Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/tDkiUWVOOUi6sDybJ3_mABFGME0.roa
File:                     tDkiUWVOOUi6sDybJ3_mABFGME0.roa (raw, json)
Hash identifier:          xotSG0uR1QF2pC4qTMIXDff5yc+np23dLbhT4hlqjfw=
Subject key identifier:   B4:39:22:51:65:4E:39:48:BA:B0:3C:9B:27:7F:E6:00:11:46:30:4D
Certificate issuer:       /CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f
Certificate serial:       01856D01BEB1A85BD26CA9AA1D737C896C17
Authority key identifier: 1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/tDkiUWVOOUi6sDybJ3_mABFGME0.roa
Signing time:             Sun 01 Jan 2023 11:05:08 +0000
ROA not before:           Sun 01 Jan 2023 11:05:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43500
IP address blocks:        212.46.44.0/24 maxlen: 24
                          185.130.209.0/24 maxlen: 24
                          185.130.210.0/23 maxlen: 24
                          195.189.144.0/24 maxlen: 24
                          2a12:b40::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 18 Jul 2023 08:31:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:be:b1:a8:5b:d2:6c:a9:aa:1d:73:7c:89:6c:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f
        Validity
            Not Before: Jan  1 11:05:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b4392251654e3948bab03c9b277fe6001146304d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b9:ce:ed:bc:e3:ee:e5:12:06:33:0e:0f:02:
                    c8:fd:66:95:6b:52:2e:46:ee:e6:21:b9:79:c5:b5:
                    0d:5b:80:7b:bd:07:ba:7d:b2:82:36:62:a6:12:7c:
                    b2:3e:3d:ef:66:02:52:71:65:e9:a9:bd:cd:5c:7c:
                    f9:d6:01:ab:be:fd:a2:ce:33:2a:29:ef:b0:20:09:
                    57:27:dc:3c:67:78:a4:57:76:1d:aa:72:a7:f3:bf:
                    bd:ec:fd:a6:df:cb:e6:6e:d7:a0:00:9c:db:95:8e:
                    be:bf:e7:2c:98:a2:14:f1:ad:d2:5b:75:94:16:a2:
                    46:32:a0:3a:b3:95:7b:57:0b:68:af:42:f3:e3:14:
                    ed:51:c9:80:94:84:1f:e6:86:b8:00:fe:18:1a:22:
                    fb:51:b3:f3:38:c4:11:dd:76:da:23:9a:c0:d6:7e:
                    44:a3:a1:ff:61:62:06:44:ae:17:b8:1e:0e:e3:cb:
                    16:1b:7a:ed:7e:e5:ed:25:b5:aa:60:12:ee:aa:cd:
                    80:83:a6:ff:91:c7:02:73:52:1e:40:ab:67:5d:6c:
                    33:20:54:ce:cc:52:65:ee:cd:59:9a:43:40:a7:87:
                    c0:9c:ca:d7:c5:af:d2:f0:0d:5c:47:58:4c:21:c4:
                    7a:c8:41:2f:54:66:2f:22:eb:fe:af:38:12:d4:2f:
                    d8:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:39:22:51:65:4E:39:48:BA:B0:3C:9B:27:7F:E6:00:11:46:30:4D
            X509v3 Authority Key Identifier:
                keyid:1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/tDkiUWVOOUi6sDybJ3_mABFGME0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.209.0-185.130.211.255
                  195.189.144.0/24
                  212.46.44.0/24
                IPv6:
                  2a12:b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         34:7f:5a:0e:22:cb:f4:b5:59:3f:1f:e2:00:f6:c4:8e:5e:72:
         69:fb:6a:34:68:2a:b1:dd:89:1a:33:76:d6:d7:2a:0d:e8:cc:
         8d:a5:d0:cc:fd:03:03:f5:2b:5d:6f:c1:20:72:4a:8b:0b:de:
         02:0f:7c:9c:2a:0e:91:5e:66:80:df:31:87:39:0a:f4:53:a7:
         4a:e1:ec:6e:3c:db:b2:9a:6a:d4:d4:73:64:5c:2a:59:b5:34:
         74:31:e2:1a:12:c3:d2:5d:92:2a:89:bb:0c:43:c4:dd:85:71:
         4b:4b:e7:e6:a1:ce:84:e5:0a:8f:0d:4e:59:29:fc:ff:ce:08:
         4b:b9:4f:b4:35:58:15:eb:02:47:52:25:e6:62:5b:3a:f5:5e:
         a2:3b:39:15:ce:26:15:7b:9e:40:3a:ed:76:fd:cd:05:f0:14:
         09:66:e2:63:00:cf:dd:1a:fb:ba:99:58:0f:09:8a:f1:b6:c7:
         fd:ac:66:99:8d:37:1a:cc:4f:cf:b3:b5:57:02:72:2e:6d:f3:
         d9:69:ad:64:11:79:d9:14:00:c1:a0:08:24:d3:5f:24:ab:91:
         56:ed:3c:1d:23:96:24:bc:02:ed:c5:21:55:49:30:0d:0e:5d:
         4e:c9:3f:40:4f:ed:b5:f4:ac:db:39:9d:b7:d5:15:4f:eb:e3:
         29:17:3a:e1
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVtAb6xqFvSbKmqHXN8iWwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzhiMTgzNmRlY2FiNGZmNWJkZmE1ZTM3N2EzZGY4N2Yx
OGZjMGYwHhcNMjMwMTAxMTEwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDM5MjI1MTY1NGUzOTQ4YmFiMDNjOWIyNzdmZTYwMDExNDYzMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbnO7bzj7uUSBjMODwLI/WaVa1Iu
Ru7mIbl5xbUNW4B7vQe6fbKCNmKmEnyyPj3vZgJScWXpqb3NXHz51gGrvv2izjMq
Ke+wIAlXJ9w8Z3ikV3YdqnKn87+97P2m38vmbtegAJzblY6+v+csmKIU8a3SW3WU
FqJGMqA6s5V7Vwtor0Lz4xTtUcmAlIQf5oa4AP4YGiL7UbPzOMQR3XbaI5rA1n5E
o6H/YWIGRK4XuB4O48sWG3rtfuXtJbWqYBLuqs2Ag6b/kccCc1IeQKtnXWwzIFTO
zFJl7s1ZmkNAp4fAnMrXxa/S8A1cR1hMIcR6yEEvVGYvIuv+rzgS1C/YLQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLQ5IlFlTjlIurA8myd/5gARRjBNMB8GA1UdIwQY
MBaAFBx4sYNt7KtP9b36Xjd6Pfh/GPwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhpeGcyM3NxMF8xdmZwZU4zbzktSDhZX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jNjE1MmQtMWM5MC00MGNjLWEyMDYt
ZWMzY2IzNmQxMDI2LzEvdERraVVXVk9PVWk2c0R5YkozX21BQkZHTUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jNjE1MmQtMWM5MC00MGNjLWEyMDYtZWMzY2IzNmQxMDI2
LzEvSEhpeGcyM3NxMF8xdmZwZU4zbzktSDhZX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAC5gtED
BAK5gtADBADDvZADBADULiwwDQQCAAIwBwMFAyoSC0AwDQYJKoZIhvcNAQELBQAD
ggEBADR/Wg4iy/S1WT8f4gD2xI5ecmn7ajRoKrHdiRozdtbXKg3ozI2l0Mz9AwP1
K11vwSBySosL3gIPfJwqDpFeZoDfMYc5CvRTp0rh7G4827KaatTUc2RcKlm1NHQx
4hoSw9JdkiqJuwxDxN2FcUtL5+ahzoTlCo8NTlkp/P/OCEu5T7Q1WBXrAkdSJeZi
Wzr1XqI7ORXOJhV7nkA67Xb9zQXwFAlm4mMAz90a+7qZWA8JivG2x/2sZpmNNxrM
T8+ztVcCci5t89lprWQRedkUAMGgCCTTXySrkVbtPB0jliS8Au3FIVVJMA0OXU7J
P0BP7bX0rNs5nbfVFU/r4ykXOuE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:02 2024 by rpki-client on console-ams.rpki-client.org