Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/PF0N_lZnjBHqQT7J7AYO4RR4Mxc.roa
File:                     PF0N_lZnjBHqQT7J7AYO4RR4Mxc.roa (raw, json)
Hash identifier:          V+gu5JJ18pMHC9ht+swXRkQ2Q5JLIcecKjCQiGbnrWM=
Subject key identifier:   3C:5D:0D:FE:56:67:8C:11:EA:41:3E:C9:EC:06:0E:E1:14:78:33:17
Certificate issuer:       /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial:       018C4487F5A29E0A11D25C1BC38D1F44F252
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/PF0N_lZnjBHqQT7J7AYO4RR4Mxc.roa
Signing time:             Thu 07 Dec 2023 13:46:50 +0000
ROA not before:           Thu 07 Dec 2023 13:46:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207633
IP address blocks:        213.142.150.0/24 maxlen: 24
                          213.142.156.0/24 maxlen: 24
                          213.142.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:44:87:f5:a2:9e:0a:11:d2:5c:1b:c3:8d:1f:44:f2:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
        Validity
            Not Before: Dec  7 13:46:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3c5d0dfe56678c11ea413ec9ec060ee114783317
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ae:23:9b:26:e9:a0:7f:95:f7:67:92:28:65:
                    cd:11:dc:e0:4f:7a:d2:e4:dd:7d:09:5c:f9:cf:fc:
                    80:83:36:38:b1:00:bb:13:1c:0b:06:31:09:df:f5:
                    a3:42:ab:77:13:b8:12:30:78:4d:9b:27:d4:51:d5:
                    81:0c:0e:5a:01:d5:a6:68:99:7a:e0:39:50:76:61:
                    bf:5a:0d:e5:59:f0:44:51:57:42:0d:94:65:9e:94:
                    16:72:74:61:99:9c:54:32:f2:cc:88:e5:71:70:51:
                    ae:41:f9:6a:c1:9f:01:84:6f:c1:d9:9d:57:e9:a2:
                    ef:96:1c:79:20:39:f5:49:47:8d:9a:9c:f8:47:fe:
                    aa:8b:5d:34:bd:91:06:3b:84:cc:81:f7:95:f3:59:
                    1c:6a:f1:51:47:e8:c1:84:8a:94:a0:e8:dd:c2:de:
                    f7:58:e2:65:13:47:f0:22:5b:80:b6:0f:13:e6:4e:
                    e5:01:6b:a0:76:cd:96:47:33:c9:00:21:fc:7c:88:
                    1c:87:b7:14:09:c6:88:8e:cc:2e:88:42:7e:47:4a:
                    d0:7d:8e:35:5d:d6:35:e6:0c:18:92:16:3b:f0:67:
                    cb:89:a1:a2:f1:a8:01:fa:18:7a:f8:8b:91:86:61:
                    13:ce:c4:7f:60:f1:0a:a6:82:e7:a5:92:21:80:e4:
                    bf:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:5D:0D:FE:56:67:8C:11:EA:41:3E:C9:EC:06:0E:E1:14:78:33:17
            X509v3 Authority Key Identifier:
                keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/PF0N_lZnjBHqQT7J7AYO4RR4Mxc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.142.132.0/24
                  213.142.150.0/24
                  213.142.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:07:34:b2:3d:72:6e:15:00:be:a0:08:5f:b3:0f:32:2e:45:
         19:ca:c3:d0:95:24:7f:ca:55:36:6d:f2:7b:bc:aa:9c:0e:74:
         ea:e0:45:b4:2c:0b:9d:bb:da:28:4c:82:0f:73:30:20:09:f0:
         d8:62:5c:b3:c6:3b:97:a9:63:44:6e:dd:d2:04:47:4c:37:fa:
         43:32:87:08:58:37:2e:8f:24:a9:e1:c4:33:58:d8:04:9e:0a:
         df:2c:54:0c:73:6c:6a:2e:4d:57:df:59:4a:3f:71:63:a6:b2:
         9c:93:aa:03:ea:29:25:d2:26:ba:dd:af:56:37:d5:51:e3:f4:
         f5:d3:74:34:6f:64:9e:07:0f:1c:63:82:be:04:3f:de:65:ca:
         41:e7:59:e5:fc:7a:84:a6:bb:cd:9f:08:ce:da:bc:ec:88:bb:
         15:28:a6:b7:69:a9:fe:9b:ef:f2:eb:5b:dc:84:fb:3a:10:b0:
         81:7b:8e:06:32:3c:99:c7:ac:af:33:b8:d1:ec:fe:ef:bc:0f:
         f8:e3:a1:ee:74:bd:09:e8:4a:ed:04:fc:65:34:c2:83:c8:5a:
         bc:7a:44:dc:40:e0:8b:d5:ed:be:c4:7e:5b:b7:cc:cc:d8:ea:
         5b:f7:24:a8:bd:6b:62:25:0d:86:06:72:ed:aa:99:f7:80:a8:
         50:0c:93:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxEh/WingoR0lwbw40fRPJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMjA3MTM0NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzVkMGRmZTU2Njc4YzExZWE0MTNlYzllYzA2MGVlMTE0NzgzMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu64jmybpoH+V92eSKGXNEdzgT3rS
5N19CVz5z/yAgzY4sQC7ExwLBjEJ3/WjQqt3E7gSMHhNmyfUUdWBDA5aAdWmaJl6
4DlQdmG/Wg3lWfBEUVdCDZRlnpQWcnRhmZxUMvLMiOVxcFGuQflqwZ8BhG/B2Z1X
6aLvlhx5IDn1SUeNmpz4R/6qi100vZEGO4TMgfeV81kcavFRR+jBhIqUoOjdwt73
WOJlE0fwIluAtg8T5k7lAWugds2WRzPJACH8fIgch7cUCcaIjswuiEJ+R0rQfY41
XdY15gwYkhY78GfLiaGi8agB+hh6+IuRhmETzsR/YPEKpoLnpZIhgOS/6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDxdDf5WZ4wR6kE+yewGDuEUeDMXMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvUEYwTl9sWm5qQkhxUVQ3SjdBWU80UlI0TXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1Y6EAwQA
1Y6WAwQA1Y6cMA0GCSqGSIb3DQEBCwUAA4IBAQBJBzSyPXJuFQC+oAhfsw8yLkUZ
ysPQlSR/ylU2bfJ7vKqcDnTq4EW0LAudu9ooTIIPczAgCfDYYlyzxjuXqWNEbt3S
BEdMN/pDMocIWDcujySp4cQzWNgEngrfLFQMc2xqLk1X31lKP3FjprKck6oD6ikl
0ia63a9WN9VR4/T103Q0b2SeBw8cY4K+BD/eZcpB51nl/HqEprvNnwjO2rzsiLsV
KKa3aan+m+/y61vchPs6ELCBe44GMjyZx6yvM7jR7P7vvA/446HudL0J6ErtBPxl
NMKDyFq8ekTcQOCL1e2+xH5bt8zM2Opb9ySovWtiJQ2GBnLtqpn3gKhQDJPf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org