Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/FW-4mhgEf9PqKbA7ZSkxiBizAMA.roa
File:                     FW-4mhgEf9PqKbA7ZSkxiBizAMA.roa (raw, json)
Hash identifier:          Qy72gE5UwoAsCm/KQUjn3XEff9TZ8YnxE8laYpZuUGk=
Subject key identifier:   15:6F:B8:9A:18:04:7F:D3:EA:29:B0:3B:65:29:31:88:18:B3:00:C0
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       018A5683FAEE227D42BD5766B427E54CEB3F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/FW-4mhgEf9PqKbA7ZSkxiBizAMA.roa
Signing time:             Sat 02 Sep 2023 15:30:04 +0000
ROA not before:           Sat 02 Sep 2023 15:30:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28920
IP address blocks:        149.126.12.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:56:83:fa:ee:22:7d:42:bd:57:66:b4:27:e5:4c:eb:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Sep  2 15:30:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=156fb89a18047fd3ea29b03b6529318818b300c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8c:d0:9a:91:11:9f:d1:1d:a9:1d:be:dd:61:
                    6e:fa:3f:dc:da:07:2a:9e:e5:3c:59:57:8e:05:c6:
                    e4:93:3b:9f:5c:dd:b8:8a:8d:dd:1c:40:61:9b:a5:
                    2d:f1:24:ce:d2:55:a3:db:da:f5:90:6b:d9:d9:78:
                    bf:fe:7c:eb:ac:e9:3a:b8:b2:1e:31:76:a4:35:df:
                    66:06:1b:cd:fa:47:0f:d5:b7:f7:d9:59:d3:47:1f:
                    48:1b:f7:67:b4:37:12:9f:32:51:7e:3e:d7:1c:3a:
                    6b:d8:0e:d1:61:d1:e2:7f:b1:da:04:8e:d9:2c:87:
                    5f:cf:86:34:a5:1f:6c:99:e4:69:50:58:ba:70:41:
                    2e:8f:b9:d2:44:eb:97:9c:dd:a6:4b:74:e0:3a:b5:
                    5a:be:6e:77:0a:23:18:be:5e:ec:02:cc:37:3d:17:
                    ae:6b:f3:4a:19:df:b8:00:fd:68:62:bb:b1:f3:e6:
                    32:ab:4c:13:08:4e:b1:73:57:7d:18:32:47:22:4e:
                    a7:2a:31:e0:c1:fb:ea:2b:48:6a:37:71:0a:16:2d:
                    8f:3b:3c:20:e8:4c:8d:6c:be:79:53:6f:b9:b9:b1:
                    83:49:35:44:c5:a9:e4:a4:64:dc:1c:94:5c:37:48:
                    d2:09:f6:63:6c:f8:68:cf:3c:4e:bb:dc:85:51:e2:
                    9a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:6F:B8:9A:18:04:7F:D3:EA:29:B0:3B:65:29:31:88:18:B3:00:C0
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/FW-4mhgEf9PqKbA7ZSkxiBizAMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.126.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:76:7b:b8:cc:ef:40:ce:47:64:ce:58:81:7c:61:4b:ab:f6:
         b8:40:73:7d:64:72:d2:51:f8:59:d7:ee:3b:45:45:01:6c:04:
         f4:2e:ed:09:47:3d:48:76:b3:cb:09:72:fe:34:b6:02:dc:3f:
         4b:22:35:02:b5:0c:d7:d5:f2:d0:aa:15:17:20:3b:14:89:b7:
         c3:08:9b:72:a7:47:99:33:99:09:e8:0c:03:9a:79:e6:ed:cd:
         c2:9e:4e:95:5a:fa:5b:f1:88:40:2c:08:3c:a2:3c:05:dc:8f:
         28:04:a9:72:b3:ca:ec:f0:53:a4:2c:5a:9c:c9:cc:61:5c:35:
         5d:87:42:de:29:4a:53:94:da:16:0a:95:63:87:90:91:e4:62:
         6a:45:3e:87:75:ce:73:b3:ef:07:0b:97:fd:39:da:7c:b3:66:
         d0:95:51:f2:c5:30:3c:a4:c2:78:d6:df:31:e0:ed:82:b6:23:
         b7:39:7d:21:29:34:09:93:c1:6f:76:e2:0f:ca:2f:b2:d9:1f:
         03:31:c8:6d:bd:ce:fd:25:f6:44:c7:b5:b4:c0:93:2e:e7:d2:
         ea:63:c8:eb:e3:4e:74:7e:f6:bd:16:f5:14:2c:40:27:d8:e2:
         fd:ca:96:bb:38:da:f6:df:53:83:ec:ec:20:f3:b7:24:83:ab:
         2a:e4:18:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpWg/ruIn1CvVdmtCflTOs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwOTAyMTUzMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZmYjg5YTE4MDQ3ZmQzZWEyOWIwM2I2NTI5MzE4ODE4YjMwMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4zQmpERn9EdqR2+3WFu+j/c2gcq
nuU8WVeOBcbkkzufXN24io3dHEBhm6Ut8STO0lWj29r1kGvZ2Xi//nzrrOk6uLIe
MXakNd9mBhvN+kcP1bf32VnTRx9IG/dntDcSnzJRfj7XHDpr2A7RYdHif7HaBI7Z
LIdfz4Y0pR9smeRpUFi6cEEuj7nSROuXnN2mS3TgOrVavm53CiMYvl7sAsw3PReu
a/NKGd+4AP1oYrux8+Yyq0wTCE6xc1d9GDJHIk6nKjHgwfvqK0hqN3EKFi2POzwg
6EyNbL55U2+5ubGDSTVExankpGTcHJRcN0jSCfZjbPhozzxOu9yFUeKaowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVvuJoYBH/T6imwO2UpMYgYswDAMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvRlctNG1oZ0VmOVBxS2JBN1pTa3hpQml6QU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlX4MMA0G
CSqGSIb3DQEBCwUAA4IBAQB8dnu4zO9AzkdkzliBfGFLq/a4QHN9ZHLSUfhZ1+47
RUUBbAT0Lu0JRz1IdrPLCXL+NLYC3D9LIjUCtQzX1fLQqhUXIDsUibfDCJtyp0eZ
M5kJ6AwDmnnm7c3Cnk6VWvpb8YhALAg8ojwF3I8oBKlys8rs8FOkLFqcycxhXDVd
h0LeKUpTlNoWCpVjh5CR5GJqRT6Hdc5zs+8HC5f9Odp8s2bQlVHyxTA8pMJ41t8x
4O2CtiO3OX0hKTQJk8FvduIPyi+y2R8DMchtvc79JfZEx7W0wJMu59LqY8jr4050
fva9FvUULEAn2OL9ypa7ONr231OD7Owg87ckg6sq5BhR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org