Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5e4f7a-0a1c-4f07-b2da-673de700f112/1/V4THMWNQFJ_Vf8yQ-98d546c-DA.roa
File:                     V4THMWNQFJ_Vf8yQ-98d546c-DA.roa (raw, json)
Hash identifier:          DLRBxrEvSQ3SkRXNEhF/f28RBgBT4VR8+Ecxrl7ZSN0=
Subject key identifier:   57:84:C7:31:63:50:14:9F:D5:7F:CC:90:FB:DF:1D:E7:8E:9C:F8:30
Certificate issuer:       /CN=58ce32a57bd4169e5bddb498aa5507ef834e4772
Certificate serial:       0185720C7B3CD72612FA0CE6B8FA77EC8B13
Authority key identifier: 58:CE:32:A5:7B:D4:16:9E:5B:DD:B4:98:AA:55:07:EF:83:4E:47:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WM4ypXvUFp5b3bSYqlUH74NOR3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5e4f7a-0a1c-4f07-b2da-673de700f112/1/V4THMWNQFJ_Vf8yQ-98d546c-DA.roa
Signing time:             Mon 02 Jan 2023 10:34:58 +0000
ROA not before:           Mon 02 Jan 2023 10:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398464
IP address blocks:        195.64.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:7b:3c:d7:26:12:fa:0c:e6:b8:fa:77:ec:8b:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58ce32a57bd4169e5bddb498aa5507ef834e4772
        Validity
            Not Before: Jan  2 10:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5784c7316350149fd57fcc90fbdf1de78e9cf830
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:fe:3d:69:d4:54:66:a2:66:e3:72:2c:a2:78:
                    95:d1:22:d7:29:b2:04:fc:95:75:1d:4c:7a:da:f7:
                    2d:81:97:51:aa:d0:d1:0f:f6:24:1a:cf:d1:93:a2:
                    af:62:13:d8:47:fc:c7:3e:36:6f:cf:b2:a9:95:79:
                    c6:12:66:46:3c:c6:64:10:6e:a9:a1:95:d8:a9:cb:
                    a2:7c:6e:f9:e3:b8:98:08:25:a2:99:22:8c:21:60:
                    41:23:0c:1f:30:5c:01:2d:7d:4d:0d:07:e8:8f:36:
                    36:aa:30:64:c3:36:05:c5:d0:2d:c8:97:25:4e:90:
                    0a:09:9d:31:52:5e:e8:e5:5b:7e:1d:24:3f:a7:cf:
                    6b:3a:c4:33:00:92:5b:01:8c:59:2b:8e:0c:bb:87:
                    9a:8a:9e:8d:79:de:3f:35:35:02:96:b9:6a:28:7d:
                    b5:60:d9:3a:29:93:53:13:82:43:80:9d:85:6d:eb:
                    c7:fd:ae:b4:bd:c9:65:0e:f2:61:04:bf:b1:52:64:
                    64:4e:fb:2e:8b:60:63:9c:1e:70:fe:ec:38:58:67:
                    c0:32:e6:c9:0e:97:c9:ec:1f:4a:8e:5b:cd:6e:19:
                    6c:b0:d9:79:7c:c9:e1:a6:2a:ad:c3:c6:04:37:2a:
                    6d:d6:8c:e7:77:f7:7c:83:c9:d8:7c:e0:0a:97:ce:
                    d2:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:84:C7:31:63:50:14:9F:D5:7F:CC:90:FB:DF:1D:E7:8E:9C:F8:30
            X509v3 Authority Key Identifier:
                keyid:58:CE:32:A5:7B:D4:16:9E:5B:DD:B4:98:AA:55:07:EF:83:4E:47:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WM4ypXvUFp5b3bSYqlUH74NOR3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5e4f7a-0a1c-4f07-b2da-673de700f112/1/V4THMWNQFJ_Vf8yQ-98d546c-DA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5e4f7a-0a1c-4f07-b2da-673de700f112/1/WM4ypXvUFp5b3bSYqlUH74NOR3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.64.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:c5:f5:dc:9a:35:bb:39:8f:d2:44:ba:da:e9:27:c8:9d:c4:
         a4:fb:9b:1c:da:38:18:0f:f2:63:be:a6:5f:5b:7f:dc:15:86:
         0c:8b:7f:e1:b2:2c:b3:a1:e7:b3:ff:7d:52:09:3f:15:77:f2:
         65:c5:e4:64:d2:ff:55:4a:01:5c:6a:9f:f5:07:0c:bb:04:88:
         b1:c3:e2:07:21:bd:8a:59:8a:1a:c7:f7:20:24:55:36:d6:05:
         7c:93:58:5d:48:81:32:4c:ab:37:e3:01:16:0d:e3:ac:67:10:
         bc:33:8d:92:da:b7:c4:44:cf:5f:91:2f:cf:9b:35:64:c7:8c:
         89:24:fd:07:3f:30:74:23:07:82:71:3b:de:6b:91:44:7f:3c:
         69:47:82:ae:df:fe:68:80:0c:6c:53:80:38:74:ac:53:f3:60:
         6c:ba:be:1f:d9:18:da:51:89:7a:02:c1:9d:91:bd:a3:25:41:
         fc:6b:e6:c8:6f:cb:d5:ea:b2:da:97:51:50:5c:ea:fa:11:6a:
         98:19:31:5a:a6:fe:1f:ce:ad:f5:4f:99:80:f4:22:3d:15:62:
         40:30:f2:d5:f9:38:84:91:9d:fb:e0:92:fd:09:2b:dd:ec:aa:
         4d:28:0a:b3:60:e8:25:c1:5c:2b:8d:b6:87:aa:93:ef:a7:82:
         4d:88:8c:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDHs81yYS+gzmuPp37IsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4Y2UzMmE1N2JkNDE2OWU1YmRkYjQ5OGFhNTUwN2VmODM0
ZTQ3NzIwHhcNMjMwMTAyMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Nzg0YzczMTYzNTAxNDlmZDU3ZmNjOTBmYmRmMWRlNzhlOWNmODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif49adRUZqJm43IsoniV0SLXKbIE
/JV1HUx62vctgZdRqtDRD/YkGs/Rk6KvYhPYR/zHPjZvz7KplXnGEmZGPMZkEG6p
oZXYqcuifG7547iYCCWimSKMIWBBIwwfMFwBLX1NDQfojzY2qjBkwzYFxdAtyJcl
TpAKCZ0xUl7o5Vt+HSQ/p89rOsQzAJJbAYxZK44Mu4eaip6Ned4/NTUClrlqKH21
YNk6KZNTE4JDgJ2FbevH/a60vcllDvJhBL+xUmRkTvsui2BjnB5w/uw4WGfAMubJ
DpfJ7B9KjlvNbhlssNl5fMnhpiqtw8YENypt1oznd/d8g8nYfOAKl87SnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFeExzFjUBSf1X/MkPvfHeeOnPgwMB8GA1UdIwQY
MBaAFFjOMqV71BaeW920mKpVB++DTkdyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV000eXBYdlVGcDViM2JTWXFsVUg3NE5PUjNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZTRmN2EtMGExYy00ZjA3LWIyZGEt
NjczZGU3MDBmMTEyLzEvVjRUSE1XTlFGSl9WZjh5US05OGQ1NDZjLURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZTRmN2EtMGExYy00ZjA3LWIyZGEtNjczZGU3MDBmMTEy
LzEvV000eXBYdlVGcDViM2JTWXFsVUg3NE5PUjNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B3MA0G
CSqGSIb3DQEBCwUAA4IBAQBjxfXcmjW7OY/SRLra6SfIncSk+5sc2jgYD/JjvqZf
W3/cFYYMi3/hsiyzoeez/31SCT8Vd/JlxeRk0v9VSgFcap/1Bwy7BIixw+IHIb2K
WYoax/cgJFU21gV8k1hdSIEyTKs34wEWDeOsZxC8M42S2rfERM9fkS/PmzVkx4yJ
JP0HPzB0IweCcTvea5FEfzxpR4Ku3/5ogAxsU4A4dKxT82Bsur4f2RjaUYl6AsGd
kb2jJUH8a+bIb8vV6rLal1FQXOr6EWqYGTFapv4fzq31T5mA9CI9FWJAMPLV+TiE
kZ374JL9CSvd7KpNKAqzYOglwVwrjbaHqpPvp4JNiIzy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:01 2024 by rpki-client on console-fra.rpki-client.org