Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/XFUL9LueV8d4VjaQ1WZyobKIU0o.roa
File:                     XFUL9LueV8d4VjaQ1WZyobKIU0o.roa (raw, json)
Hash identifier:          eBmO+8xArr1tQ0loqhU+xbvNtdDrBJtZNOAOFNVnUaM=
Subject key identifier:   5C:55:0B:F4:BB:9E:57:C7:78:56:36:90:D5:66:72:A1:B2:88:53:4A
Certificate issuer:       /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial:       01861231F628AE0618502533E57D8EC82BA0
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/XFUL9LueV8d4VjaQ1WZyobKIU0o.roa
Signing time:             Thu 02 Feb 2023 12:55:09 +0000
ROA not before:           Thu 02 Feb 2023 12:55:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198156
IP address blocks:        212.7.217.0/24 maxlen: 24
                          212.7.216.0/24 maxlen: 24
                          91.106.29.0/24 maxlen: 24
                          2a01:6e80:fffe::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:12:31:f6:28:ae:06:18:50:25:33:e5:7d:8e:c8:2b:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
        Validity
            Not Before: Feb  2 12:55:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c550bf4bb9e57c778563690d56672a1b288534a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:39:67:cc:41:af:11:b1:16:34:06:6d:10:74:
                    98:d6:b9:87:21:9f:8b:c9:ff:c8:ef:50:ab:1c:96:
                    83:e8:a9:4e:62:57:52:87:5e:2c:2d:8a:02:ab:2a:
                    b0:a6:8c:3e:01:8a:0f:fd:b7:3c:f1:65:32:fe:f1:
                    d5:b8:68:5c:41:2d:9c:ed:36:ac:46:95:2c:9a:a2:
                    f3:06:bf:34:c4:28:0b:7f:a4:7a:e6:98:97:8a:4a:
                    85:84:02:66:38:0e:c0:a9:2b:e3:d2:9e:54:b7:9e:
                    7d:00:1a:07:51:d2:f8:56:f9:72:95:dc:84:e8:61:
                    12:52:2a:e3:bf:eb:d0:04:b2:b4:d7:c1:9b:68:1d:
                    ec:b3:30:30:a6:85:99:b9:7a:f8:fc:cf:f2:43:98:
                    1b:ab:ec:f2:f0:82:0d:86:b9:1a:eb:88:bc:e1:97:
                    97:54:72:55:31:35:d4:da:bd:e6:71:4e:52:94:89:
                    b5:b8:42:1f:ec:64:df:34:66:90:1a:ea:bb:2f:ce:
                    21:09:a1:84:9b:7d:1c:b5:16:36:a9:56:7a:d5:43:
                    82:b2:11:60:53:88:a0:91:91:91:6f:01:8d:d7:ec:
                    82:ec:52:1e:ef:ba:94:d6:87:18:91:93:8d:38:9f:
                    fe:97:e3:bb:5a:65:90:c6:ad:4e:07:f5:f2:f5:94:
                    69:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:55:0B:F4:BB:9E:57:C7:78:56:36:90:D5:66:72:A1:B2:88:53:4A
            X509v3 Authority Key Identifier:
                keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/XFUL9LueV8d4VjaQ1WZyobKIU0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.106.29.0/24
                  212.7.216.0/23
                IPv6:
                  2a01:6e80:fffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:7f:08:9b:55:67:b5:22:d9:08:00:c0:6d:f1:1c:20:97:11:
         e5:74:15:b3:c9:05:ca:b0:f7:e0:0f:5e:75:94:b1:93:e2:49:
         4a:1a:61:ae:2e:1f:16:2c:73:92:bb:9a:97:ae:03:9f:92:4f:
         70:04:9a:63:ce:b7:88:f1:48:7d:73:e2:bf:10:36:d2:2b:d3:
         c4:7e:99:d5:f0:a0:9e:9e:96:57:81:64:c6:37:34:48:62:f8:
         19:5b:7b:9d:92:39:fc:19:09:a2:12:83:db:ad:57:74:5f:bb:
         07:89:49:2c:ae:84:d8:36:77:ae:ac:d5:cb:5c:79:1b:b5:2d:
         0d:37:cf:98:7a:d5:bf:c2:d5:65:da:f4:36:c5:53:b6:bd:80:
         e7:ca:b4:d6:f5:11:55:0b:44:3e:7f:f8:19:8c:6f:14:25:79:
         8d:fd:ff:12:24:4f:75:18:f1:12:d5:75:fc:22:d2:a5:21:22:
         5e:6e:e1:c2:97:90:24:37:cb:ac:2b:ef:7d:fb:02:6c:b5:fb:
         dd:45:8f:6f:1b:6a:bd:ae:23:72:ec:f2:1b:66:bf:f0:47:ca:
         7f:41:a8:25:8b:91:f0:0f:1a:ad:f2:b7:4d:32:a6:b2:d9:e6:
         a6:ca:e6:fa:f6:01:2f:a6:40:86:c9:26:ad:83:b1:ce:32:e9:
         c4:1b:81:46
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYYSMfYorgYYUCUz5X2OyCugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMwMjAyMTI1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU1MGJmNGJiOWU1N2M3Nzg1NjM2OTBkNTY2NzJhMWIyODg1MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zlnzEGvEbEWNAZtEHSY1rmHIZ+L
yf/I71CrHJaD6KlOYldSh14sLYoCqyqwpow+AYoP/bc88WUy/vHVuGhcQS2c7Tas
RpUsmqLzBr80xCgLf6R65piXikqFhAJmOA7AqSvj0p5Ut559ABoHUdL4VvlyldyE
6GESUirjv+vQBLK018GbaB3sszAwpoWZuXr4/M/yQ5gbq+zy8IINhrka64i84ZeX
VHJVMTXU2r3mcU5SlIm1uEIf7GTfNGaQGuq7L84hCaGEm30ctRY2qVZ61UOCshFg
U4igkZGRbwGN1+yC7FIe77qU1ocYkZONOJ/+l+O7WmWQxq1OB/Xy9ZRpCwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFxVC/S7nlfHeFY2kNVmcqGyiFNKMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvWEZVTDlMdWVWOGQ0VmphUTFXWnlvYktJVTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW2odAwQB
1AfYMA8EAgACMAkDBwAqAW6A//4wDQYJKoZIhvcNAQELBQADggEBAB1/CJtVZ7Ui
2QgAwG3xHCCXEeV0FbPJBcqw9+APXnWUsZPiSUoaYa4uHxYsc5K7mpeuA5+ST3AE
mmPOt4jxSH1z4r8QNtIr08R+mdXwoJ6elleBZMY3NEhi+Blbe52SOfwZCaISg9ut
V3RfuweJSSyuhNg2d66s1ctceRu1LQ03z5h61b/C1WXa9DbFU7a9gOfKtNb1EVUL
RD5/+BmMbxQleY39/xIkT3UY8RLVdfwi0qUhIl5u4cKXkCQ3y6wr7337Amy1+91F
j28bar2uI3Ls8htmv/BHyn9BqCWLkfAPGq3yt00yprLZ5qbK5vr2AS+mQIbJJq2D
sc4y6cQbgUY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org