLwn1pvKf6oawaGH71mL
dpJ0hihU2wlD8RDEEAZnBqLyMFUiyOVgJ0q3rkDCt1Gb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:25 2024 by rpki-client on console-ams.rpki-client.org