Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/lNnZuNVL3ZBK4tm9x9ylIEiyWxQ.roa
File:                     lNnZuNVL3ZBK4tm9x9ylIEiyWxQ.roa (raw, json)
Hash identifier:          almFeX1tS4uBzg7vPAyJXl3utVMPRp+B2zbC+/3/Ofo=
Subject key identifier:   94:D9:D9:B8:D5:4B:DD:90:4A:E2:D9:BD:C7:DC:A5:20:48:B2:5B:14
Certificate issuer:       /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial:       01857142D4332532C716E44BC53757FE1B49
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/lNnZuNVL3ZBK4tm9x9ylIEiyWxQ.roa
Signing time:             Mon 02 Jan 2023 06:54:43 +0000
ROA not before:           Mon 02 Jan 2023 06:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3356
IP address blocks:        81.88.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Jul 2023 13:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:42:d4:33:25:32:c7:16:e4:4b:c5:37:57:fe:1b:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
        Validity
            Not Before: Jan  2 06:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=94d9d9b8d54bdd904ae2d9bdc7dca52048b25b14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:fe:a1:95:17:08:6e:10:15:e6:a5:e8:b2:01:
                    dd:80:45:41:33:2c:b2:29:61:43:ca:e8:d0:ee:15:
                    5c:22:fd:22:40:fe:44:15:a8:d5:77:54:27:d5:c7:
                    11:69:e1:bc:7f:af:db:dd:e4:93:17:5d:b1:86:a8:
                    bb:2e:3c:81:cf:07:35:98:19:ce:90:d1:31:a7:ed:
                    ce:d6:fd:88:a4:07:55:49:9e:66:35:4e:f1:34:e8:
                    49:5e:0b:fc:4e:09:83:c9:ed:bc:1a:57:08:81:c6:
                    6e:bb:13:14:fe:2d:3a:19:8e:06:11:8b:6a:ea:b8:
                    68:54:62:d8:28:94:3c:12:92:c3:94:57:99:3d:c0:
                    be:57:f1:e2:94:ea:b0:cc:f6:29:85:49:f8:44:9a:
                    f2:30:6d:bf:41:95:7d:c1:36:a8:cf:aa:61:45:c6:
                    a5:63:b8:14:35:91:c8:6e:26:3d:a7:a0:7b:47:90:
                    6b:1f:30:54:21:99:c3:f3:3d:cb:dd:d5:f0:cd:be:
                    76:b2:89:ba:5c:99:6f:4f:ad:15:64:11:4e:7d:27:
                    37:4b:52:1c:35:4e:d9:62:fd:a0:35:d8:cc:52:b8:
                    e6:94:1f:b1:ea:78:00:0c:fc:01:33:d2:d4:22:bb:
                    43:b2:9e:9f:89:1c:2c:72:d0:65:24:3a:f0:5e:eb:
                    9c:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:D9:D9:B8:D5:4B:DD:90:4A:E2:D9:BD:C7:DC:A5:20:48:B2:5B:14
            X509v3 Authority Key Identifier:
                keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/lNnZuNVL3ZBK4tm9x9ylIEiyWxQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.88.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:37:d2:25:61:72:63:80:98:1f:d7:c7:79:e3:43:e6:1e:4f:
         71:01:59:83:c1:e3:05:62:b4:c9:95:11:f5:51:bc:7c:52:25:
         0b:89:a4:dd:2c:2c:5c:b9:14:c3:9d:5c:57:9f:52:39:1f:78:
         00:6d:f5:1a:b7:15:ca:18:13:aa:35:a9:3e:1f:d6:8a:8d:db:
         c5:65:1e:2a:9c:60:88:e2:b8:f8:89:0c:a3:e4:0d:66:53:2b:
         88:40:93:66:bf:27:0b:8e:58:e3:7e:96:b0:53:d6:50:2e:5c:
         dd:f0:37:6c:cc:5f:dd:fa:9c:9b:88:ae:76:e0:13:3d:c6:a2:
         7e:41:ca:58:81:de:d1:e5:5e:0f:26:2a:34:b2:20:86:77:8b:
         16:0d:2a:8c:4b:69:47:87:3f:04:b1:76:39:8c:f2:9e:11:6c:
         2a:86:69:05:00:f4:9a:8d:bc:6d:47:3f:2e:d9:43:a5:b8:59:
         bb:3d:24:af:7c:1d:58:ac:3d:37:df:38:8e:d3:12:aa:72:52:
         0d:7d:a3:dd:f9:bd:83:24:04:27:7b:3b:c8:0d:24:b4:6b:e9:
         a8:e4:8c:df:e5:00:90:11:48:f7:15:5c:4b:e1:a6:d1:a0:77:
         82:39:ca:10:04:93:fe:58:a9:b6:a0:83:4b:84:fc:d5:98:c8:
         b3:17:df:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxQtQzJTLHFuRLxTdX/htJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMTAyMDY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ5ZDliOGQ1NGJkZDkwNGFlMmQ5YmRjN2RjYTUyMDQ4YjI1YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/6hlRcIbhAV5qXosgHdgEVBMyyy
KWFDyujQ7hVcIv0iQP5EFajVd1Qn1ccRaeG8f6/b3eSTF12xhqi7LjyBzwc1mBnO
kNExp+3O1v2IpAdVSZ5mNU7xNOhJXgv8TgmDye28GlcIgcZuuxMU/i06GY4GEYtq
6rhoVGLYKJQ8EpLDlFeZPcC+V/HilOqwzPYphUn4RJryMG2/QZV9wTaoz6phRcal
Y7gUNZHIbiY9p6B7R5BrHzBUIZnD8z3L3dXwzb52som6XJlvT60VZBFOfSc3S1Ic
NU7ZYv2gNdjMUrjmlB+x6ngADPwBM9LUIrtDsp6fiRwsctBlJDrwXuucHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTZ2bjVS92QSuLZvcfcpSBIslsUMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvbE5uWnVOVkwzWkJLNHRtOXg5eWxJRWl5V3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUVgVMA0G
CSqGSIb3DQEBCwUAA4IBAQBQN9IlYXJjgJgf18d540PmHk9xAVmDweMFYrTJlRH1
Ubx8UiULiaTdLCxcuRTDnVxXn1I5H3gAbfUatxXKGBOqNak+H9aKjdvFZR4qnGCI
4rj4iQyj5A1mUyuIQJNmvycLjljjfpawU9ZQLlzd8DdszF/d+pybiK524BM9xqJ+
QcpYgd7R5V4PJio0siCGd4sWDSqMS2lHhz8EsXY5jPKeEWwqhmkFAPSajbxtRz8u
2UOluFm7PSSvfB1YrD033ziO0xKqclINfaPd+b2DJAQnezvIDSS0a+mo5Izf5QCQ
EUj3FVxL4abRoHeCOcoQBJP+WKm2oINLhPzVmMizF9/v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org