Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/fChyfDditHzIc3K4WERd53euqbU.roa
File:                     fChyfDditHzIc3K4WERd53euqbU.roa (raw, json)
Hash identifier:          fvYYrRS97382gRvhcnyiZkFRZ+nA+vuAipZvOMah02Y=
Subject key identifier:   7C:28:72:7C:37:62:B4:7C:C8:73:72:B8:58:44:5D:E7:77:AE:A9:B5
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       018570028DEF0AD178BE8F0394CB3B57C902
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/fChyfDditHzIc3K4WERd53euqbU.roa
Signing time:             Mon 02 Jan 2023 01:04:53 +0000
ROA not before:           Mon 02 Jan 2023 01:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202557
IP address blocks:        31.145.140.0/24 maxlen: 24
                          212.98.242.0/24 maxlen: 24
                          84.44.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:8d:ef:0a:d1:78:be:8f:03:94:cb:3b:57:c9:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  2 01:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c28727c3762b47cc87372b858445de777aea9b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:06:41:4b:d3:c6:4d:9a:c3:df:6a:7f:c3:99:
                    96:36:0f:0b:f7:56:66:24:08:dd:b5:6f:60:48:a2:
                    1b:32:2d:f1:69:92:89:c4:fa:47:25:1b:26:8b:02:
                    85:67:48:1c:e1:32:0d:e6:c0:94:85:97:2d:89:9d:
                    7d:49:c4:6d:d0:f1:fb:e0:45:49:04:69:8a:23:ae:
                    e3:16:fe:f2:45:c9:57:f2:bd:6e:36:ad:21:9d:8d:
                    ac:7d:70:41:84:32:ff:3c:1d:3b:fc:ff:40:a2:00:
                    0d:cb:c9:a3:f0:be:81:21:51:9f:59:f3:5b:26:46:
                    72:72:72:1e:03:84:22:08:23:f6:db:28:d6:d2:9f:
                    69:ed:46:bf:cb:a8:65:1b:dd:4b:1f:6c:d1:9c:6f:
                    50:fc:94:cb:f4:ad:34:a7:f1:52:96:7d:71:1a:84:
                    9f:a0:d5:5a:10:26:11:8b:2f:04:81:65:80:aa:23:
                    a7:3e:a5:f5:31:0b:bc:c9:e6:3b:c4:bd:8b:fa:77:
                    ee:82:c2:4b:c6:f8:6c:b9:f0:a5:91:d0:0f:8a:08:
                    e3:1e:f6:a5:4e:89:e8:9c:54:12:c1:4c:6a:92:39:
                    6d:40:71:a3:c8:91:89:d5:41:83:ff:ab:fa:9f:d9:
                    58:9a:ef:cd:d1:b9:cd:8e:aa:82:8f:e3:03:67:6f:
                    47:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:28:72:7C:37:62:B4:7C:C8:73:72:B8:58:44:5D:E7:77:AE:A9:B5
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/fChyfDditHzIc3K4WERd53euqbU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.145.140.0/24
                  84.44.70.0/24
                  212.98.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:0a:10:4c:ff:d9:99:10:e5:f1:5a:0b:66:54:ec:0f:60:1e:
         4a:da:3d:28:d3:2d:06:a3:94:11:57:b8:d8:6a:a1:4c:69:fe:
         b0:6a:57:ab:a1:0b:be:0a:db:96:2f:1b:6d:5c:d5:31:01:47:
         ed:c5:9d:30:c3:02:e8:f0:95:1f:ff:28:f3:05:8e:d8:62:1e:
         03:4a:35:a9:dc:1c:6d:42:91:eb:ad:86:53:7d:88:b4:c2:33:
         4f:53:d3:e6:2e:e6:5c:33:d8:eb:12:0f:70:b8:00:6c:aa:2c:
         c5:50:0e:f5:da:f2:9c:23:90:58:71:f8:05:d8:9c:fc:86:a1:
         8d:35:d6:33:78:47:50:9d:4a:86:38:6d:3f:a6:53:e5:77:3e:
         c3:d4:42:07:62:da:6a:4e:c1:b6:9c:04:2d:b7:1f:65:44:57:
         13:1b:27:71:71:4c:74:cb:21:2f:e8:43:58:86:a2:78:9f:ba:
         84:9a:6a:ab:b7:82:90:fc:11:22:79:06:fd:29:87:2d:21:d3:
         e5:f9:5b:0b:ec:d8:71:79:8d:80:ac:ba:c8:18:86:86:48:1d:
         20:60:dd:4b:23:57:93:0c:cb:31:d0:fb:6a:5a:e8:17:b3:54:
         79:86:42:3a:2f:9b:7d:e9:9a:e9:d5:41:c7:6a:de:d4:b0:6f:
         48:76:1a:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwAo3vCtF4vo8DlMs7V8kCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzI4NzI3YzM3NjJiNDdjYzg3MzcyYjg1ODQ0NWRlNzc3YWVhOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QZBS9PGTZrD32p/w5mWNg8L91Zm
JAjdtW9gSKIbMi3xaZKJxPpHJRsmiwKFZ0gc4TIN5sCUhZctiZ19ScRt0PH74EVJ
BGmKI67jFv7yRclX8r1uNq0hnY2sfXBBhDL/PB07/P9AogANy8mj8L6BIVGfWfNb
JkZycnIeA4QiCCP22yjW0p9p7Ua/y6hlG91LH2zRnG9Q/JTL9K00p/FSln1xGoSf
oNVaECYRiy8EgWWAqiOnPqX1MQu8yeY7xL2L+nfugsJLxvhsufClkdAPigjjHval
TononFQSwUxqkjltQHGjyJGJ1UGD/6v6n9lYmu/N0bnNjqqCj+MDZ29HQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHwocnw3YrR8yHNyuFhEXed3rqm1MB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvZkNoeWZEZGl0SHpJYzNLNFdFUmQ1M2V1cWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5GMAwQA
VCxGAwQA1GLyMA0GCSqGSIb3DQEBCwUAA4IBAQBnChBM/9mZEOXxWgtmVOwPYB5K
2j0o0y0Go5QRV7jYaqFMaf6waleroQu+CtuWLxttXNUxAUftxZ0wwwLo8JUf/yjz
BY7YYh4DSjWp3BxtQpHrrYZTfYi0wjNPU9PmLuZcM9jrEg9wuABsqizFUA712vKc
I5BYcfgF2Jz8hqGNNdYzeEdQnUqGOG0/plPldz7D1EIHYtpqTsG2nAQttx9lRFcT
GydxcUx0yyEv6ENYhqJ4n7qEmmqrt4KQ/BEieQb9KYctIdPl+VsL7NhxeY2ArLrI
GIaGSB0gYN1LI1eTDMsx0PtqWugXs1R5hkI6L5t96Zrp1UHHat7UsG9Idhrm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:56 2024 by rpki-client on console-fra.rpki-client.org