Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/1aaf5d-4e6f-4974-bfe4-c572cf867cbf/1/zCztnGsYgbPFciuuRMiSJ2Z7LG0.roa
File:                     zCztnGsYgbPFciuuRMiSJ2Z7LG0.roa (raw, json)
Hash identifier:          G34nnzw2eHKEPAl0eQPWCyEqn86KHfkokqE1/7FkqIo=
Subject key identifier:   CC:2C:ED:9C:6B:18:81:B3:C5:72:2B:AE:44:C8:92:27:66:7B:2C:6D
Certificate issuer:       /CN=d540ab185cf399de6cdb3ca45ded296b6be68fea
Certificate serial:       018B04096347E3305ACBA90B2CAC81EA6ED9
Authority key identifier: D5:40:AB:18:5C:F3:99:DE:6C:DB:3C:A4:5D:ED:29:6B:6B:E6:8F:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1UCrGFzzmd5s2zykXe0pa2vmj-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/1aaf5d-4e6f-4974-bfe4-c572cf867cbf/1/zCztnGsYgbPFciuuRMiSJ2Z7LG0.roa
Signing time:             Fri 06 Oct 2023 08:10:05 +0000
ROA not before:           Fri 06 Oct 2023 08:10:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28920
IP address blocks:        91.231.144.0/24 maxlen: 24
                          2a06:2e00::/29 maxlen: 29
                          2a0b:67c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:04:09:63:47:e3:30:5a:cb:a9:0b:2c:ac:81:ea:6e:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d540ab185cf399de6cdb3ca45ded296b6be68fea
        Validity
            Not Before: Oct  6 08:10:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cc2ced9c6b1881b3c5722bae44c89227667b2c6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d2:b8:f9:26:97:e0:cb:48:c6:1a:2f:26:b1:
                    f6:d6:8c:9e:49:95:7e:e7:20:9b:c9:b5:0a:29:fa:
                    d0:98:d3:74:04:4a:e8:d3:52:42:3f:85:26:4b:8e:
                    94:62:a9:bf:60:97:45:2b:29:85:d1:3f:ce:2c:05:
                    58:6d:9d:e2:62:dc:d6:4c:df:f7:d5:60:35:05:f0:
                    0d:4d:0d:07:2d:85:5e:69:d7:9b:14:b1:ec:00:ad:
                    53:8b:fc:f9:a0:96:7a:03:f1:f4:c4:7d:65:80:ca:
                    c8:62:e0:dc:08:35:e9:d0:5a:d4:d1:46:96:e1:d7:
                    6e:bf:f5:cb:29:fd:60:da:7c:10:6f:93:1e:fd:24:
                    88:04:66:82:f5:ae:50:97:f3:20:da:58:e2:b9:82:
                    bc:18:cf:8b:9c:2b:26:7a:fe:f6:0e:88:fc:1a:ef:
                    42:ac:04:7b:2d:a6:14:ee:50:c5:db:31:7b:da:6c:
                    b7:fd:df:d2:ee:d4:22:cf:bb:b5:61:13:04:25:c1:
                    ee:e0:4b:6c:03:0a:13:11:0f:c6:bd:e1:5e:29:9f:
                    61:d9:e1:54:b5:46:9e:62:ff:66:4f:53:db:e4:a9:
                    81:86:94:b7:a4:51:d6:91:df:e1:22:e9:df:db:71:
                    fd:b3:27:b8:86:ea:b9:84:b8:80:b5:12:19:85:ba:
                    bd:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:2C:ED:9C:6B:18:81:B3:C5:72:2B:AE:44:C8:92:27:66:7B:2C:6D
            X509v3 Authority Key Identifier:
                keyid:D5:40:AB:18:5C:F3:99:DE:6C:DB:3C:A4:5D:ED:29:6B:6B:E6:8F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1UCrGFzzmd5s2zykXe0pa2vmj-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/1aaf5d-4e6f-4974-bfe4-c572cf867cbf/1/zCztnGsYgbPFciuuRMiSJ2Z7LG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/1aaf5d-4e6f-4974-bfe4-c572cf867cbf/1/1UCrGFzzmd5s2zykXe0pa2vmj-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.231.144.0/24
                IPv6:
                  2a06:2e00::/29
                  2a0b:67c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         06:1f:d5:b7:c2:b6:26:42:6f:2e:4c:82:48:6c:3e:25:e9:12:
         32:8a:a4:c3:7b:8a:9a:ea:e4:be:82:a7:a8:1e:a5:e6:9d:6f:
         1d:07:91:fb:e4:9f:8d:5d:e4:88:06:13:23:6f:66:3a:a5:8c:
         09:9e:bd:7a:f7:bd:28:08:4b:39:22:4b:1f:d1:4e:b9:5b:bd:
         0a:aa:ae:be:e8:ef:b4:d3:79:03:e8:19:a9:1d:35:12:ea:bd:
         6e:cc:78:b8:f4:9a:6f:b7:28:87:25:c4:02:84:a1:77:c1:8a:
         0f:48:dc:d1:12:cb:ae:4a:2b:05:b6:02:12:e5:08:b9:89:32:
         68:82:e4:22:ad:a7:db:85:07:3a:c0:0d:e6:00:77:a9:5f:a5:
         69:7e:42:01:b7:95:ce:ad:23:f8:67:45:6c:67:19:2e:b7:96:
         f2:9a:52:fa:43:e5:e9:fd:d5:7f:df:1d:b0:24:fe:34:de:86:
         da:20:e0:0d:6a:fc:50:03:77:3b:95:77:7c:fd:27:1c:22:47:
         dc:3d:46:b7:d4:a3:82:77:7f:33:f9:b9:97:68:0b:77:db:4c:
         16:2f:64:3e:9d:af:c0:8b:27:97:1c:23:07:46:b9:c6:0c:e2:
         d5:85:07:6d:f6:5e:9c:6c:2e:c3:6a:cd:f0:e6:e7:97:49:60:
         78:30:8b:d1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYsECWNH4zBay6kLLKyB6m7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NDBhYjE4NWNmMzk5ZGU2Y2RiM2NhNDVkZWQyOTZiNmJl
NjhmZWEwHhcNMjMxMDA2MDgxMDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzJjZWQ5YzZiMTg4MWIzYzU3MjJiYWU0NGM4OTIyNzY2N2IyYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNK4+SaX4MtIxhovJrH21oyeSZV+
5yCbybUKKfrQmNN0BEro01JCP4UmS46UYqm/YJdFKymF0T/OLAVYbZ3iYtzWTN/3
1WA1BfANTQ0HLYVeadebFLHsAK1Ti/z5oJZ6A/H0xH1lgMrIYuDcCDXp0FrU0UaW
4dduv/XLKf1g2nwQb5Me/SSIBGaC9a5Ql/Mg2ljiuYK8GM+LnCsmev72Doj8Gu9C
rAR7LaYU7lDF2zF72my3/d/S7tQiz7u1YRMEJcHu4EtsAwoTEQ/GveFeKZ9h2eFU
tUaeYv9mT1Pb5KmBhpS3pFHWkd/hIunf23H9sye4huq5hLiAtRIZhbq9RwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMws7ZxrGIGzxXIrrkTIkidmeyxtMB8GA1UdIwQY
MBaAFNVAqxhc85nebNs8pF3tKWtr5o/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVVDckdGenptZDVzMnp5a1hlMHBhMnZtai1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8xYWFmNWQtNGU2Zi00OTc0LWJmZTQt
YzU3MmNmODY3Y2JmLzEvekN6dG5Hc1lnYlBGY2l1dVJNaVNKMlo3TEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8xYWFmNWQtNGU2Zi00OTc0LWJmZTQtYzU3MmNmODY3Y2Jm
LzEvMVVDckdGenptZDVzMnp5a1hlMHBhMnZtai1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAW+eQMBQE
AgACMA4DBQMqBi4AAwUDKgtnwDANBgkqhkiG9w0BAQsFAAOCAQEABh/Vt8K2JkJv
LkyCSGw+JekSMoqkw3uKmurkvoKnqB6l5p1vHQeR++SfjV3kiAYTI29mOqWMCZ69
eve9KAhLOSJLH9FOuVu9CqquvujvtNN5A+gZqR01Euq9bsx4uPSab7cohyXEAoSh
d8GKD0jc0RLLrkorBbYCEuUIuYkyaILkIq2n24UHOsAN5gB3qV+laX5CAbeVzq0j
+GdFbGcZLreW8ppS+kPl6f3Vf98dsCT+NN6G2iDgDWr8UAN3O5V3fP0nHCJH3D1G
t9Sjgnd/M/m5l2gLd9tMFi9kPp2vwIsnlxwjB0a5xgzi1YUHbfZenGwuw2rN8Obn
l0lgeDCL0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:01 2024 by rpki-client on console-ams.rpki-client.org