Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LJ8-_UFNClrRF_B0xNKsboo7uig.roa
File:                     LJ8-_UFNClrRF_B0xNKsboo7uig.roa (raw, json)
Hash identifier:          QSaUuLGyjhW3ltobN/Ue0ml9SkeK2qHe5zgrqO843xI=
Subject key identifier:   2C:9F:3E:FD:41:4D:0A:5A:D1:17:F0:74:C4:D2:AC:6E:8A:3B:BA:28
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       01856E8B3E1D77EADEEB98B5D1769F429C06
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LJ8-_UFNClrRF_B0xNKsboo7uig.roa
Signing time:             Sun 01 Jan 2023 18:14:57 +0000
ROA not before:           Sun 01 Jan 2023 18:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        85.208.112.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:3e:1d:77:ea:de:eb:98:b5:d1:76:9f:42:9c:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  1 18:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c9f3efd414d0a5ad117f074c4d2ac6e8a3bba28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ac:69:21:a9:7d:11:03:a3:4a:f5:3f:f0:53:
                    5e:01:49:27:85:8c:4c:3e:d3:6f:1b:5c:17:8f:53:
                    3b:1b:19:5c:7d:28:c9:d3:dc:d1:87:16:3d:6a:2b:
                    13:6b:a7:22:b3:7f:d3:06:81:35:b8:77:6a:42:30:
                    df:90:4b:4e:fd:ad:50:a5:20:8e:3d:57:9c:d9:9a:
                    c1:98:17:0c:5f:c7:a2:b7:a7:b8:d8:3e:d0:e1:cf:
                    03:6a:1a:da:11:fc:1f:ca:d1:1b:24:8d:d4:14:08:
                    be:9f:86:44:37:ac:4a:92:8a:ca:5c:26:1d:0b:e1:
                    06:c2:dd:9f:4a:ef:b8:3c:fc:17:04:33:cc:6f:55:
                    84:8e:63:f6:1d:e0:13:ff:ac:fb:ff:8c:07:bd:8e:
                    d0:3a:26:0a:af:5b:b0:f1:08:1f:82:ec:7a:72:2a:
                    ef:69:cf:22:5c:dc:07:38:a3:d0:16:03:10:62:01:
                    af:10:43:65:32:69:ff:56:a9:4b:67:bb:69:2b:69:
                    d9:ca:1d:b3:a6:ab:b2:82:7a:2d:02:90:4e:7d:86:
                    34:37:96:5d:c1:a3:03:03:6b:70:19:67:18:4b:76:
                    f8:41:f8:8d:d5:de:af:92:6f:ba:24:ef:b3:7e:be:
                    bc:d0:4c:6c:fa:52:f6:fa:24:59:f6:1a:92:d7:10:
                    47:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:9F:3E:FD:41:4D:0A:5A:D1:17:F0:74:C4:D2:AC:6E:8A:3B:BA:28
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LJ8-_UFNClrRF_B0xNKsboo7uig.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:ff:e0:a2:e5:6c:54:2a:fc:97:3f:d4:60:8f:42:23:77:ad:
         07:2e:f9:74:a5:da:a5:ea:c7:ec:2e:5f:3d:dd:68:03:e5:10:
         fb:c1:fc:90:42:1f:26:dd:3b:c3:bf:ab:8f:65:53:86:b0:f1:
         7f:c3:bc:87:5b:45:75:eb:13:38:61:b2:73:f7:9e:d9:fc:c4:
         0c:14:59:37:4c:dc:65:7c:98:ce:04:ff:c4:9c:9f:da:eb:78:
         7d:ed:e3:1a:fe:59:2b:3d:71:ca:9d:65:6b:8f:29:da:93:df:
         e4:05:3a:95:28:b7:8c:ce:33:2f:ee:50:4d:d3:0e:1d:2c:08:
         36:08:ab:64:76:bc:bb:a5:98:34:22:78:0a:b0:32:47:7b:4e:
         68:70:b4:70:20:c9:f8:10:50:8f:1d:f8:e2:94:85:d8:0e:34:
         b0:be:43:89:a6:cc:cd:90:5d:71:0d:3c:f4:4c:0c:d9:c1:87:
         1d:4c:d0:57:13:93:59:e2:28:17:b6:fe:58:7d:de:5c:ea:94:
         98:fb:8f:7a:ad:a1:9c:1a:7a:01:84:d5:69:f9:2e:f4:10:1f:
         cf:10:96:0f:03:70:8f:b4:2d:ee:e1:5d:fd:ae:dd:3d:99:3e:
         2e:1c:ba:e8:09:55:97:0f:76:90:23:81:5f:03:da:ce:45:a9:
         db:9a:a3:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuiz4dd+re65i10XafQpwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzlmM2VmZDQxNGQwYTVhZDExN2YwNzRjNGQyYWM2ZThhM2JiYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaxpIal9EQOjSvU/8FNeAUknhYxM
PtNvG1wXj1M7GxlcfSjJ09zRhxY9aisTa6cis3/TBoE1uHdqQjDfkEtO/a1QpSCO
PVec2ZrBmBcMX8eit6e42D7Q4c8DahraEfwfytEbJI3UFAi+n4ZEN6xKkorKXCYd
C+EGwt2fSu+4PPwXBDPMb1WEjmP2HeAT/6z7/4wHvY7QOiYKr1uw8Qgfgux6cirv
ac8iXNwHOKPQFgMQYgGvEENlMmn/VqlLZ7tpK2nZyh2zpquygnotApBOfYY0N5Zd
waMDA2twGWcYS3b4QfiN1d6vkm+6JO+zfr680Exs+lL2+iRZ9hqS1xBHfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCyfPv1BTQpa0RfwdMTSrG6KO7ooMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTEo4LV9VRk5DbHJSRl9CMHhOS3Nib283dWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBwMA0G
CSqGSIb3DQEBCwUAA4IBAQAP/+Ci5WxUKvyXP9Rgj0Ijd60HLvl0pdql6sfsLl89
3WgD5RD7wfyQQh8m3TvDv6uPZVOGsPF/w7yHW0V16xM4YbJz957Z/MQMFFk3TNxl
fJjOBP/EnJ/a63h97eMa/lkrPXHKnWVrjynak9/kBTqVKLeMzjMv7lBN0w4dLAg2
CKtkdry7pZg0IngKsDJHe05ocLRwIMn4EFCPHfjilIXYDjSwvkOJpszNkF1xDTz0
TAzZwYcdTNBXE5NZ4igXtv5Yfd5c6pSY+496raGcGnoBhNVp+S70EB/PEJYPA3CP
tC3u4V39rt09mT4uHLroCVWXD3aQI4FfA9rORanbmqMX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org