Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/r24KylfaX-mN5dtWe3qMf_m8YAg.roa
File:                     r24KylfaX-mN5dtWe3qMf_m8YAg.roa (raw, json)
Hash identifier:          tCDGx6klpS26D84Vyu5C+AfHJsTKohoguJ7Db+8lgQs=
Subject key identifier:   AF:6E:0A:CA:57:DA:5F:E9:8D:E5:DB:56:7B:7A:8C:7F:F9:BC:60:08
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       01856CE66999CD793CA83D9401814E26ADF9
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/r24KylfaX-mN5dtWe3qMf_m8YAg.roa
Signing time:             Sun 01 Jan 2023 10:35:17 +0000
ROA not before:           Sun 01 Jan 2023 10:35:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201384
IP address blocks:        46.10.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:69:99:cd:79:3c:a8:3d:94:01:81:4e:26:ad:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 10:35:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af6e0aca57da5fe98de5db567b7a8c7ff9bc6008
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7f:80:18:9a:7d:bb:7d:ca:18:70:52:40:3d:
                    8d:81:75:2f:24:49:06:a5:73:fd:c6:12:59:b5:28:
                    30:03:8d:7a:f0:53:28:1e:09:9f:ff:e5:d7:50:25:
                    09:53:cf:0c:3e:d0:f4:1e:bd:92:30:17:0b:c9:e2:
                    62:d9:a3:48:cf:39:a0:e7:c8:14:cf:6f:d8:0c:90:
                    b7:5e:58:dc:27:ca:dc:47:55:2f:26:e8:38:73:f6:
                    5e:be:a6:38:67:ac:93:7d:22:f2:e6:d9:8f:ab:24:
                    b3:85:56:98:f0:dc:ac:f6:4a:41:68:8e:6b:ea:8a:
                    96:01:21:7f:94:36:87:65:70:00:c3:b3:4b:3c:cd:
                    78:c4:2e:16:bd:86:c3:8f:50:74:e2:36:19:ed:09:
                    1c:4e:ca:c2:d4:c1:68:a2:4f:a7:12:4a:84:e1:48:
                    f0:6b:c3:ce:99:12:92:2a:fd:55:13:bc:97:d8:7f:
                    62:dd:c5:64:0d:84:f3:1d:bd:05:20:49:35:a2:cf:
                    45:3b:6a:f9:80:2d:0c:c0:b0:d8:4d:f4:af:59:63:
                    c2:a0:bf:31:02:7f:35:6a:42:17:37:8e:e6:d2:12:
                    2b:00:e9:a8:2c:e0:d8:3a:79:bb:c8:47:8f:a7:ec:
                    71:3d:7c:7d:5d:f6:a4:24:01:9f:94:e6:4e:50:e3:
                    f1:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:6E:0A:CA:57:DA:5F:E9:8D:E5:DB:56:7B:7A:8C:7F:F9:BC:60:08
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/r24KylfaX-mN5dtWe3qMf_m8YAg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.10.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:e4:19:4c:44:bb:ab:7c:cc:28:76:90:5c:f6:5a:bc:7e:e3:
         fc:5d:48:fd:de:a9:98:02:53:7b:22:bd:6c:3c:14:17:9f:63:
         e7:d1:5d:91:8b:c2:2e:65:31:d7:53:dc:27:a2:ba:40:d7:21:
         f2:1f:90:53:8c:8f:6f:25:3d:5f:86:7f:10:7c:45:0b:96:e6:
         75:65:09:e2:c4:43:28:82:28:e1:0a:9a:c7:76:da:c6:ac:0a:
         a8:60:bf:e4:a7:60:af:bd:21:bd:0f:8a:35:01:d2:9a:d3:78:
         8f:8f:6b:f4:93:40:69:54:5e:ff:c2:4a:94:b1:3e:43:6c:95:
         7d:77:f8:5e:8f:62:5e:7d:2c:52:c9:ce:99:85:c2:5f:4b:8d:
         dd:96:ca:68:fe:34:0c:11:30:52:ae:cb:91:41:de:6e:c5:f8:
         65:a0:d1:12:01:e6:e1:5d:24:0f:f5:8f:41:ca:c8:90:15:75:
         84:4a:7e:47:70:72:97:91:2f:b1:84:37:ed:87:8c:e1:d3:e4:
         f9:ce:3e:72:2a:d2:45:81:3b:34:88:55:eb:fb:c1:19:ed:11:
         fb:5c:0a:6d:a7:8d:1b:5b:18:ae:25:b3:38:78:c4:fb:a2:4b:
         de:61:68:19:cb:8d:71:85:52:c8:f6:f4:57:6d:c6:44:f3:2a:
         c8:97:65:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5mmZzXk8qD2UAYFOJq35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZlMGFjYTU3ZGE1ZmU5OGRlNWRiNTY3YjdhOGM3ZmY5YmM2MDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxn+AGJp9u33KGHBSQD2NgXUvJEkG
pXP9xhJZtSgwA4168FMoHgmf/+XXUCUJU88MPtD0Hr2SMBcLyeJi2aNIzzmg58gU
z2/YDJC3XljcJ8rcR1UvJug4c/ZevqY4Z6yTfSLy5tmPqySzhVaY8Nys9kpBaI5r
6oqWASF/lDaHZXAAw7NLPM14xC4WvYbDj1B04jYZ7QkcTsrC1MFook+nEkqE4Ujw
a8POmRKSKv1VE7yX2H9i3cVkDYTzHb0FIEk1os9FO2r5gC0MwLDYTfSvWWPCoL8x
An81akIXN47m0hIrAOmoLODYOnm7yEePp+xxPXx9XfakJAGflOZOUOPxrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9uCspX2l/pjeXbVnt6jH/5vGAIMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvcjI0S3lsZmFYLW1ONWR0V2UzcU1mX204WUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgqwMA0G
CSqGSIb3DQEBCwUAA4IBAQBW5BlMRLurfMwodpBc9lq8fuP8XUj93qmYAlN7Ir1s
PBQXn2Pn0V2Ri8IuZTHXU9wnorpA1yHyH5BTjI9vJT1fhn8QfEULluZ1ZQnixEMo
gijhCprHdtrGrAqoYL/kp2CvvSG9D4o1AdKa03iPj2v0k0BpVF7/wkqUsT5DbJV9
d/hej2JefSxSyc6ZhcJfS43dlspo/jQMETBSrsuRQd5uxfhloNESAebhXSQP9Y9B
ysiQFXWESn5HcHKXkS+xhDfth4zh0+T5zj5yKtJFgTs0iFXr+8EZ7RH7XAptp40b
WxiuJbM4eMT7okveYWgZy41xhVLI9vRXbcZE8yrIl2Vd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org