Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/f70db4-62ea-49db-8319-cdfa60122690/1/ixjBWiqJvCkaDrBhrvpWs-am8QA.roa
File:                     ixjBWiqJvCkaDrBhrvpWs-am8QA.roa (raw, json)
Hash identifier:          duseXosoW4gMtUNQKGdTw68AkbEKY/I8jerAon80WjY=
Subject key identifier:   8B:18:C1:5A:2A:89:BC:29:1A:0E:B0:61:AE:FA:56:B3:E6:A6:F1:00
Certificate issuer:       /CN=de51da32762a6f9c126d63ba705d62c050b8484e
Certificate serial:       01856BD35C74952602AEA5CDF34C746E8E46
Authority key identifier: DE:51:DA:32:76:2A:6F:9C:12:6D:63:BA:70:5D:62:C0:50:B8:48:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3lHaMnYqb5wSbWO6cF1iwFC4SE4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/f70db4-62ea-49db-8319-cdfa60122690/1/ixjBWiqJvCkaDrBhrvpWs-am8QA.roa
Signing time:             Sun 01 Jan 2023 05:34:51 +0000
ROA not before:           Sun 01 Jan 2023 05:34:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205914
IP address blocks:        185.72.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:d3:5c:74:95:26:02:ae:a5:cd:f3:4c:74:6e:8e:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de51da32762a6f9c126d63ba705d62c050b8484e
        Validity
            Not Before: Jan  1 05:34:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b18c15a2a89bc291a0eb061aefa56b3e6a6f100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:b7:94:ee:11:85:19:fb:dc:94:07:90:bb:bd:
                    6d:fb:5b:2d:1f:ca:c3:36:2b:eb:74:f1:33:f4:62:
                    fb:c2:24:1d:14:d1:65:ed:c0:bd:ea:75:b0:84:a7:
                    ab:3c:30:1d:2c:62:f7:d7:0d:fa:67:22:cb:5c:90:
                    e1:97:c9:ca:ba:39:59:c9:f4:dc:04:06:09:b8:e4:
                    09:e7:94:0f:08:24:b4:d7:14:ca:af:38:8a:46:3b:
                    6d:86:95:98:68:c7:06:dc:d7:ce:dc:ac:5e:08:21:
                    30:66:7c:9f:03:80:7d:bf:bb:be:e2:64:b7:65:94:
                    dd:fd:23:99:d8:3c:dd:60:5b:0e:2b:01:0b:e0:76:
                    fc:61:97:8d:1b:bd:ee:0d:a6:d2:3f:5f:12:fe:8b:
                    57:ab:16:6b:92:d9:c5:e5:be:6c:b8:cc:13:0b:3b:
                    85:93:2a:31:0b:c7:e3:e8:77:a7:1f:b7:0e:f2:73:
                    47:b5:72:29:26:a6:01:2f:f3:cb:2d:e0:66:3f:e2:
                    16:df:ba:0c:b2:b7:d6:83:54:e6:44:f8:c3:8a:a8:
                    13:e9:02:89:5d:a5:22:e9:31:21:67:3a:b0:8a:df:
                    5e:a1:d7:b4:fd:32:ce:86:80:f1:60:49:18:87:e3:
                    79:4a:b6:a6:3c:ce:8c:db:56:fa:0e:e6:3a:c2:d2:
                    17:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:18:C1:5A:2A:89:BC:29:1A:0E:B0:61:AE:FA:56:B3:E6:A6:F1:00
            X509v3 Authority Key Identifier:
                keyid:DE:51:DA:32:76:2A:6F:9C:12:6D:63:BA:70:5D:62:C0:50:B8:48:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3lHaMnYqb5wSbWO6cF1iwFC4SE4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f70db4-62ea-49db-8319-cdfa60122690/1/ixjBWiqJvCkaDrBhrvpWs-am8QA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f70db4-62ea-49db-8319-cdfa60122690/1/3lHaMnYqb5wSbWO6cF1iwFC4SE4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.72.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:7d:ee:b4:c6:5a:49:00:b1:98:a6:46:54:27:d6:8f:ba:67:
         68:ec:0c:33:4d:38:1a:ef:ae:31:82:82:f7:41:a5:b5:8d:32:
         32:e1:32:ae:69:68:5e:34:c9:53:89:82:ca:20:b3:ed:c8:05:
         60:53:3e:9c:31:c0:8a:ad:b1:8e:09:de:e4:36:5b:02:92:f4:
         5f:c8:50:57:5e:da:ec:cd:cd:ef:60:c7:ab:48:d5:29:86:b4:
         59:ca:81:37:87:00:5d:d8:2c:c1:f3:42:7c:85:cf:f5:79:ff:
         34:55:6d:93:9a:77:88:97:85:39:f3:6c:7d:98:3b:50:6f:ef:
         6b:ed:a2:20:6c:e1:04:ac:a2:34:a4:48:f7:81:71:31:1c:be:
         78:9c:dc:24:1d:22:1a:a7:40:ab:6b:d6:d0:27:ff:b8:bb:d4:
         32:4d:57:c6:ec:55:f7:80:3c:17:99:66:62:b2:f0:5d:99:3e:
         74:76:c2:84:81:6a:95:00:af:5d:2c:b9:be:07:c8:3d:08:12:
         2f:dd:05:14:0d:86:0b:80:82:d8:63:46:38:09:9d:1f:05:71:
         8d:df:42:88:4c:6e:22:e3:dc:ae:a7:85:ff:3b:63:07:d8:bd:
         02:5f:40:43:14:b5:74:6c:b3:2f:fa:85:d8:8b:59:b8:8c:05:
         fb:ce:c5:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr01x0lSYCrqXN80x0bo5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNTFkYTMyNzYyYTZmOWMxMjZkNjNiYTcwNWQ2MmMwNTBi
ODQ4NGUwHhcNMjMwMTAxMDUzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjE4YzE1YTJhODliYzI5MWEwZWIwNjFhZWZhNTZiM2U2YTZmMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibeU7hGFGfvclAeQu71t+1stH8rD
NivrdPEz9GL7wiQdFNFl7cC96nWwhKerPDAdLGL31w36ZyLLXJDhl8nKujlZyfTc
BAYJuOQJ55QPCCS01xTKrziKRjtthpWYaMcG3NfO3KxeCCEwZnyfA4B9v7u+4mS3
ZZTd/SOZ2DzdYFsOKwEL4Hb8YZeNG73uDabSP18S/otXqxZrktnF5b5suMwTCzuF
kyoxC8fj6HenH7cO8nNHtXIpJqYBL/PLLeBmP+IW37oMsrfWg1TmRPjDiqgT6QKJ
XaUi6TEhZzqwit9eode0/TLOhoDxYEkYh+N5SramPM6M21b6DuY6wtIX7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsYwVoqibwpGg6wYa76VrPmpvEAMB8GA1UdIwQY
MBaAFN5R2jJ2Km+cEm1junBdYsBQuEhOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2xIYU1uWXFiNXdTYldPNmNGMWl3RkM0U0U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9mNzBkYjQtNjJlYS00OWRiLTgzMTkt
Y2RmYTYwMTIyNjkwLzEvaXhqQldpcUp2Q2thRHJCaHJ2cFdzLWFtOFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9mNzBkYjQtNjJlYS00OWRiLTgzMTktY2RmYTYwMTIyNjkw
LzEvM2xIYU1uWXFiNXdTYldPNmNGMWl3RkM0U0U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUgTMA0G
CSqGSIb3DQEBCwUAA4IBAQA6fe60xlpJALGYpkZUJ9aPumdo7AwzTTga764xgoL3
QaW1jTIy4TKuaWheNMlTiYLKILPtyAVgUz6cMcCKrbGOCd7kNlsCkvRfyFBXXtrs
zc3vYMerSNUphrRZyoE3hwBd2CzB80J8hc/1ef80VW2TmneIl4U582x9mDtQb+9r
7aIgbOEErKI0pEj3gXExHL54nNwkHSIap0Cra9bQJ/+4u9QyTVfG7FX3gDwXmWZi
svBdmT50dsKEgWqVAK9dLLm+B8g9CBIv3QUUDYYLgILYY0Y4CZ0fBXGN30KITG4i
49yup4X/O2MH2L0CX0BDFLV0bLMv+oXYi1m4jAX7zsWE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:54 2024 by rpki-client on console-ams.rpki-client.org