Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/3b0ba6-fc31-4ec6-8161-ad827e3edf6c/1/kIpaZCjcwflIpeixQIShYwhTtVk.roa
File:                     kIpaZCjcwflIpeixQIShYwhTtVk.roa (raw, json)
Hash identifier:          LVuH2ijzSFFUtSrH0qU4jEGA3cqhNQ9lm4j0iONNvc8=
Subject key identifier:   90:8A:5A:64:28:DC:C1:F9:48:A5:E8:B1:40:84:A1:63:08:53:B5:59
Certificate issuer:       /CN=2f5cafd5efd2df2c9b309bbd5eed47a6918984b0
Certificate serial:       01856B2E82F3423B0A330AABB920674E56C2
Authority key identifier: 2F:5C:AF:D5:EF:D2:DF:2C:9B:30:9B:BD:5E:ED:47:A6:91:89:84:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L1yv1e_S3yybMJu9Xu1HppGJhLA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/3b0ba6-fc31-4ec6-8161-ad827e3edf6c/1/kIpaZCjcwflIpeixQIShYwhTtVk.roa
Signing time:             Sun 01 Jan 2023 02:34:48 +0000
ROA not before:           Sun 01 Jan 2023 02:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20700
IP address blocks:        194.11.205.0/24 maxlen: 24
                          194.11.204.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:2e:82:f3:42:3b:0a:33:0a:ab:b9:20:67:4e:56:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f5cafd5efd2df2c9b309bbd5eed47a6918984b0
        Validity
            Not Before: Jan  1 02:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=908a5a6428dcc1f948a5e8b14084a1630853b559
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:04:e7:71:3a:78:58:27:0e:d7:5c:b9:17:75:
                    2e:72:96:ba:6c:94:e3:da:e1:ad:3a:1c:2c:29:04:
                    f3:08:98:80:f1:36:a3:63:9d:93:f8:74:9c:54:14:
                    9b:88:6e:1b:78:61:c9:df:6c:57:c8:48:7d:82:e1:
                    d5:26:db:63:40:28:b7:25:86:41:ad:84:d9:dd:56:
                    e4:a9:0e:0f:9e:77:8b:bf:61:b7:57:8d:26:ca:1a:
                    4c:ff:35:5d:b4:d4:1a:01:ae:58:81:d2:68:95:f7:
                    c6:9b:d1:4b:3f:fd:6c:65:e3:6f:b3:49:0c:23:c4:
                    61:3f:a5:c5:c5:10:93:d1:a2:d7:a6:ab:fd:11:2c:
                    0c:15:be:1b:e4:e7:1f:ea:e2:e7:ae:de:6f:f6:ce:
                    75:11:59:e2:e4:d4:bc:75:a8:3a:c5:73:73:29:7f:
                    67:0a:ca:89:f2:84:82:b2:39:32:c3:66:55:51:08:
                    31:40:9c:cd:61:85:45:a3:43:ad:d6:ce:05:4b:04:
                    0c:3a:d0:6a:48:9d:7d:53:67:f3:84:e6:3a:71:4d:
                    ce:10:c2:c5:5e:f1:97:8a:27:4b:b5:60:89:fa:15:
                    74:95:37:94:e3:62:27:db:b7:d3:ec:b9:0d:b0:f9:
                    ec:00:d0:16:f9:5c:ff:23:dd:ff:ab:bf:f5:69:5b:
                    ab:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:8A:5A:64:28:DC:C1:F9:48:A5:E8:B1:40:84:A1:63:08:53:B5:59
            X509v3 Authority Key Identifier:
                keyid:2F:5C:AF:D5:EF:D2:DF:2C:9B:30:9B:BD:5E:ED:47:A6:91:89:84:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yv1e_S3yybMJu9Xu1HppGJhLA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/3b0ba6-fc31-4ec6-8161-ad827e3edf6c/1/kIpaZCjcwflIpeixQIShYwhTtVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/3b0ba6-fc31-4ec6-8161-ad827e3edf6c/1/L1yv1e_S3yybMJu9Xu1HppGJhLA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.11.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:fd:cc:ba:21:4e:45:1f:1d:46:8b:02:7f:e0:74:cd:0d:bb:
         77:d6:42:27:70:cf:00:49:b7:0d:92:49:6b:10:12:b9:2c:26:
         60:7f:53:b2:b5:42:d1:43:c5:a9:1d:11:57:c2:63:e8:96:61:
         25:24:2f:8e:9d:3c:79:14:9b:75:e2:1d:30:85:c3:e8:d4:ac:
         5a:80:99:a8:e5:33:2b:27:ff:aa:4e:9b:ab:91:52:c0:e9:0f:
         42:6e:ac:93:82:78:5a:7b:46:0b:00:51:0c:cb:95:ba:c2:fe:
         2a:3f:75:fb:c5:21:0b:0a:dc:57:02:79:95:f5:81:52:36:3e:
         3b:fa:1b:8d:0f:5e:64:fa:95:6f:59:a7:2a:db:e8:c1:51:34:
         c1:3b:eb:31:58:d7:fb:98:d4:8e:50:12:0f:94:fa:5a:fa:cd:
         07:83:11:e8:10:8f:ce:d8:6d:d0:4e:6c:fd:59:74:64:a0:22:
         f5:a8:8b:9a:35:e1:27:67:4b:bc:e8:22:18:f0:6e:46:98:4f:
         25:26:77:7d:8e:51:75:bd:c3:b7:cc:b9:a1:87:83:a7:4d:c2:
         82:85:31:ea:f3:c6:f7:cb:3a:35:7b:35:29:3f:01:d7:3d:d3:
         e4:02:8c:4a:0c:db:6b:0e:24:a6:7d:5b:b1:7d:19:a0:8f:83:
         f7:b1:12:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrLoLzQjsKMwqruSBnTlbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhZmQ1ZWZkMmRmMmM5YjMwOWJiZDVlZWQ0N2E2OTE4
OTg0YjAwHhcNMjMwMTAxMDIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhhNWE2NDI4ZGNjMWY5NDhhNWU4YjE0MDg0YTE2MzA4NTNiNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgTncTp4WCcO11y5F3Uucpa6bJTj
2uGtOhwsKQTzCJiA8TajY52T+HScVBSbiG4beGHJ32xXyEh9guHVJttjQCi3JYZB
rYTZ3VbkqQ4PnneLv2G3V40myhpM/zVdtNQaAa5YgdJolffGm9FLP/1sZeNvs0kM
I8RhP6XFxRCT0aLXpqv9ESwMFb4b5Ocf6uLnrt5v9s51EVni5NS8dag6xXNzKX9n
CsqJ8oSCsjkyw2ZVUQgxQJzNYYVFo0Ot1s4FSwQMOtBqSJ19U2fzhOY6cU3OEMLF
XvGXiidLtWCJ+hV0lTeU42In27fT7LkNsPnsANAW+Vz/I93/q7/1aVur/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCKWmQo3MH5SKXosUCEoWMIU7VZMB8GA1UdIwQY
MBaAFC9cr9Xv0t8smzCbvV7tR6aRiYSwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5djFlX1MzeXliTUp1OVh1MUhwcEdKaExBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8zYjBiYTYtZmMzMS00ZWM2LTgxNjEt
YWQ4MjdlM2VkZjZjLzEva0lwYVpDamN3ZmxJcGVpeFFJU2hZd2hUdFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8zYjBiYTYtZmMzMS00ZWM2LTgxNjEtYWQ4MjdlM2VkZjZj
LzEvTDF5djFlX1MzeXliTUp1OVh1MUhwcEdKaExBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgvMMA0G
CSqGSIb3DQEBCwUAA4IBAQAF/cy6IU5FHx1GiwJ/4HTNDbt31kIncM8ASbcNkklr
EBK5LCZgf1OytULRQ8WpHRFXwmPolmElJC+OnTx5FJt14h0whcPo1KxagJmo5TMr
J/+qTpurkVLA6Q9CbqyTgnhae0YLAFEMy5W6wv4qP3X7xSELCtxXAnmV9YFSNj47
+huND15k+pVvWacq2+jBUTTBO+sxWNf7mNSOUBIPlPpa+s0HgxHoEI/O2G3QTmz9
WXRkoCL1qIuaNeEnZ0u86CIY8G5GmE8lJnd9jlF1vcO3zLmhh4OnTcKChTHq88b3
yzo1ezUpPwHXPdPkAoxKDNtrDiSmfVuxfRmgj4P3sRIW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:11 2024 by rpki-client on console-ams.rpki-client.org