Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/fGa5Q3apmEQa-FWusJY7IfO58ZM.roa
File:                     fGa5Q3apmEQa-FWusJY7IfO58ZM.roa (raw, json)
Hash identifier:          /636KwGBn+SBvhKcAfWUjImG9LrN/CVYG8Jan9nnUCM=
Subject key identifier:   7C:66:B9:43:76:A9:98:44:1A:F8:55:AE:B0:96:3B:21:F3:B9:F1:93
Certificate issuer:       /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial:       018B6B3FCC1760061304CD0DE5EA9E4ED246
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/fGa5Q3apmEQa-FWusJY7IfO58ZM.roa
Signing time:             Thu 26 Oct 2023 09:10:24 +0000
ROA not before:           Thu 26 Oct 2023 09:10:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50693
IP address blocks:        178.20.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:6b:3f:cc:17:60:06:13:04:cd:0d:e5:ea:9e:4e:d2:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
        Validity
            Not Before: Oct 26 09:10:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c66b94376a998441af855aeb0963b21f3b9f193
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8c:b2:79:6f:56:98:03:52:b5:19:4f:85:74:
                    6f:d5:15:c3:86:f2:ba:e8:43:3c:87:fc:9f:08:c8:
                    21:f0:a6:6a:d7:73:cd:e6:6c:85:81:4a:38:ff:03:
                    93:d5:d5:de:84:62:e7:12:82:16:34:8f:a9:88:71:
                    14:6e:bf:42:57:14:77:4e:76:af:b2:fc:a5:24:6a:
                    73:83:74:05:56:9a:22:4f:d4:8a:b7:0a:93:89:05:
                    1b:c8:a5:20:3a:2d:1b:77:66:3e:cc:aa:9a:5c:4f:
                    c6:76:49:56:f3:ed:cc:0c:7f:33:60:91:ab:a9:14:
                    e6:01:28:b1:dc:76:46:b0:6e:80:18:3c:90:53:45:
                    17:39:68:34:9b:3b:4c:7c:32:65:de:88:57:f9:5c:
                    c4:d1:eb:ce:de:59:54:c8:77:95:67:9a:3f:42:4a:
                    ae:bc:94:af:6e:8f:1a:dc:66:63:7a:f4:30:1f:67:
                    6e:ac:f5:e0:26:3d:95:04:ce:ad:e7:b4:bd:22:ce:
                    32:18:39:d5:ef:14:fe:e6:67:26:65:17:4c:0d:67:
                    5f:1a:e4:6e:af:19:0a:73:28:e2:99:b9:ae:3c:f6:
                    98:a2:36:15:13:e2:ee:3b:a3:71:f8:0d:56:6c:f7:
                    93:99:a0:53:20:f5:a8:35:2f:85:f0:94:71:3c:33:
                    74:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:66:B9:43:76:A9:98:44:1A:F8:55:AE:B0:96:3B:21:F3:B9:F1:93
            X509v3 Authority Key Identifier:
                keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/fGa5Q3apmEQa-FWusJY7IfO58ZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.20.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:03:0f:97:94:91:67:9b:7e:05:f5:64:0c:08:dc:28:61:20:
         24:59:31:a7:91:b8:fa:69:ab:6b:28:da:ac:b6:e0:a8:b0:55:
         cc:76:8c:e6:c0:b4:08:14:87:89:a4:32:ed:0c:b9:2a:2c:0f:
         96:0d:e1:1b:56:39:93:2b:c5:19:12:82:da:17:e9:74:a1:28:
         b1:03:6c:76:82:d0:b4:c5:28:5f:f3:62:27:3f:4c:31:23:81:
         67:6d:62:d9:53:80:1f:30:3f:c7:53:6b:01:3c:cb:39:bc:a8:
         81:10:fa:b0:03:8b:ee:eb:1f:de:a7:2c:71:da:99:28:06:ce:
         e3:41:ba:b9:60:ef:12:d2:dd:f6:13:21:09:ef:70:ea:ad:66:
         cb:f6:43:d3:9a:42:cc:7f:59:cf:89:6e:1a:30:41:d0:2a:10:
         fd:6f:48:cd:d2:b9:05:2b:a2:53:af:0b:71:b6:8a:65:86:b6:
         11:d7:1c:50:17:01:3c:79:95:3d:3c:c5:4e:19:25:12:57:b0:
         a0:b5:00:f5:a9:70:1b:37:2f:1a:37:e9:0e:79:15:85:53:87:
         aa:2b:3e:1d:43:dd:42:03:ac:4d:86:7c:73:29:50:8f:63:d0:
         b5:d1:81:9e:e7:77:61:c6:9d:69:f8:47:9b:7a:72:5c:60:02:
         ab:c2:d6:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtrP8wXYAYTBM0N5eqeTtJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjMxMDI2MDkxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzY2Yjk0Mzc2YTk5ODQ0MWFmODU1YWViMDk2M2IyMWYzYjlmMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4yyeW9WmANStRlPhXRv1RXDhvK6
6EM8h/yfCMgh8KZq13PN5myFgUo4/wOT1dXehGLnEoIWNI+piHEUbr9CVxR3Tnav
svylJGpzg3QFVpoiT9SKtwqTiQUbyKUgOi0bd2Y+zKqaXE/GdklW8+3MDH8zYJGr
qRTmASix3HZGsG6AGDyQU0UXOWg0mztMfDJl3ohX+VzE0evO3llUyHeVZ5o/Qkqu
vJSvbo8a3GZjevQwH2durPXgJj2VBM6t57S9Is4yGDnV7xT+5mcmZRdMDWdfGuRu
rxkKcyjimbmuPPaYojYVE+LuO6Nx+A1WbPeTmaBTIPWoNS+F8JRxPDN04wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxmuUN2qZhEGvhVrrCWOyHzufGTMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvZkdhNVEzYXBtRVFhLUZXdXNKWTdJZk81OFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshTPMA0G
CSqGSIb3DQEBCwUAA4IBAQAEAw+XlJFnm34F9WQMCNwoYSAkWTGnkbj6aatrKNqs
tuCosFXMdozmwLQIFIeJpDLtDLkqLA+WDeEbVjmTK8UZEoLaF+l0oSixA2x2gtC0
xShf82InP0wxI4FnbWLZU4AfMD/HU2sBPMs5vKiBEPqwA4vu6x/epyxx2pkoBs7j
Qbq5YO8S0t32EyEJ73DqrWbL9kPTmkLMf1nPiW4aMEHQKhD9b0jN0rkFK6JTrwtx
toplhrYR1xxQFwE8eZU9PMVOGSUSV7CgtQD1qXAbNy8aN+kOeRWFU4eqKz4dQ91C
A6xNhnxzKVCPY9C10YGe53dhxp1p+EebenJcYAKrwtZa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:19 2024 by rpki-client on console-ams.rpki-client.org