Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/a8HbNShiN_h7pIfmT_rE5oF6SHU.roa
File:                     a8HbNShiN_h7pIfmT_rE5oF6SHU.roa (raw, json)
Hash identifier:          LdQjMHorTU3frrsOkG03gqIZ50HgiA3AqCIJGjIX8kM=
Subject key identifier:   6B:C1:DB:35:28:62:37:F8:7B:A4:87:E6:4F:FA:C4:E6:81:7A:48:75
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C33AA5C31220C2D39F8C3FC056A2E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/a8HbNShiN_h7pIfmT_rE5oF6SHU.roa
Signing time:             Mon 02 Jan 2023 05:55:03 +0000
ROA not before:           Mon 02 Jan 2023 05:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204154
IP address blocks:        185.172.129.0/24 maxlen: 24
                          185.200.191.0/24 maxlen: 24
                          46.17.107.0/24 maxlen: 24
                          2a04:5201:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:33:aa:5c:31:22:0c:2d:39:f8:c3:fc:05:6a:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6bc1db35286237f87ba487e64ffac4e6817a4875
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:32:9a:fe:f6:86:41:42:f1:67:c7:96:a5:66:
                    f7:bb:15:03:7e:23:47:1f:dd:fc:5b:0e:b7:fc:ce:
                    d0:31:0b:62:63:22:40:67:04:90:09:fd:66:23:f9:
                    eb:4c:be:af:f5:c0:3a:04:26:21:6d:d3:28:64:c2:
                    c1:c0:49:a0:26:4e:bc:90:eb:6d:51:01:7d:50:ab:
                    7b:8a:6b:a0:3d:88:67:dd:29:57:06:98:30:68:00:
                    94:af:69:b3:ab:40:5e:e5:2e:1f:60:d7:d9:1d:4f:
                    76:e2:d5:e1:22:5a:9c:c3:e3:0d:69:bc:7d:36:ac:
                    aa:a8:d8:c7:22:35:af:c4:64:a0:d3:3d:47:18:36:
                    cb:1d:2c:82:70:a3:7d:86:63:78:b4:19:a2:e8:df:
                    97:a9:2d:a0:5a:42:97:34:90:da:25:1e:41:82:3a:
                    f7:52:79:67:6b:54:3b:4e:34:e5:e9:0e:52:6f:b5:
                    cb:f6:b3:d5:4d:f8:b0:73:6f:e1:be:bd:d1:6e:25:
                    0c:91:8e:ae:53:60:eb:66:e8:0a:8d:e8:84:dd:f0:
                    a1:38:c3:82:b9:65:d7:60:f5:47:69:9a:f5:ab:c1:
                    f4:8c:fd:0f:d9:f5:ab:29:b3:08:e5:43:4a:73:78:
                    58:55:fc:a0:62:9e:cf:af:70:2b:1b:b1:29:a4:5c:
                    44:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:C1:DB:35:28:62:37:F8:7B:A4:87:E6:4F:FA:C4:E6:81:7A:48:75
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/a8HbNShiN_h7pIfmT_rE5oF6SHU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.17.107.0/24
                  185.172.129.0/24
                  185.200.191.0/24
                IPv6:
                  2a04:5201:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         44:0f:e4:05:ab:a8:41:bb:30:a5:9f:54:94:9c:64:ed:37:26:
         f0:38:93:c1:d1:2b:86:6c:cf:43:3f:f9:49:1a:32:a0:a7:e0:
         75:c7:69:05:08:ed:4b:bc:d0:66:d5:66:b5:18:59:f1:c7:e3:
         3a:c1:ed:1f:d2:d0:0a:10:8d:60:6d:39:78:5c:dd:de:cd:98:
         55:17:0f:2a:f7:3d:cb:6a:fa:9f:41:6a:6d:de:a1:d9:1e:3b:
         7a:cb:a6:e5:cb:3e:1b:52:ee:40:3e:ec:5f:92:a6:73:dd:32:
         64:ab:39:59:f7:57:6c:67:79:ff:e8:22:f7:ce:b4:e8:be:9e:
         a6:31:0f:ad:18:81:e7:67:3e:65:c6:7b:74:d9:0d:bf:38:11:
         f2:11:1f:69:e3:86:ae:48:93:35:4a:17:da:94:fb:5c:e8:cb:
         f6:ce:6f:d6:06:39:54:6f:d0:10:27:a4:41:8e:3b:72:73:5e:
         97:da:71:a5:87:ec:b4:35:1e:ae:b7:63:57:10:b0:5b:12:f8:
         5f:0d:72:4f:00:85:70:58:77:03:74:b0:1f:a8:5a:09:31:83:
         6e:36:dc:95:73:e7:23:b8:4a:83:13:89:bc:85:bf:60:6e:8d:
         4e:61:4b:e8:35:fb:cd:7e:ba:c7:0d:2a:f0:b9:bd:d5:92:81:
         c1:12:59:79
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVxDDOqXDEiDC05+MP8BWouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmMxZGIzNTI4NjIzN2Y4N2JhNDg3ZTY0ZmZhYzRlNjgxN2E0ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTKa/vaGQULxZ8eWpWb3uxUDfiNH
H938Ww63/M7QMQtiYyJAZwSQCf1mI/nrTL6v9cA6BCYhbdMoZMLBwEmgJk68kOtt
UQF9UKt7imugPYhn3SlXBpgwaACUr2mzq0Be5S4fYNfZHU924tXhIlqcw+MNabx9
NqyqqNjHIjWvxGSg0z1HGDbLHSyCcKN9hmN4tBmi6N+XqS2gWkKXNJDaJR5Bgjr3
Unlna1Q7TjTl6Q5Sb7XL9rPVTfiwc2/hvr3RbiUMkY6uU2DrZugKjeiE3fChOMOC
uWXXYPVHaZr1q8H0jP0P2fWrKbMI5UNKc3hYVfygYp7Pr3ArG7EppFxEuQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGvB2zUoYjf4e6SH5k/6xOaBekh1MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYThIYk5TaGlOX2g3cElmbVRfckU1b0Y2U0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALhFrAwQA
uayBAwQAuci/MA8EAgACMAkDBwAqBFIBAAEwDQYJKoZIhvcNAQELBQADggEBAEQP
5AWrqEG7MKWfVJScZO03JvA4k8HRK4Zsz0M/+UkaMqCn4HXHaQUI7Uu80GbVZrUY
WfHH4zrB7R/S0AoQjWBtOXhc3d7NmFUXDyr3Pctq+p9Bam3eodkeO3rLpuXLPhtS
7kA+7F+SpnPdMmSrOVn3V2xnef/oIvfOtOi+nqYxD60YgednPmXGe3TZDb84EfIR
H2njhq5IkzVKF9qU+1zoy/bOb9YGOVRv0BAnpEGOO3JzXpfacaWH7LQ1Hq63Y1cQ
sFsS+F8Nck8AhXBYdwN0sB+oWgkxg2423JVz5yO4SoMTibyFv2BujU5hS+g1+81+
uscNKvC5vdWSgcESWXk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org