Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200570.roa
File: AS200570.roa (raw, json)
Hash identifier: UsDyqgNGBvrlVH3selWlcJD2pBUirS07SYc1F0iTTXc=
Subject key identifier: B7:65:FD:F1:C9:68:5B:D5:A3:EF:8E:27:FD:78:56:7B:2F:AD:C0:C4
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 2646D56E66FEF83882AE8D46BA6788724E1AA62B
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200570.roa
Signing time: Tue 19 Sep 2023 02:14:57 +0000
ROA not before: Tue 19 Sep 2023 02:09:57 +0000
ROA not after: Tue 17 Sep 2024 02:14:57 +0000
asID: 200570
IP address blocks: 2a07:54c4:174d::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 11:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:46:d5:6e:66:fe:f8:38:82:ae:8d:46:ba:67:88:72:4e:1a:a6:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Sep 19 02:09:57 2023 GMT
Not After : Sep 17 02:14:57 2024 GMT
Subject: CN=B765FDF1C9685BD5A3EF8E27FD78567B2FADC0C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:43:de:5e:50:e7:4b:3e:16:b6:95:da:39:58:
c7:14:c4:42:2f:b8:02:d0:1b:c5:c4:64:30:45:06:
e7:a9:f6:f8:a4:19:57:fa:fa:6b:d6:b6:1e:d2:d6:
2e:c6:36:d3:9a:1d:2b:ae:95:91:a6:13:2d:b2:72:
02:e9:d6:db:0c:cc:45:3e:07:54:3d:bf:db:02:20:
b9:03:60:e3:41:62:fe:16:af:80:5e:1d:73:0c:7d:
d9:7c:2f:36:27:c2:ce:0d:f4:32:b1:69:19:23:d5:
31:01:93:f1:e9:b2:65:f9:1c:d6:85:55:bd:5f:85:
a6:56:95:ee:f9:39:4a:da:88:38:d0:0b:46:32:05:
04:3a:82:f3:70:da:9c:c5:e1:55:3b:57:e6:ce:32:
35:b5:ac:89:53:ba:49:07:0d:e3:73:c2:9e:fe:07:
da:41:69:bb:67:92:78:05:35:65:de:34:bf:e2:1c:
02:ca:8a:5b:2a:79:8f:47:9d:cd:b3:ce:55:a0:db:
af:26:52:7c:14:4d:a7:5d:28:4a:5c:98:1c:03:a0:
af:ce:fe:5d:a2:1f:29:53:fd:63:1e:bd:e1:67:88:
30:3a:01:57:f5:97:2a:70:fc:ea:17:a6:d8:d6:c1:
40:2e:ce:6d:c7:fc:e7:b7:18:a8:ca:e8:1d:5e:01:
6a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:65:FD:F1:C9:68:5B:D5:A3:EF:8E:27:FD:78:56:7B:2F:AD:C0:C4
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200570.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:174d::/48
Signature Algorithm: sha256WithRSAEncryption
48:d0:7f:b8:64:49:e1:9b:cf:0c:8b:58:96:c2:9b:b7:f7:21:
99:27:f2:e1:83:2f:75:8f:82:fd:2f:3d:bb:2c:71:9d:39:f7:
a2:b2:16:f4:52:a1:88:65:dd:e4:1b:94:5e:9c:10:9b:71:60:
86:f3:33:8e:23:af:5b:8c:25:70:e9:61:78:89:e3:5c:60:00:
68:dd:fc:02:b8:17:b2:c2:b3:cc:ca:01:07:1c:92:8d:33:66:
0a:90:fc:de:13:71:12:22:65:f0:61:d9:09:74:9e:f0:19:e2:
67:83:b3:67:94:04:12:6b:a0:37:92:65:95:8d:23:50:c6:e8:
3f:c5:8e:dc:24:51:28:01:2f:88:fd:fc:cf:73:0a:72:7f:be:
5b:7b:86:83:79:72:1b:52:f0:13:9a:af:25:08:fb:48:6a:b8:
6b:3c:6e:ff:4f:7a:73:18:74:c5:db:66:83:4a:ab:06:d0:35:
1c:93:39:60:ca:24:26:40:0d:b3:9a:98:02:ee:e7:9d:6f:36:
a8:7d:1b:aa:22:d6:25:b6:85:ea:cd:56:eb:4e:10:3f:bd:ee:
11:ef:06:a2:9f:fa:90:de:8b:a2:af:28:f3:6a:20:32:fb:c7:
54:b8:df:5e:00:7e:67:60:42:42:92:bb:86:dd:4a:28:b2:57:
12:85:a6:36
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJkbVbmb++DiCro1GumeIck4apiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yMzA5MTkwMjA5NTdaFw0yNDA5MTcwMjE0NTdaMDMxMTAvBgNV
BAMTKEI3NjVGREYxQzk2ODVCRDVBM0VGOEUyN0ZENzg1NjdCMkZBREMwQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkQ95eUOdLPha2ldo5WMcUxEIv
uALQG8XEZDBFBuep9vikGVf6+mvWth7S1i7GNtOaHSuulZGmEy2ycgLp1tsMzEU+
B1Q9v9sCILkDYONBYv4Wr4BeHXMMfdl8LzYnws4N9DKxaRkj1TEBk/HpsmX5HNaF
Vb1fhaZWle75OUraiDjQC0YyBQQ6gvNw2pzF4VU7V+bOMjW1rIlTukkHDeNzwp7+
B9pBabtnkngFNWXeNL/iHALKilsqeY9Hnc2zzlWg268mUnwUTaddKEpcmBwDoK/O
/l2iHylT/WMeveFniDA6AVf1lypw/OoXptjWwUAuzm3H/Oe3GKjK6B1eAWq7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUt2X98cloW9Wj744n/XhWey+twMQwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjAwNTcwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xBdNMA0GCSqGSIb3DQEBCwUAA4IBAQBI0H+4ZEnhm88Mi1iWwpu39yGZJ/Lhgy91
j4L9Lz27LHGdOfeishb0UqGIZd3kG5RenBCbcWCG8zOOI69bjCVw6WF4ieNcYABo
3fwCuBeywrPMygEHHJKNM2YKkPzeE3ESImXwYdkJdJ7wGeJng7NnlAQSa6A3kmWV
jSNQxug/xY7cJFEoAS+I/fzPcwpyf75be4aDeXIbUvATmq8lCPtIarhrPG7/T3pz
GHTF22aDSqsG0DUckzlgyiQmQA2zmpgC7uedbzaofRuqItYltoXqzVbrThA/ve4R
7wain/qQ3ouiryjzaiAy+8dUuN9eAH5nYEJCkruG3UooslcShaY2
Generated at Mon Jul 1 13:01:26 2024 by rpki-client on console-fra.rpki-client.org