Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/NtLOBIFc4qkT8bcv509XB4EVj4E.roa
File:                     NtLOBIFc4qkT8bcv509XB4EVj4E.roa (raw, json)
Hash identifier:          yUOMqsmBzhb706u3eL16SnXYWSmihn9M6RkeJiVtPds=
Subject key identifier:   36:D2:CE:04:81:5C:E2:A9:13:F1:B7:2F:E7:4F:57:07:81:15:8F:81
Certificate issuer:       /CN=00642b607b94a143ff41c554c913bd5a651f8c05
Certificate serial:       018708C38F9F923E2E5E1D585ED34FE14680
Authority key identifier: 00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/NtLOBIFc4qkT8bcv509XB4EVj4E.roa
Signing time:             Wed 22 Mar 2023 10:00:46 +0000
ROA not before:           Wed 22 Mar 2023 10:00:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29119
IP address blocks:        93.119.18.0/24 maxlen: 24
                          188.240.194.0/23 maxlen: 23
                          195.189.209.0/24 maxlen: 24
                          5.8.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:08:c3:8f:9f:92:3e:2e:5e:1d:58:5e:d3:4f:e1:46:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00642b607b94a143ff41c554c913bd5a651f8c05
        Validity
            Not Before: Mar 22 10:00:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36d2ce04815ce2a913f1b72fe74f570781158f81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:4c:5e:ae:51:15:8f:0e:d4:ae:c1:c1:ad:ed:
                    f4:47:7f:ae:84:43:b8:a8:bf:5e:d2:c3:7c:1f:c8:
                    17:1f:83:11:85:26:e9:e0:f9:b0:92:4b:09:88:ba:
                    8b:4b:0a:f4:d3:96:dd:81:7a:30:e3:c0:9f:00:a5:
                    33:d4:c4:3a:88:1e:e2:d9:fe:0e:9e:f8:0b:ad:79:
                    b4:3b:fb:c8:a4:08:4f:bc:71:f9:83:83:87:47:93:
                    fd:80:b1:af:75:ce:f2:e0:9a:c3:7e:2b:d7:c1:40:
                    95:97:39:83:a4:58:30:cb:88:7c:dc:da:0f:4b:e8:
                    79:c5:65:40:f9:05:7f:c6:b2:22:eb:4d:64:19:c8:
                    25:06:c7:95:d5:f6:6b:b4:dd:f8:18:70:d1:74:0c:
                    66:4f:a5:c3:d2:8b:8b:37:5b:83:c4:7c:9b:43:1a:
                    80:75:14:8e:e5:1f:78:88:37:b3:3f:7e:e9:7f:bb:
                    45:4c:4d:24:e6:ef:f6:77:cf:97:7d:b5:ea:e1:0f:
                    68:33:1c:f4:7b:54:4a:c2:89:b8:09:c6:c2:0f:47:
                    dd:7c:ba:48:fd:9f:02:ba:37:24:2a:7b:dd:e9:04:
                    f1:06:5a:81:af:2b:e6:85:bc:1e:46:0c:e4:93:db:
                    50:0b:49:c8:e7:d3:40:7a:7c:b8:ce:83:f7:f3:9a:
                    77:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D2:CE:04:81:5C:E2:A9:13:F1:B7:2F:E7:4F:57:07:81:15:8F:81
            X509v3 Authority Key Identifier:
                keyid:00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/NtLOBIFc4qkT8bcv509XB4EVj4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/AGQrYHuUoUP_QcVUyRO9WmUfjAU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.255.0/24
                  93.119.18.0/24
                  188.240.194.0/23
                  195.189.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:67:c8:c7:3d:5a:84:19:11:69:b8:6b:87:94:27:9d:37:cb:
         f0:d8:38:9a:0a:e2:4e:a9:1e:f1:3c:65:bb:ca:5a:c7:e1:a7:
         d9:4b:b6:10:15:1d:0f:e5:ff:9b:32:41:04:5c:73:0d:bd:c1:
         2f:79:37:df:9e:64:d3:68:b2:99:6b:f4:8a:4f:47:a7:14:f0:
         d6:33:e9:e0:3e:24:2b:fd:98:c0:ee:84:7f:53:fb:ea:db:1a:
         25:fb:2f:ab:71:43:0b:12:c0:22:b7:74:a0:c6:a5:d8:39:d0:
         d3:1e:93:5f:12:89:b3:60:db:9d:5f:7a:d5:c7:bb:e1:5a:13:
         d7:a7:32:b5:09:83:b6:fb:b3:3f:c4:c8:9d:36:e0:7a:54:cc:
         f5:09:5c:b0:fb:39:fc:72:b9:53:87:d7:94:a4:87:7b:e4:8c:
         bf:9c:7b:8e:66:34:62:ac:45:27:5e:09:40:3c:bb:8e:e3:63:
         ab:16:fa:fd:5f:03:fc:40:b2:ee:9e:bb:f0:06:26:82:ec:32:
         3a:05:7c:a0:38:7b:b8:10:14:dc:db:33:da:9b:2b:fe:a4:31:
         ed:b7:39:e1:c0:a3:02:8c:76:4c:c2:41:24:90:6d:56:94:52:
         28:2a:ce:79:94:2a:1b:47:66:26:02:17:8e:8c:38:fd:6e:1c:
         b9:7a:ce:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcIw4+fkj4uXh1YXtNP4UaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNjQyYjYwN2I5NGExNDNmZjQxYzU1NGM5MTNiZDVhNjUx
ZjhjMDUwHhcNMjMwMzIyMTAwMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQyY2UwNDgxNWNlMmE5MTNmMWI3MmZlNzRmNTcwNzgxMTU4ZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoExerlEVjw7UrsHBre30R3+uhEO4
qL9e0sN8H8gXH4MRhSbp4PmwkksJiLqLSwr005bdgXow48CfAKUz1MQ6iB7i2f4O
nvgLrXm0O/vIpAhPvHH5g4OHR5P9gLGvdc7y4JrDfivXwUCVlzmDpFgwy4h83NoP
S+h5xWVA+QV/xrIi601kGcglBseV1fZrtN34GHDRdAxmT6XD0ouLN1uDxHybQxqA
dRSO5R94iDezP37pf7tFTE0k5u/2d8+XfbXq4Q9oMxz0e1RKwom4CcbCD0fdfLpI
/Z8CujckKnvd6QTxBlqBryvmhbweRgzkk9tQC0nI59NAeny4zoP385p3LwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDbSzgSBXOKpE/G3L+dPVweBFY+BMB8GA1UdIwQY
MBaAFABkK2B7lKFD/0HFVMkTvVplH4wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUt
MTliYzdiZGNjYmMxLzEvTnRMT0JJRmM0cWtUOGJjdjUwOVhCNEVWajRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUtMTliYzdiZGNjYmMx
LzEvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABQj/AwQA
XXcSAwQBvPDCAwQAw73RMA0GCSqGSIb3DQEBCwUAA4IBAQCCZ8jHPVqEGRFpuGuH
lCedN8vw2DiaCuJOqR7xPGW7ylrH4afZS7YQFR0P5f+bMkEEXHMNvcEveTffnmTT
aLKZa/SKT0enFPDWM+ngPiQr/ZjA7oR/U/vq2xol+y+rcUMLEsAit3SgxqXYOdDT
HpNfEomzYNudX3rVx7vhWhPXpzK1CYO2+7M/xMidNuB6VMz1CVyw+zn8crlTh9eU
pId75Iy/nHuOZjRirEUnXglAPLuO42OrFvr9XwP8QLLunrvwBiaC7DI6BXygOHu4
EBTc2zPamyv+pDHttznhwKMCjHZMwkEkkG1WlFIoKs55lCobR2YmAheOjDj9bhy5
es5c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:50 2024 by rpki-client on console-fra.rpki-client.org