Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/oPOvWwIRSUOR38MyQjObaYTB0yQ.roa
File: oPOvWwIRSUOR38MyQjObaYTB0yQ.roa (raw, json)
Hash identifier: At9DGLheyqeqjkOP8LY8OGSr/BvC+WubEyBBrYdA3+Q=
Subject key identifier: A0:F3:AF:5B:02:11:49:43:91:DF:C3:32:42:33:9B:69:84:C1:D3:24
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018A4CDFB7E19A5D2D2A35907D4C80CC8940
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/oPOvWwIRSUOR38MyQjObaYTB0yQ.roa
Signing time: Thu 31 Aug 2023 18:34:04 +0000
ROA not before: Thu 31 Aug 2023 18:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:df:b7:e1:9a:5d:2d:2a:35:90:7d:4c:80:cc:89:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 31 18:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0f3af5b0211494391dfc33242339b6984c1d324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:92:fe:f2:0c:d6:77:a2:0d:2e:23:61:b0:7c:
97:07:26:6a:9c:50:0b:ef:64:b3:25:df:11:d8:f4:
b2:32:26:10:80:30:29:8e:11:c8:1d:21:b2:3c:f0:
78:22:b1:62:42:37:be:fb:c4:f1:19:64:b4:a2:46:
5c:87:18:fe:27:0b:a2:0f:2b:2d:65:85:0f:56:be:
63:d4:b7:de:dd:d3:b7:97:eb:d2:b2:1b:fa:3c:d8:
90:67:2b:de:ed:d5:42:dc:74:9c:4d:a1:aa:29:56:
2c:73:56:4c:c9:1c:00:4a:13:43:e4:9d:0a:c9:44:
c8:38:3e:03:76:46:f1:f5:3f:19:e5:ef:de:7c:d5:
06:5d:3b:6c:d5:77:3f:15:15:ba:cf:04:3a:15:c8:
b2:c5:6c:7e:01:cb:6e:a8:87:70:04:13:a6:82:fd:
d7:de:b8:3e:44:c9:9c:be:f6:f0:f6:38:eb:6f:e9:
a5:c6:03:02:55:52:7f:9c:8b:3e:f8:f5:cc:89:ae:
39:b5:fc:87:de:f6:a8:9a:07:af:1c:15:a7:20:90:
7c:9f:ab:3b:a2:2c:03:61:02:cb:c9:2f:e5:1a:9d:
3b:6e:72:c5:41:c4:90:7a:36:b4:bb:f8:2f:86:a9:
c1:0c:c7:d2:57:53:97:4f:6b:8d:48:33:d3:14:92:
d8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F3:AF:5B:02:11:49:43:91:DF:C3:32:42:33:9B:69:84:C1:D3:24
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/oPOvWwIRSUOR38MyQjObaYTB0yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
22:3b:3e:60:79:24:cb:65:ce:bb:c1:48:72:e5:78:3c:68:59:
a3:d1:a9:d5:26:07:f8:4e:7d:0e:43:1f:cf:8e:c8:4d:74:aa:
ff:1a:b9:0b:ed:1a:8a:d4:60:31:78:6d:c4:aa:95:39:3d:d2:
ba:1c:92:99:38:b6:cf:82:20:88:1a:b2:d7:7b:b1:fe:15:0a:
19:0a:a5:4b:7f:1b:45:17:e0:37:02:b7:f9:75:57:a6:a4:85:
77:8f:8f:56:fe:bc:4e:e7:44:21:fd:7f:4f:55:12:50:f4:61:
63:7b:7e:96:5a:48:3c:31:3b:e7:ad:0a:7d:9e:a4:52:e0:93:
b0:b4:f3:2a:fd:3c:88:dc:30:ec:ce:b3:2d:fe:ea:ab:ad:46:
62:37:9c:0a:83:a8:97:ec:f4:51:3a:dc:49:7d:45:d4:ff:57:
64:63:c7:ce:16:99:83:2d:e0:f3:72:0a:5c:c6:45:5f:45:84:
08:6b:be:aa:d0:5c:25:4b:d0:19:14:f9:34:06:f2:48:ea:30:
f1:d5:cc:cb:1a:19:36:5d:5d:bf:a2:73:51:01:01:01:85:11:
69:32:67:3a:ca:c9:38:87:84:a3:9e:a7:8e:41:4e:9a:19:8a:
a6:a3:d9:52:13:15:58:c5:bc:c9:0d:f7:4e:d6:d4:9a:94:08:
bd:09:20:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpM37fhml0tKjWQfUyAzIlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODMxMTgzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYzYWY1YjAyMTE0OTQzOTFkZmMzMzI0MjMzOWI2OTg0YzFkMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJL+8gzWd6INLiNhsHyXByZqnFAL
72SzJd8R2PSyMiYQgDApjhHIHSGyPPB4IrFiQje++8TxGWS0okZchxj+JwuiDyst
ZYUPVr5j1Lfe3dO3l+vSshv6PNiQZyve7dVC3HScTaGqKVYsc1ZMyRwAShND5J0K
yUTIOD4Ddkbx9T8Z5e/efNUGXTts1Xc/FRW6zwQ6FciyxWx+ActuqIdwBBOmgv3X
3rg+RMmcvvbw9jjrb+mlxgMCVVJ/nIs++PXMia45tfyH3vaomgevHBWnIJB8n6s7
oiwDYQLLyS/lGp07bnLFQcSQeja0u/gvhqnBDMfSV1OXT2uNSDPTFJLYdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDzr1sCEUlDkd/DMkIzm2mEwdMkMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvb1BPdld3SVJTVU9SMzhNeVFqT2JhWVRCMHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSpQMA0G
CSqGSIb3DQEBCwUAA4IBAQAiOz5geSTLZc67wUhy5Xg8aFmj0anVJgf4Tn0OQx/P
jshNdKr/GrkL7RqK1GAxeG3EqpU5PdK6HJKZOLbPgiCIGrLXe7H+FQoZCqVLfxtF
F+A3Arf5dVempIV3j49W/rxO50Qh/X9PVRJQ9GFje36WWkg8MTvnrQp9nqRS4JOw
tPMq/TyI3DDszrMt/uqrrUZiN5wKg6iX7PRROtxJfUXU/1dkY8fOFpmDLeDzcgpc
xkVfRYQIa76q0FwlS9AZFPk0BvJI6jDx1czLGhk2XV2/onNRAQEBhRFpMmc6ysk4
h4SjnqeOQU6aGYqmo9lSExVYxbzJDfdO1tSalAi9CSB8
-----END CERTIFICATE-----
Generated at Thu Sep 7 06:58:01 2023 by rpki-client on console-fra.rpki-client.org