Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/AjOaN8fmGGplFpD-sxaM6VxrLxw.roa
File:                     AjOaN8fmGGplFpD-sxaM6VxrLxw.roa (raw, json)
Hash identifier:          ogeOfAZjJQqQi+i01LQh0GuMqiWRp4HvbHLP7u+CV5Q=
Subject key identifier:   02:33:9A:37:C7:E6:18:6A:65:16:90:FE:B3:16:8C:E9:5C:6B:2F:1C
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       018CC726A39B30E8D6EB2FFC0018FC5DC834
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/AjOaN8fmGGplFpD-sxaM6VxrLxw.roa
Signing time:             Mon 01 Jan 2024 22:30:47 +0000
ROA not before:           Mon 01 Jan 2024 22:30:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        87.254.11.0/24 maxlen: 24
                          217.25.1.0/24 maxlen: 24
                          87.254.16.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 Apr 2024 08:25:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:a3:9b:30:e8:d6:eb:2f:fc:00:18:fc:5d:c8:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: Jan  1 22:30:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=02339a37c7e6186a651690feb3168ce95c6b2f1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:91:30:ae:27:be:56:06:d3:d5:be:7f:d3:95:
                    60:03:c1:25:26:1b:ec:b0:9b:37:3a:81:bd:dd:c3:
                    39:59:5a:0c:80:5e:8a:e4:7b:89:31:a1:07:a3:3e:
                    7b:56:c2:0b:a0:db:15:5f:8e:ab:a7:c4:6a:38:43:
                    bc:17:45:7f:b4:05:aa:08:aa:6a:98:f6:ff:72:a1:
                    38:7e:b2:d3:24:71:6c:c7:61:9f:b3:a4:0f:32:d0:
                    3d:8c:8b:bb:ce:4c:50:88:21:68:6a:0e:af:4c:4f:
                    40:82:17:ab:d8:ba:17:1f:3d:3b:c6:01:02:28:d2:
                    5f:09:d8:6a:e9:b1:96:44:c2:bd:80:3e:03:7d:e5:
                    51:24:6d:80:fd:75:0c:8b:28:d3:0f:ac:b9:07:c2:
                    cc:05:3b:3b:c5:df:f9:fb:30:91:e7:0c:d9:3e:c6:
                    79:34:77:42:8e:82:ea:82:bc:1b:bb:56:e9:ff:a9:
                    d7:bc:28:e8:f5:3f:4e:b0:1e:9c:5e:01:fa:88:be:
                    b0:e9:95:47:9b:94:e5:8c:30:47:59:a5:72:c7:5e:
                    9c:9d:22:b6:3f:03:54:6a:8a:1a:df:3f:bf:17:d0:
                    89:1d:bc:e6:aa:f7:7d:ca:10:48:f8:77:f1:80:5e:
                    23:c7:aa:d5:f1:c0:00:90:be:d1:d8:70:82:9e:e1:
                    f1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:33:9A:37:C7:E6:18:6A:65:16:90:FE:B3:16:8C:E9:5C:6B:2F:1C
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/AjOaN8fmGGplFpD-sxaM6VxrLxw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.254.11.0/24
                  87.254.16.0/24
                  217.25.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:38:41:ef:29:f0:f1:80:8c:d4:e6:b4:59:82:7b:55:71:39:
         60:a6:0b:9e:c8:f2:04:03:fa:31:7a:99:06:e8:04:c9:35:9a:
         d0:0d:f8:b9:2e:21:cd:a7:9b:b8:62:7a:fe:ad:24:88:a2:8b:
         c8:3d:34:3a:1a:00:e5:e0:2f:8b:b2:3f:d8:69:3e:fc:9d:b1:
         7b:e0:17:59:75:4d:ad:97:95:4c:40:3d:47:ea:be:83:ef:79:
         69:59:52:f9:80:a8:f1:75:63:cd:71:be:54:87:20:4b:ae:1d:
         5c:0b:c9:c6:e0:75:4b:af:bf:65:e0:88:60:5a:e7:29:7a:70:
         f8:97:c3:cb:a0:a7:1e:7a:db:98:9c:d4:7b:87:ec:14:6c:b0:
         16:26:d4:8f:8a:e0:76:06:c4:7d:ab:c6:c5:23:b3:39:82:13:
         64:8e:27:03:b9:a5:1a:f1:ab:3a:56:de:9b:bf:50:75:5f:07:
         b4:c5:45:a5:b2:ba:09:cf:cd:16:1a:34:1f:6c:68:22:dd:be:
         e1:62:a6:b7:75:bf:84:b5:23:7b:cb:28:85:8d:a7:74:20:11:
         78:eb:42:6a:22:3b:05:37:14:cf:b2:72:72:4c:96:cc:41:6c:
         4d:be:87:0a:6a:77:79:0f:5d:4a:90:f4:c1:62:18:71:a9:a1:
         a1:59:15:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJqObMOjW6y/8ABj8Xcg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwMTAxMjIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjMzOWEzN2M3ZTYxODZhNjUxNjkwZmViMzE2OGNlOTVjNmIyZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5Ewrie+VgbT1b5/05VgA8ElJhvs
sJs3OoG93cM5WVoMgF6K5HuJMaEHoz57VsILoNsVX46rp8RqOEO8F0V/tAWqCKpq
mPb/cqE4frLTJHFsx2Gfs6QPMtA9jIu7zkxQiCFoag6vTE9Agher2LoXHz07xgEC
KNJfCdhq6bGWRMK9gD4DfeVRJG2A/XUMiyjTD6y5B8LMBTs7xd/5+zCR5wzZPsZ5
NHdCjoLqgrwbu1bp/6nXvCjo9T9OsB6cXgH6iL6w6ZVHm5TljDBHWaVyx16cnSK2
PwNUaooa3z+/F9CJHbzmqvd9yhBI+HfxgF4jx6rV8cAAkL7R2HCCnuHx0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAIzmjfH5hhqZRaQ/rMWjOlcay8cMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvQWpPYU44Zm1HR3BsRnBELXN4YU02VnhyTHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/4LAwQA
V/4QAwQA2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQCpOEHvKfDxgIzU5rRZgntVcTlg
pgueyPIEA/oxepkG6ATJNZrQDfi5LiHNp5u4Ynr+rSSIoovIPTQ6GgDl4C+Lsj/Y
aT78nbF74BdZdU2tl5VMQD1H6r6D73lpWVL5gKjxdWPNcb5UhyBLrh1cC8nG4HVL
r79l4IhgWucpenD4l8PLoKceetuYnNR7h+wUbLAWJtSPiuB2BsR9q8bFI7M5ghNk
jicDuaUa8as6Vt6bv1B1Xwe0xUWlsroJz80WGjQfbGgi3b7hYqa3db+EtSN7yyiF
jad0IBF460JqIjsFNxTPsnJyTJbMQWxNvocKand5D11KkPTBYhhxqaGhWRVz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org