Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PuaLkp8sYMf4c8uZHJGaWQjX3kc.roa
File:                     PuaLkp8sYMf4c8uZHJGaWQjX3kc.roa (raw, json)
Hash identifier:          yyJKP4uVAKcCPgXF9hKx4WshdwGUxsBM7Ued1JHHu98=
Subject key identifier:   3E:E6:8B:92:9F:2C:60:C7:F8:73:CB:99:1C:91:9A:59:08:D7:DE:47
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018CC8DE7E89796540EC398E1E6A9873AB16
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PuaLkp8sYMf4c8uZHJGaWQjX3kc.roa
Signing time:             Tue 02 Jan 2024 06:31:13 +0000
ROA not before:           Tue 02 Jan 2024 06:31:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     174
IP address blocks:        85.208.112.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Feb 2024 11:40:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:7e:89:79:65:40:ec:39:8e:1e:6a:98:73:ab:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  2 06:31:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3ee68b929f2c60c7f873cb991c919a5908d7de47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:3f:93:b6:87:e1:72:41:95:13:9e:0d:02:ec:
                    40:a9:ce:cc:a6:bd:16:da:62:1f:e7:98:a9:80:c4:
                    84:8d:8e:f1:57:f5:04:25:65:17:a7:76:a8:8a:8f:
                    39:9c:5f:e5:19:6f:b9:4e:11:7b:98:60:0d:ac:d6:
                    19:51:d3:fa:29:28:68:68:14:76:7f:e7:da:20:b7:
                    c3:d1:8f:9f:a6:84:33:a3:70:c1:8e:2b:0b:30:54:
                    38:cc:77:dd:00:23:f3:31:72:74:4c:8a:f8:82:42:
                    4e:b1:24:7a:9d:04:d5:30:13:08:c9:a0:23:a3:58:
                    6a:9b:31:27:77:61:39:f6:a7:45:94:13:fe:39:97:
                    29:d1:2f:f3:c7:47:94:3a:dd:8c:58:1b:26:7b:7b:
                    4b:50:9c:e9:1d:84:26:02:39:d0:c8:9a:73:e3:b1:
                    79:bf:80:37:5b:9d:6d:99:cf:02:3f:a0:5b:69:32:
                    9a:8b:8f:b0:90:99:88:4c:d6:ee:83:84:f6:76:20:
                    a0:b9:ce:c6:c9:79:9e:72:aa:9f:72:f7:12:27:d8:
                    b4:ab:b5:30:bb:54:13:ac:42:49:45:45:a8:62:36:
                    7d:21:89:8e:b5:4a:c7:a2:9f:a5:37:80:dd:9d:c9:
                    71:dd:7f:b6:7a:1f:f2:8b:c3:2a:01:f2:b5:b2:37:
                    29:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:E6:8B:92:9F:2C:60:C7:F8:73:CB:99:1C:91:9A:59:08:D7:DE:47
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PuaLkp8sYMf4c8uZHJGaWQjX3kc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:8b:c3:bb:54:5d:21:b4:c1:6e:a7:fe:d7:c2:60:8e:ef:28:
         c1:be:65:71:da:63:ce:e5:d2:f1:90:2f:26:cd:f1:97:e3:eb:
         9a:73:5b:93:4a:da:2a:b2:5a:f8:3b:0e:f6:ff:15:ca:62:18:
         86:a3:91:6e:55:a8:7a:4f:aa:59:32:32:ea:87:e8:ef:1e:e9:
         8d:5b:6f:65:69:b9:df:b7:2f:b7:01:bf:5a:a9:be:10:71:af:
         b6:09:21:df:fe:d7:20:97:02:00:0d:fa:7c:1f:56:1b:23:93:
         10:64:00:2a:13:ce:79:91:2c:72:ad:a1:73:96:5b:e6:1d:f2:
         49:c4:f1:37:b4:71:28:9e:2b:94:82:c8:81:92:96:03:ba:ef:
         dc:8a:39:0b:60:3e:80:57:69:6e:ae:ce:fa:11:a8:aa:b0:16:
         5c:15:40:68:5e:bc:56:e9:ee:e9:8b:49:74:4d:bc:f5:2d:00:
         3d:80:ee:0e:83:c5:6b:86:cc:8d:e1:12:ab:ff:e3:3f:e0:89:
         89:f6:0e:48:a2:a6:a6:24:81:64:01:f4:66:79:7a:4d:17:c6:
         87:7f:22:60:54:39:f7:d0:05:3d:9b:f3:74:f2:1a:4a:9b:79:
         54:84:22:92:27:ac:bd:f4:5b:4d:65:cd:04:6e:e3:ef:4f:0f:
         2c:24:1c:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3n6JeWVA7DmOHmqYc6sWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU2OGI5MjlmMmM2MGM3Zjg3M2NiOTkxYzkxOWE1OTA4ZDdkZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9T+TtofhckGVE54NAuxAqc7Mpr0W
2mIf55ipgMSEjY7xV/UEJWUXp3aoio85nF/lGW+5ThF7mGANrNYZUdP6KShoaBR2
f+faILfD0Y+fpoQzo3DBjisLMFQ4zHfdACPzMXJ0TIr4gkJOsSR6nQTVMBMIyaAj
o1hqmzEnd2E59qdFlBP+OZcp0S/zx0eUOt2MWBsme3tLUJzpHYQmAjnQyJpz47F5
v4A3W51tmc8CP6BbaTKai4+wkJmITNbug4T2diCguc7GyXmecqqfcvcSJ9i0q7Uw
u1QTrEJJRUWoYjZ9IYmOtUrHop+lN4Ddnclx3X+2eh/yi8MqAfK1sjcpHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD7mi5KfLGDH+HPLmRyRmlkI195HMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvUHVhTGtwOHNZTWY0Yzh1WkhKR2FXUWpYM2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBwMA0G
CSqGSIb3DQEBCwUAA4IBAQDMi8O7VF0htMFup/7XwmCO7yjBvmVx2mPO5dLxkC8m
zfGX4+uac1uTStoqslr4Ow72/xXKYhiGo5FuVah6T6pZMjLqh+jvHumNW29labnf
ty+3Ab9aqb4Qca+2CSHf/tcglwIADfp8H1YbI5MQZAAqE855kSxyraFzllvmHfJJ
xPE3tHEoniuUgsiBkpYDuu/cijkLYD6AV2lurs76EaiqsBZcFUBoXrxW6e7pi0l0
Tbz1LQA9gO4Og8VrhsyN4RKr/+M/4ImJ9g5IoqamJIFkAfRmeXpNF8aHfyJgVDn3
0AU9m/N08hpKm3lUhCKSJ6y99FtNZc0EbuPvTw8sJBxH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org