Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/zG9zaFgSrk6T7Z_jEZPT6almR9E.roa
File:                     zG9zaFgSrk6T7Z_jEZPT6almR9E.roa (raw, json)
Hash identifier:          WPSJaOwqPjGWUcZmvmwNZXMwO1uMoO3aPfElk6tJDTY=
Subject key identifier:   CC:6F:73:68:58:12:AE:4E:93:ED:9F:E3:11:93:D3:E9:A9:66:47:D1
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018D35B3CABA7B390CC529CC0A28A8E628DC
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/zG9zaFgSrk6T7Z_jEZPT6almR9E.roa
Signing time:             Tue 23 Jan 2024 09:43:11 +0000
ROA not before:           Tue 23 Jan 2024 09:43:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        80.246.226.0/24 maxlen: 24
                          80.246.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Feb 2024 15:07:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:35:b3:ca:ba:7b:39:0c:c5:29:cc:0a:28:a8:e6:28:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Jan 23 09:43:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cc6f73685812ae4e93ed9fe31193d3e9a96647d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:00:35:98:c0:49:e5:2d:ce:82:c5:5d:58:fb:
                    83:0e:6d:17:60:93:fd:34:06:78:21:4b:49:81:00:
                    f1:15:79:da:dd:9f:4b:55:bb:42:00:95:da:05:2e:
                    07:da:33:5c:63:db:c9:4c:b2:fb:6a:52:6c:96:7b:
                    1d:32:da:b7:d2:d9:f3:83:c6:ac:31:b4:2b:3b:14:
                    b4:d5:1f:aa:5e:f8:23:77:d1:10:8e:dc:cd:93:18:
                    66:e0:b9:31:8a:b7:80:e3:ba:a2:d0:5b:61:96:8b:
                    16:89:e5:74:d9:33:79:a5:5c:63:0e:3c:e0:a9:fe:
                    a2:01:fa:2d:1a:a0:ae:db:ad:94:18:8d:76:c0:65:
                    3e:02:e8:b2:03:dc:85:b2:55:f9:f3:ab:bf:99:9b:
                    54:2b:99:d0:f1:74:10:7b:87:e2:b2:da:17:e8:27:
                    1f:eb:7a:45:01:8c:c4:3f:e9:c4:a6:aa:59:58:59:
                    9c:32:5e:f1:1f:c5:ed:e9:96:8d:d3:f5:8e:11:cd:
                    bd:00:02:2d:2e:ac:e8:44:aa:a9:62:2d:a0:ba:23:
                    f6:b4:55:e2:c6:6d:c6:98:68:bf:59:07:43:4e:b8:
                    f8:f6:bf:a7:a3:09:a8:ff:93:9a:10:b6:73:9e:4d:
                    f8:3d:0f:20:05:42:38:e2:58:98:09:a3:11:6b:51:
                    45:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:6F:73:68:58:12:AE:4E:93:ED:9F:E3:11:93:D3:E9:A9:66:47:D1
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/zG9zaFgSrk6T7Z_jEZPT6almR9E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:cb:ad:b8:04:6a:2e:37:48:2b:91:25:6d:d2:0c:be:bc:a1:
         7a:f7:25:ec:a6:dc:f9:b4:c5:20:1e:12:b1:b6:ed:0d:33:bf:
         b7:c9:f9:bd:e4:bb:24:c5:29:6b:b5:e3:62:46:e6:e6:45:73:
         68:a8:24:03:4e:f0:19:09:46:98:7d:1c:da:a8:68:62:3f:d2:
         00:cb:c4:94:d6:64:58:52:bd:2e:7f:ac:91:63:5b:64:44:81:
         c7:ce:11:21:8c:97:b2:b0:57:ef:24:fd:28:21:be:97:a5:0d:
         6a:b7:c3:e6:19:33:33:ee:91:12:a1:13:86:dd:4e:ca:4c:44:
         1c:69:1f:ac:6a:06:a7:4a:27:02:bb:a1:9c:1e:6a:36:38:1e:
         da:14:70:7e:74:37:53:66:3c:3e:c2:e5:29:5d:56:75:c3:bc:
         eb:6d:33:f2:c7:4d:16:32:ba:ec:d0:db:74:37:e2:10:54:8d:
         e1:c5:a2:30:40:98:1d:dd:7d:9d:c7:d2:52:0e:f1:bd:12:38:
         67:ab:31:c4:9d:c2:9f:2f:84:a6:4b:3b:78:49:e1:32:9c:05:
         7d:c3:6f:43:36:c4:1a:7f:b4:1d:5d:9d:b5:2a:d6:4d:0d:6d:
         d9:9c:62:e3:df:9e:3f:ff:e0:39:40:4c:c6:ef:00:9d:91:72:
         e6:a3:15:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY01s8q6ezkMxSnMCiio5ijcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwMTIzMDk0MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzZmNzM2ODU4MTJhZTRlOTNlZDlmZTMxMTkzZDNlOWE5NjY0N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgA1mMBJ5S3OgsVdWPuDDm0XYJP9
NAZ4IUtJgQDxFXna3Z9LVbtCAJXaBS4H2jNcY9vJTLL7alJslnsdMtq30tnzg8as
MbQrOxS01R+qXvgjd9EQjtzNkxhm4LkxireA47qi0FthlosWieV02TN5pVxjDjzg
qf6iAfotGqCu262UGI12wGU+AuiyA9yFslX586u/mZtUK5nQ8XQQe4fistoX6Ccf
63pFAYzEP+nEpqpZWFmcMl7xH8Xt6ZaN0/WOEc29AAItLqzoRKqpYi2guiP2tFXi
xm3GmGi/WQdDTrj49r+nowmo/5OaELZznk34PQ8gBUI44liYCaMRa1FFHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxvc2hYEq5Ok+2f4xGT0+mpZkfRMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvekc5emFGZ1NyazZUN1pfakVaUFQ2YWxtUjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUPbiMA0G
CSqGSIb3DQEBCwUAA4IBAQAoy624BGouN0grkSVt0gy+vKF69yXsptz5tMUgHhKx
tu0NM7+3yfm95LskxSlrteNiRubmRXNoqCQDTvAZCUaYfRzaqGhiP9IAy8SU1mRY
Ur0uf6yRY1tkRIHHzhEhjJeysFfvJP0oIb6XpQ1qt8PmGTMz7pESoROG3U7KTEQc
aR+saganSicCu6GcHmo2OB7aFHB+dDdTZjw+wuUpXVZ1w7zrbTPyx00WMrrs0Nt0
N+IQVI3hxaIwQJgd3X2dx9JSDvG9EjhnqzHEncKfL4SmSzt4SeEynAV9w29DNsQa
f7QdXZ21KtZNDW3ZnGLj354//+A5QEzG7wCdkXLmoxWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org