Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ebb83a-0126-43c0-b9ea-32dd53640b9c/1/rlH5cmyp0OFmrsa_hCyASuLfzCM.roa
File:                     rlH5cmyp0OFmrsa_hCyASuLfzCM.roa (raw, json)
Hash identifier:          9xJOOSwZu1jLyZOINyvpzGeoq/32kWnKKYCN35AGoBo=
Subject key identifier:   AE:51:F9:72:6C:A9:D0:E1:66:AE:C6:BF:84:2C:80:4A:E2:DF:CC:23
Certificate issuer:       /CN=1d8eab93530cfd50da7fb7da5eba0aa440c9ef0c
Certificate serial:       01856F6FFD4A6E7FB911DE3EBBEFBEE7ADE3
Authority key identifier: 1D:8E:AB:93:53:0C:FD:50:DA:7F:B7:DA:5E:BA:0A:A4:40:C9:EF:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HY6rk1MM_VDaf7faXroKpEDJ7ww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/ebb83a-0126-43c0-b9ea-32dd53640b9c/1/rlH5cmyp0OFmrsa_hCyASuLfzCM.roa
Signing time:             Sun 01 Jan 2023 22:24:48 +0000
ROA not before:           Sun 01 Jan 2023 22:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209956
IP address blocks:        217.119.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:6f:fd:4a:6e:7f:b9:11:de:3e:bb:ef:be:e7:ad:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8eab93530cfd50da7fb7da5eba0aa440c9ef0c
        Validity
            Not Before: Jan  1 22:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae51f9726ca9d0e166aec6bf842c804ae2dfcc23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f8:a2:36:41:43:f7:1b:8f:6a:dd:2c:f3:91:
                    83:3d:26:5d:e7:5e:6f:9e:a4:91:7c:c1:a7:25:64:
                    1e:87:76:4e:62:da:22:a7:96:9a:ad:36:8e:f6:8a:
                    93:14:b2:41:92:f7:57:14:d8:db:19:39:c8:9c:87:
                    6e:e7:ed:5d:2b:08:67:3b:17:7d:96:79:c2:b6:ef:
                    43:1a:c7:a7:d4:1a:7e:27:fc:85:90:33:af:28:1a:
                    68:55:65:cb:68:a1:2b:d7:26:97:05:0e:8c:d6:0f:
                    7c:48:c1:6c:cc:7d:5d:5d:fc:f9:ae:d8:c2:0b:be:
                    61:e0:1a:85:34:70:bd:dc:52:a2:6e:6e:cf:ba:fa:
                    2b:3b:35:d4:45:b7:04:cf:36:65:b4:46:a3:cb:3f:
                    70:5c:fe:c7:ff:48:66:47:74:d2:09:bc:b6:79:5f:
                    33:49:59:ba:7b:33:e7:de:ba:77:69:90:a7:06:ba:
                    5a:fb:de:7c:54:42:ee:d4:51:bf:aa:e4:fe:eb:a1:
                    38:b6:26:8c:34:0a:3d:ef:61:03:3c:b2:1d:a9:1b:
                    a7:8e:82:25:1a:d0:5f:b0:c5:3c:70:e4:3e:29:49:
                    e2:b4:71:dd:ab:73:75:17:60:d6:db:82:44:40:f1:
                    e2:4a:93:45:c5:e2:da:c5:b3:09:14:60:ee:11:22:
                    38:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:51:F9:72:6C:A9:D0:E1:66:AE:C6:BF:84:2C:80:4A:E2:DF:CC:23
            X509v3 Authority Key Identifier:
                keyid:1D:8E:AB:93:53:0C:FD:50:DA:7F:B7:DA:5E:BA:0A:A4:40:C9:EF:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY6rk1MM_VDaf7faXroKpEDJ7ww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ebb83a-0126-43c0-b9ea-32dd53640b9c/1/rlH5cmyp0OFmrsa_hCyASuLfzCM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ebb83a-0126-43c0-b9ea-32dd53640b9c/1/HY6rk1MM_VDaf7faXroKpEDJ7ww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.119.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:db:1a:03:cd:30:d3:2c:d1:8c:77:d8:5f:75:cb:21:b1:c4:
         12:14:4a:40:40:0f:2f:77:c9:46:38:0f:0b:3b:85:b1:93:27:
         d8:71:55:8f:bf:c1:ac:92:8e:9c:87:39:91:89:97:24:0a:3f:
         34:ed:0c:10:91:3c:c0:12:62:3b:33:7b:9a:74:35:1a:7b:8b:
         08:88:48:1e:e2:44:c5:d3:c6:d7:14:6f:89:40:5c:9d:c7:8a:
         d2:b3:9a:0a:c7:b7:e6:a5:f0:6c:b5:05:1d:0b:ee:b7:04:9d:
         5d:64:13:77:57:30:21:38:cd:49:1b:b0:5a:7c:47:2f:bc:bf:
         86:31:57:f8:d9:7d:02:9b:27:8f:13:58:81:cb:d8:f7:77:70:
         52:bc:fc:06:2b:96:2b:e4:ac:63:2e:b8:4b:9e:51:fa:26:5a:
         85:f2:1d:bb:11:57:55:65:49:fd:b7:30:8f:2d:5f:3d:0c:98:
         67:c4:cc:35:aa:c2:b3:6e:e1:c8:8d:ba:b5:f6:10:83:dd:04:
         59:cd:4c:38:9e:a4:d1:79:ec:09:87:7d:90:8f:06:8c:0d:85:
         30:fc:c4:25:9f:aa:85:ef:0b:ae:63:42:89:57:5f:18:7b:10:
         a7:a8:69:01:cb:e0:af:4a:e8:78:97:66:42:f8:a9:3a:ea:29:
         e2:1e:ed:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvb/1Kbn+5Ed4+u+++563jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOGVhYjkzNTMwY2ZkNTBkYTdmYjdkYTVlYmEwYWE0NDBj
OWVmMGMwHhcNMjMwMTAxMjIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTUxZjk3MjZjYTlkMGUxNjZhZWM2YmY4NDJjODA0YWUyZGZjYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/iiNkFD9xuPat0s85GDPSZd515v
nqSRfMGnJWQeh3ZOYtoip5aarTaO9oqTFLJBkvdXFNjbGTnInIdu5+1dKwhnOxd9
lnnCtu9DGsen1Bp+J/yFkDOvKBpoVWXLaKEr1yaXBQ6M1g98SMFszH1dXfz5rtjC
C75h4BqFNHC93FKibm7PuvorOzXURbcEzzZltEajyz9wXP7H/0hmR3TSCby2eV8z
SVm6ezPn3rp3aZCnBrpa+958VELu1FG/quT+66E4tiaMNAo972EDPLIdqRunjoIl
GtBfsMU8cOQ+KUnitHHdq3N1F2DW24JEQPHiSpNFxeLaxbMJFGDuESI4fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5R+XJsqdDhZq7Gv4QsgEri38wjMB8GA1UdIwQY
MBaAFB2Oq5NTDP1Q2n+32l66CqRAye8MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFk2cmsxTU1fVkRhZjdmYVhyb0twRURKN3d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lYmI4M2EtMDEyNi00M2MwLWI5ZWEt
MzJkZDUzNjQwYjljLzEvcmxINWNteXAwT0ZtcnNhX2hDeUFTdUxmekNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lYmI4M2EtMDEyNi00M2MwLWI5ZWEtMzJkZDUzNjQwYjlj
LzEvSFk2cmsxTU1fVkRhZjdmYVhyb0twRURKN3d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XeGMA0G
CSqGSIb3DQEBCwUAA4IBAQCV2xoDzTDTLNGMd9hfdcshscQSFEpAQA8vd8lGOA8L
O4WxkyfYcVWPv8Gsko6chzmRiZckCj807QwQkTzAEmI7M3uadDUae4sIiEge4kTF
08bXFG+JQFydx4rSs5oKx7fmpfBstQUdC+63BJ1dZBN3VzAhOM1JG7BafEcvvL+G
MVf42X0CmyePE1iBy9j3d3BSvPwGK5Yr5KxjLrhLnlH6JlqF8h27EVdVZUn9tzCP
LV89DJhnxMw1qsKzbuHIjbq19hCD3QRZzUw4nqTReewJh32QjwaMDYUw/MQln6qF
7wuuY0KJV18YexCnqGkBy+CvSuh4l2ZC+Kk66iniHu3e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:45 2024 by rpki-client on console-fra.rpki-client.org