Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/3B1mrAVC97E-hF67SvrhKwXsKag.roa
File:                     3B1mrAVC97E-hF67SvrhKwXsKag.roa (raw, json)
Hash identifier:          UcBSOZEiuZeloKo/ZIW8N3q8Q9D0T+4xm8isDsHLJeY=
Subject key identifier:   DC:1D:66:AC:05:42:F7:B1:3E:84:5E:BB:4A:FA:E1:2B:05:EC:29:A8
Certificate issuer:       /CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Certificate serial:       0189E8D67FB938EB28A643D09C2034D2E6B6
Authority key identifier: 36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/3B1mrAVC97E-hF67SvrhKwXsKag.roa
Signing time:             Sat 12 Aug 2023 08:21:58 +0000
ROA not before:           Sat 12 Aug 2023 08:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203059
IP address blocks:        185.234.101.0/24 maxlen: 24
                          45.91.120.0/24 maxlen: 24
                          91.218.77.0/24 maxlen: 24
                          2a13:5080::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sun 13 Aug 2023 15:56:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e8:d6:7f:b9:38:eb:28:a6:43:d0:9c:20:34:d2:e6:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
        Validity
            Not Before: Aug 12 08:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dc1d66ac0542f7b13e845ebb4afae12b05ec29a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:44:5d:80:cb:5f:a3:26:60:03:cc:ae:0f:e6:
                    6b:cc:6c:11:7d:21:c3:7a:5e:1b:d3:0c:d2:d0:92:
                    20:38:4f:37:cf:ac:bc:d7:e7:0e:b3:af:ca:91:3d:
                    09:1e:18:74:34:0a:d0:da:9c:a8:63:10:6a:07:9d:
                    2e:3e:a6:06:c7:fb:10:0a:61:c4:66:3c:d9:75:8a:
                    ed:4f:2f:be:63:68:ac:6b:8d:49:4b:13:7d:36:8f:
                    06:24:4e:4b:86:16:94:1f:66:91:1e:1c:70:dc:df:
                    ea:9b:8d:60:f3:9a:e0:93:61:b3:d8:af:4f:a3:17:
                    29:61:35:db:af:47:bc:13:02:41:4e:54:97:48:19:
                    53:52:7f:14:32:74:f3:45:cd:b7:e3:27:9b:c4:ce:
                    98:cd:bb:2d:be:fd:f0:5e:59:94:c6:a4:97:a6:c2:
                    8c:e0:3f:4a:30:2f:9a:fb:06:b0:83:39:a2:93:70:
                    5a:06:05:d5:5b:0a:fe:c3:e0:92:6c:4a:b1:ec:0d:
                    97:f8:b5:6b:fe:f5:04:8f:25:af:20:e9:86:7d:c5:
                    b5:84:cc:ad:99:57:00:9e:53:42:5f:ef:e8:7a:f7:
                    5a:7e:c7:7e:fc:a4:a2:ca:d1:38:ea:e3:64:db:b2:
                    f6:f0:ff:cd:2c:a9:47:f1:a3:54:00:5a:e7:64:f3:
                    69:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:1D:66:AC:05:42:F7:B1:3E:84:5E:BB:4A:FA:E1:2B:05:EC:29:A8
            X509v3 Authority Key Identifier:
                keyid:36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/3B1mrAVC97E-hF67SvrhKwXsKag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.120.0/24
                  91.218.77.0/24
                  185.234.101.0/24
                IPv6:
                  2a13:5080::/29

    Signature Algorithm: sha256WithRSAEncryption
         29:6a:6d:d8:f6:c0:2f:9e:90:14:65:8c:ab:2a:cf:0f:6b:d4:
         38:2d:0c:37:04:56:ed:71:56:5d:4c:02:ea:b4:86:26:bf:89:
         7f:47:14:38:fa:4e:89:7a:56:75:18:f0:cd:f3:ab:49:0a:99:
         2e:c4:6c:aa:25:0b:6b:7c:2e:16:e7:f4:49:52:4d:c5:74:91:
         cb:11:e6:00:89:de:e5:02:7f:a7:63:51:07:67:62:8f:13:69:
         87:39:34:ad:c6:3d:ea:26:6b:ca:e4:3f:41:df:28:6b:e9:60:
         2f:27:9d:19:84:4a:fb:46:4f:dd:57:eb:c8:89:8f:7f:19:e7:
         b9:64:64:a3:3c:69:d1:f1:b2:3e:c0:5a:27:86:c2:63:8d:c7:
         b3:7d:23:31:d2:44:45:99:50:60:94:56:c3:da:b9:bd:be:d3:
         43:27:db:34:1a:2e:7a:1c:7d:5e:da:c1:25:b8:12:d8:14:e9:
         b1:b9:32:5a:a3:8f:ad:40:fe:f7:05:a9:c9:27:33:08:15:65:
         d9:5e:6b:91:67:57:be:83:82:b8:d0:7d:f9:e7:87:a0:c6:fb:
         da:ff:46:7f:5d:82:0a:b7:4d:58:10:ae:47:3c:66:eb:d1:b4:
         dc:fe:17:59:ea:bd:dc:9c:36:c1:f5:66:c9:cd:75:7f:1d:27:
         01:38:ee:6c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYno1n+5OOsopkPQnCA00ua2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzNjNDU2NTc0M2FlNTdiZDJhZWE5YTM2M2MyYjNjM2Uy
NTBmNzIwHhcNMjMwODEyMDgyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzFkNjZhYzA1NDJmN2IxM2U4NDVlYmI0YWZhZTEyYjA1ZWMyOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkRdgMtfoyZgA8yuD+ZrzGwRfSHD
el4b0wzS0JIgOE83z6y81+cOs6/KkT0JHhh0NArQ2pyoYxBqB50uPqYGx/sQCmHE
ZjzZdYrtTy++Y2isa41JSxN9No8GJE5LhhaUH2aRHhxw3N/qm41g85rgk2Gz2K9P
oxcpYTXbr0e8EwJBTlSXSBlTUn8UMnTzRc234yebxM6Yzbstvv3wXlmUxqSXpsKM
4D9KMC+a+wawgzmik3BaBgXVWwr+w+CSbEqx7A2X+LVr/vUEjyWvIOmGfcW1hMyt
mVcAnlNCX+/oevdafsd+/KSiytE46uNk27L28P/NLKlH8aNUAFrnZPNpYwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNwdZqwFQvexPoReu0r64SsF7CmoMB8GA1UdIwQY
MBaAFDbDxFZXQ65XvSrqmjY8Kzw+JQ9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQt
YTU3NDlkMjM0NmU3LzEvM0IxbXJBVkM5N0UtaEY2N1N2cmhLd1hzS2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQtYTU3NDlkMjM0NmU3
LzEvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVt4AwQA
W9pNAwQAueplMA0EAgACMAcDBQMqE1CAMA0GCSqGSIb3DQEBCwUAA4IBAQApam3Y
9sAvnpAUZYyrKs8Pa9Q4LQw3BFbtcVZdTALqtIYmv4l/RxQ4+k6JelZ1GPDN86tJ
CpkuxGyqJQtrfC4W5/RJUk3FdJHLEeYAid7lAn+nY1EHZ2KPE2mHOTStxj3qJmvK
5D9B3yhr6WAvJ50ZhEr7Rk/dV+vIiY9/Gee5ZGSjPGnR8bI+wFonhsJjjcezfSMx
0kRFmVBglFbD2rm9vtNDJ9s0Gi56HH1e2sEluBLYFOmxuTJao4+tQP73BanJJzMI
FWXZXmuRZ1e+g4K40H3554egxvva/0Z/XYIKt01YEK5HPGbr0bTc/hdZ6r3cnDbB
9WbJzXV/HScBOO5s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:49 2024 by rpki-client on console-ams.rpki-client.org