Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gN2a_vDzFMPlOAHrN1zVk1FAmHQ.roa
File:                     gN2a_vDzFMPlOAHrN1zVk1FAmHQ.roa (raw, json)
Hash identifier:          WQ0dDTQkvRGesCLKxqSguZLZYAbIs8zO1mxgVN+xJWE=
Subject key identifier:   80:DD:9A:FE:F0:F3:14:C3:E5:38:01:EB:37:5C:D5:93:51:40:98:74
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       018571E7A94128B386A61174F21E80EE4A35
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gN2a_vDzFMPlOAHrN1zVk1FAmHQ.roa
Signing time:             Mon 02 Jan 2023 09:54:45 +0000
ROA not before:           Mon 02 Jan 2023 09:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     140947
IP address blocks:        88.151.61.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 21 Jan 2023 11:38:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:e7:a9:41:28:b3:86:a6:11:74:f2:1e:80:ee:4a:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jan  2 09:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80dd9afef0f314c3e53801eb375cd59351409874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:0d:07:ac:21:1a:68:a8:84:19:f3:da:94:00:
                    0d:f5:c4:99:7c:e3:15:d6:9f:e9:af:44:9f:67:83:
                    f5:50:1e:1b:3c:cc:b5:49:d6:af:85:24:7b:e4:96:
                    ef:45:4e:9a:44:e1:dd:97:0d:bd:a5:6f:5e:64:88:
                    d7:88:54:95:23:41:e8:78:b1:82:1d:33:6e:7b:62:
                    56:5e:66:ad:37:91:d3:4e:27:ea:45:79:dc:22:e4:
                    d9:74:3c:28:8d:43:a8:7f:03:fe:9f:80:20:19:2d:
                    fd:6d:28:84:ec:ca:2d:db:8e:56:be:cd:b2:4a:42:
                    c9:3e:9c:cb:b2:de:35:cc:c9:b2:a4:d3:f6:a1:9f:
                    37:3f:0a:ef:b6:4e:c8:28:7d:53:c6:75:d5:4f:35:
                    1b:94:5c:de:35:5e:ac:23:07:c8:9a:18:44:c0:10:
                    9e:dc:33:cd:04:b0:0d:c6:bb:7b:3b:e1:b5:7c:0b:
                    ed:01:4f:56:f8:52:37:12:91:20:db:45:57:c6:f9:
                    b3:88:29:28:7f:d4:41:e2:e0:c5:4f:f7:6f:25:db:
                    59:3a:24:a8:9d:92:d0:ee:7f:f8:7b:7d:71:6d:4c:
                    14:e6:7d:ec:6f:86:79:b5:ad:65:78:91:67:85:6f:
                    d7:c6:2b:c2:e8:32:d3:58:ac:20:7c:4d:6c:ae:39:
                    ac:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:DD:9A:FE:F0:F3:14:C3:E5:38:01:EB:37:5C:D5:93:51:40:98:74
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gN2a_vDzFMPlOAHrN1zVk1FAmHQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.151.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:c7:ab:92:3a:2c:24:69:59:91:08:2c:52:dd:d3:f0:d3:c0:
         40:4a:1c:b5:50:ae:40:3a:2d:5c:6b:21:95:40:3c:f9:18:47:
         e4:60:06:66:9a:5d:f8:fe:0d:20:e5:42:af:e4:14:2e:cd:bd:
         e9:7d:24:c5:f8:e3:66:97:33:0a:d4:d1:51:5c:d9:ca:e8:90:
         95:a4:09:fd:f6:c7:97:31:97:ef:a9:e0:84:b9:2f:9f:f5:01:
         6d:21:e7:27:58:f8:57:1a:30:0c:a3:51:18:da:3c:7e:c7:a8:
         2e:9a:a7:82:d6:83:ef:44:7c:8b:6f:ac:4f:d5:92:c8:cc:32:
         fb:52:95:4b:21:8e:6f:9e:ca:22:51:de:03:e8:07:b4:6d:13:
         d1:ae:24:7b:68:6e:79:20:a0:ae:e8:6a:21:9f:53:f4:17:ac:
         44:67:aa:27:98:9b:54:ad:43:dc:5d:4f:9b:1a:0d:3d:5d:0c:
         5e:ac:1f:c0:18:08:b6:94:00:04:f8:06:60:f2:c4:68:a9:4c:
         7f:1d:7f:6b:39:89:39:92:91:2f:df:55:d8:d9:b9:f9:cf:00:
         ae:67:fc:76:50:de:6b:e7:6f:6f:31:76:48:13:c7:22:b2:7a:
         b1:cb:83:00:39:a0:80:53:1e:e8:fa:e1:c7:57:63:54:ff:89:
         45:95:87:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx56lBKLOGphF08h6A7ko1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGRkOWFmZWYwZjMxNGMzZTUzODAxZWIzNzVjZDU5MzUxNDA5ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA0HrCEaaKiEGfPalAAN9cSZfOMV
1p/pr0SfZ4P1UB4bPMy1SdavhSR75JbvRU6aROHdlw29pW9eZIjXiFSVI0HoeLGC
HTNue2JWXmatN5HTTifqRXncIuTZdDwojUOofwP+n4AgGS39bSiE7Mot245Wvs2y
SkLJPpzLst41zMmypNP2oZ83Pwrvtk7IKH1TxnXVTzUblFzeNV6sIwfImhhEwBCe
3DPNBLANxrt7O+G1fAvtAU9W+FI3EpEg20VXxvmziCkof9RB4uDFT/dvJdtZOiSo
nZLQ7n/4e31xbUwU5n3sb4Z5ta1leJFnhW/XxivC6DLTWKwgfE1srjms6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDdmv7w8xTD5TgB6zdc1ZNRQJh0MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZ04yYV92RHpGTVBsT0FIck4xelZrMUZBbUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJc9MA0G
CSqGSIb3DQEBCwUAA4IBAQCgx6uSOiwkaVmRCCxS3dPw08BAShy1UK5AOi1cayGV
QDz5GEfkYAZmml34/g0g5UKv5BQuzb3pfSTF+ONmlzMK1NFRXNnK6JCVpAn99seX
MZfvqeCEuS+f9QFtIecnWPhXGjAMo1EY2jx+x6gumqeC1oPvRHyLb6xP1ZLIzDL7
UpVLIY5vnsoiUd4D6Ae0bRPRriR7aG55IKCu6Gohn1P0F6xEZ6onmJtUrUPcXU+b
Gg09XQxerB/AGAi2lAAE+AZg8sRoqUx/HX9rOYk5kpEv31XY2bn5zwCuZ/x2UN5r
529vMXZIE8cisnqxy4MAOaCAUx7o+uHHV2NU/4lFlYe+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org