Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/d1m8StGBc0tQVvRnUJ-F5t7_D-g.roa
File:                     d1m8StGBc0tQVvRnUJ-F5t7_D-g.roa (raw, json)
Hash identifier:          q1sKsKOevpri54CHzoexFblYsEZLwJkH+e/QYM8NA2U=
Subject key identifier:   77:59:BC:4A:D1:81:73:4B:50:56:F4:67:50:9F:85:E6:DE:FF:0F:E8
Certificate issuer:       /CN=40dde71b41bffb1b516e07b0c61391bdf4d3bf11
Certificate serial:       018BF692DB54CBC760FBF5E3D31FEAB34BA8
Authority key identifier: 40:DD:E7:1B:41:BF:FB:1B:51:6E:07:B0:C6:13:91:BD:F4:D3:BF:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/d1m8StGBc0tQVvRnUJ-F5t7_D-g.roa
Signing time:             Wed 22 Nov 2023 10:28:21 +0000
ROA not before:           Wed 22 Nov 2023 10:28:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208685
IP address blocks:        92.60.72.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f6:92:db:54:cb:c7:60:fb:f5:e3:d3:1f:ea:b3:4b:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40dde71b41bffb1b516e07b0c61391bdf4d3bf11
        Validity
            Not Before: Nov 22 10:28:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7759bc4ad181734b5056f467509f85e6deff0fe8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2c:26:59:a4:47:f6:98:a1:d7:b0:26:51:30:
                    50:0c:9a:6b:bd:3b:94:2d:bb:10:f9:fa:2f:bb:18:
                    b0:dc:b9:21:6f:40:32:88:04:27:a0:34:66:00:68:
                    e0:3a:53:09:24:be:a1:07:a9:f5:97:b3:07:89:09:
                    50:2c:b3:cc:f7:e9:5a:7e:76:73:14:fa:be:2d:df:
                    14:3d:5d:2e:d7:ae:41:35:7b:a8:7d:6d:48:d6:f6:
                    3b:67:a2:18:37:ae:3c:c0:ba:75:78:fe:d5:b8:61:
                    72:93:8a:8d:e1:b5:8a:b9:6b:d0:95:68:3a:17:59:
                    fc:bf:4d:9b:88:d2:da:69:81:e4:68:0d:2f:a5:5e:
                    c1:cc:f6:59:1d:35:8a:a5:00:83:73:4d:d1:ac:2e:
                    d4:bd:75:d5:2f:ad:1e:4b:53:5f:27:54:bd:13:4b:
                    8f:dc:14:5b:e2:9b:21:e4:5c:3d:04:7a:9d:d0:18:
                    5f:2b:4c:85:3f:d7:0d:c5:88:ce:70:79:2f:75:da:
                    40:09:1f:39:74:09:cc:86:69:8c:64:7d:f6:0c:a0:
                    19:c9:a8:5f:49:c6:d0:d2:21:a1:20:b5:fc:aa:e0:
                    75:1b:f7:9e:83:9e:db:c8:40:36:8d:1a:fb:eb:e2:
                    d2:c8:a9:d7:1f:44:18:d5:f3:17:ec:62:1c:d6:47:
                    72:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:59:BC:4A:D1:81:73:4B:50:56:F4:67:50:9F:85:E6:DE:FF:0F:E8
            X509v3 Authority Key Identifier:
                keyid:40:DD:E7:1B:41:BF:FB:1B:51:6E:07:B0:C6:13:91:BD:F4:D3:BF:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/d1m8StGBc0tQVvRnUJ-F5t7_D-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/QN3nG0G_-xtRbgewxhORvfTTvxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.60.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:58:64:be:26:6a:82:85:26:48:f8:95:9e:99:55:51:e3:14:
         a3:e8:b0:3d:9f:3e:f7:6f:c3:f7:4d:35:bd:5c:67:e2:2b:8d:
         f5:57:1d:37:c4:90:f3:3f:e7:56:ad:14:7a:2c:2e:56:18:d7:
         e0:53:8a:d7:de:7d:1b:b2:45:dd:7c:2f:44:e1:41:fe:7e:2a:
         10:43:c2:1a:85:4b:dd:7c:fa:d6:a6:eb:9b:66:9a:79:9c:b8:
         dc:9a:a5:69:03:b1:12:6a:02:31:51:51:f5:de:f8:0e:01:3f:
         6c:aa:57:8c:2b:4e:8a:ce:e1:19:31:94:b6:de:03:a6:8e:ce:
         49:d8:9a:fb:dc:a2:aa:05:3d:42:42:23:c3:2c:6b:18:22:11:
         35:fd:93:38:82:e4:78:4d:6f:53:2c:e1:9d:b6:97:56:fb:e1:
         e3:6b:07:23:c6:47:fb:0e:85:3c:19:c5:f8:21:ac:da:dd:ab:
         a0:0d:f4:94:9f:90:d0:b1:4d:ca:81:13:8d:10:24:11:c1:34:
         0e:00:d5:93:6a:40:10:c3:28:0b:83:88:77:1e:05:5f:34:67:
         01:75:ba:ea:ad:e6:6a:fc:bc:50:48:88:c8:31:65:1d:7d:a2:
         ff:c0:c7:ac:6c:c2:b0:74:64:65:5d:cd:44:9a:d2:16:0f:2c:
         cf:f4:32:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv2kttUy8dg+/Xj0x/qs0uoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZGRlNzFiNDFiZmZiMWI1MTZlMDdiMGM2MTM5MWJkZjRk
M2JmMTEwHhcNMjMxMTIyMTAyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzU5YmM0YWQxODE3MzRiNTA1NmY0Njc1MDlmODVlNmRlZmYwZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCwmWaRH9pih17AmUTBQDJprvTuU
LbsQ+fovuxiw3Lkhb0AyiAQnoDRmAGjgOlMJJL6hB6n1l7MHiQlQLLPM9+lafnZz
FPq+Ld8UPV0u165BNXuofW1I1vY7Z6IYN648wLp1eP7VuGFyk4qN4bWKuWvQlWg6
F1n8v02biNLaaYHkaA0vpV7BzPZZHTWKpQCDc03RrC7UvXXVL60eS1NfJ1S9E0uP
3BRb4psh5Fw9BHqd0BhfK0yFP9cNxYjOcHkvddpACR85dAnMhmmMZH32DKAZyahf
ScbQ0iGhILX8quB1G/eeg57byEA2jRr76+LSyKnXH0QY1fMX7GIc1kdy/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdZvErRgXNLUFb0Z1Cfhebe/w/oMB8GA1UdIwQY
MBaAFEDd5xtBv/sbUW4HsMYTkb30078RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU4zbkcwR18teHRSYmdld3hoT1J2ZlRUdnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NTYyYmYtOTJiYy00NmViLTlkMTYt
MmJhZGNlNDY2ODUzLzEvZDFtOFN0R0JjMHRRVnZSblVKLUY1dDdfRC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NTYyYmYtOTJiYy00NmViLTlkMTYtMmJhZGNlNDY2ODUz
LzEvUU4zbkcwR18teHRSYmdld3hoT1J2ZlRUdnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXDxIMA0G
CSqGSIb3DQEBCwUAA4IBAQCQWGS+JmqChSZI+JWemVVR4xSj6LA9nz73b8P3TTW9
XGfiK431Vx03xJDzP+dWrRR6LC5WGNfgU4rX3n0bskXdfC9E4UH+fioQQ8IahUvd
fPrWpuubZpp5nLjcmqVpA7ESagIxUVH13vgOAT9sqleMK06KzuEZMZS23gOmjs5J
2Jr73KKqBT1CQiPDLGsYIhE1/ZM4guR4TW9TLOGdtpdW++Hjawcjxkf7DoU8GcX4
Iaza3augDfSUn5DQsU3KgRONECQRwTQOANWTakAQwygLg4h3HgVfNGcBdbrqreZq
/LxQSIjIMWUdfaL/wMesbMKwdGRlXc1EmtIWDyzP9DJY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:19 2024 by rpki-client on console-fra.rpki-client.org