Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/XKEBD03898PVGQpeJfvdkUnJOhY.roa
File:                     XKEBD03898PVGQpeJfvdkUnJOhY.roa (raw, json)
Hash identifier:          6rXhRE7ZXzjR4a7mt3/MjIT6osX2wS7usEYwLsYkx5U=
Subject key identifier:   5C:A1:01:0F:4D:FC:F7:C3:D5:19:0A:5E:25:FB:DD:91:49:C9:3A:16
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       0191D5AE1B5344AC2566FF9D612E55A9F4CC
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/XKEBD03898PVGQpeJfvdkUnJOhY.roa
Signing time:             Mon 09 Sep 2024 07:27:22 +0000
ROA not before:           Mon 09 Sep 2024 07:27:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198510
IP address blocks:        80.246.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Sep 2024 09:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:d5:ae:1b:53:44:ac:25:66:ff:9d:61:2e:55:a9:f4:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Sep  9 07:27:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ca1010f4dfcf7c3d5190a5e25fbdd9149c93a16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2b:76:2e:fb:64:9a:46:61:93:0a:b5:6b:12:
                    fc:ce:ab:cf:d3:73:b2:a5:ac:f0:e5:b3:59:ec:74:
                    56:f6:35:0d:ff:da:25:50:ce:a6:73:dd:dd:2c:ff:
                    18:e0:07:97:2e:04:47:a6:90:fb:99:08:bc:4b:ef:
                    4b:e4:aa:68:f6:03:6a:80:f5:3e:6c:e3:4f:1b:54:
                    55:58:4b:d1:eb:6f:43:ab:bb:87:ba:51:f2:26:ca:
                    ae:c7:e6:28:f9:a4:75:ce:7e:24:93:ac:80:b1:68:
                    0e:eb:52:89:73:f4:ac:14:8c:60:5e:8f:f0:18:21:
                    ab:22:2c:89:37:68:c1:ab:5f:f7:00:c6:3e:42:89:
                    36:5f:81:97:fa:37:a0:39:f7:55:48:5a:c6:94:de:
                    e6:0b:ba:f8:a3:20:1b:95:79:ed:ef:04:69:7e:ac:
                    7d:be:f3:d0:b9:82:bd:a4:e9:eb:97:f9:d9:c1:12:
                    a6:51:05:69:1d:82:84:c0:1c:7a:e8:1d:c9:4b:45:
                    7c:66:00:b4:c9:24:95:9d:7e:ea:85:57:17:ba:53:
                    93:f8:45:e7:3d:e1:10:35:9f:18:7a:bc:f5:81:a1:
                    f4:95:33:30:1b:fd:40:85:01:e9:5a:47:08:98:e7:
                    de:a9:54:1e:bc:a6:79:85:ca:72:b6:bc:0f:d3:d6:
                    b9:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:A1:01:0F:4D:FC:F7:C3:D5:19:0A:5E:25:FB:DD:91:49:C9:3A:16
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/XKEBD03898PVGQpeJfvdkUnJOhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:5a:4d:17:08:68:88:23:e9:bd:a0:4b:53:cb:c4:0e:b5:11:
         88:c3:e5:97:55:ca:76:5f:f2:83:ca:5e:ec:ee:93:9a:58:46:
         71:1c:56:ae:40:25:5e:0c:0e:28:c1:28:30:df:0e:6f:da:17:
         66:89:ee:28:67:53:ca:b4:db:de:4b:d9:41:b9:02:d1:3f:d9:
         f9:3e:19:26:20:58:ba:97:48:ba:3e:d7:e7:f1:b8:48:fd:99:
         72:95:b9:db:14:b1:c1:ca:c9:69:f2:d4:a8:97:98:62:de:8c:
         af:05:55:17:80:86:77:4b:b0:0c:1c:d0:75:7a:35:02:f4:b2:
         c0:c4:13:0b:2c:c8:ac:bf:51:87:29:81:bd:97:10:22:62:2b:
         b5:9c:9c:fc:90:3c:98:dc:5a:c3:fa:66:07:e2:6d:d3:85:fd:
         a2:fb:62:4a:4f:f9:7a:52:00:2c:43:ca:14:df:7c:c9:c2:c9:
         20:a8:9f:7b:e9:55:21:62:1a:58:0e:28:29:f2:17:72:7d:35:
         7d:73:22:90:64:0e:22:ee:ad:3d:f6:ba:3d:1c:41:9d:0f:65:
         b3:f5:0b:3f:41:89:15:ca:15:7d:b6:2a:ac:20:5e:4e:85:29:
         e7:a2:eb:35:bb:4d:04:2d:91:ca:46:a5:43:02:28:12:22:9b:
         88:b7:3b:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHVrhtTRKwlZv+dYS5VqfTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwOTA5MDcyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ExMDEwZjRkZmNmN2MzZDUxOTBhNWUyNWZiZGQ5MTQ5YzkzYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCt2LvtkmkZhkwq1axL8zqvP03Oy
pazw5bNZ7HRW9jUN/9olUM6mc93dLP8Y4AeXLgRHppD7mQi8S+9L5Kpo9gNqgPU+
bONPG1RVWEvR629Dq7uHulHyJsqux+Yo+aR1zn4kk6yAsWgO61KJc/SsFIxgXo/w
GCGrIiyJN2jBq1/3AMY+Qok2X4GX+jegOfdVSFrGlN7mC7r4oyAblXnt7wRpfqx9
vvPQuYK9pOnrl/nZwRKmUQVpHYKEwBx66B3JS0V8ZgC0ySSVnX7qhVcXulOT+EXn
PeEQNZ8Yerz1gaH0lTMwG/1AhQHpWkcImOfeqVQevKZ5hcpytrwP09a5pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyhAQ9N/PfD1RkKXiX73ZFJyToWMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvWEtFQkQwMzg5OFBWR1FwZUpmdmRrVW5KT2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPblMA0G
CSqGSIb3DQEBCwUAA4IBAQBjWk0XCGiII+m9oEtTy8QOtRGIw+WXVcp2X/KDyl7s
7pOaWEZxHFauQCVeDA4owSgw3w5v2hdmie4oZ1PKtNveS9lBuQLRP9n5PhkmIFi6
l0i6Ptfn8bhI/ZlylbnbFLHByslp8tSol5hi3oyvBVUXgIZ3S7AMHNB1ejUC9LLA
xBMLLMisv1GHKYG9lxAiYiu1nJz8kDyY3FrD+mYH4m3Thf2i+2JKT/l6UgAsQ8oU
33zJwskgqJ976VUhYhpYDigp8hdyfTV9cyKQZA4i7q099ro9HEGdD2Wz9Qs/QYkV
yhV9tiqsIF5OhSnnous1u00ELZHKRqVDAigSIpuItzvL
-----END CERTIFICATE-----
Generated at Tue Sep 10 12:17:18 2024 by rpki-client on console-fra.rpki-client.org