Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/fF1XghJaYBf72b9KTmxW8dIBhSY.roa
File:                     fF1XghJaYBf72b9KTmxW8dIBhSY.roa (raw, json)
Hash identifier:          wjQgWYRnZsj6HSlLVhLEYE72zNgFTUlzNg/u5rtymeU=
Subject key identifier:   7C:5D:57:82:12:5A:60:17:FB:D9:BF:4A:4E:6C:56:F1:D2:01:85:26
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       018CC86EFBAF6769709CDC96D0A40DCC37D4
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/fF1XghJaYBf72b9KTmxW8dIBhSY.roa
Signing time:             Tue 02 Jan 2024 04:29:25 +0000
ROA not before:           Tue 02 Jan 2024 04:29:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210122
IP address blocks:        185.39.50.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 13 Apr 2024 11:37:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6e:fb:af:67:69:70:9c:dc:96:d0:a4:0d:cc:37:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Jan  2 04:29:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7c5d5782125a6017fbd9bf4a4e6c56f1d2018526
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:db:4a:64:54:5f:c7:7d:2b:01:8e:d4:07:92:
                    c1:3c:a3:22:86:bd:7e:74:7d:4f:b0:45:e1:94:4c:
                    05:21:a1:97:d5:71:75:d4:bd:72:6e:a2:27:75:9e:
                    8e:8e:21:33:8f:3e:7d:c3:a9:9d:e4:12:4a:26:5c:
                    26:a2:cd:6c:bf:28:1a:2b:c7:19:e4:74:71:87:3a:
                    3d:d4:bc:44:7c:60:5f:6f:00:cf:3f:33:41:19:92:
                    9d:c4:1a:e8:08:62:4e:38:89:a4:fb:61:00:4e:18:
                    0d:1e:27:2f:d7:32:b9:2e:f6:98:9e:0d:da:65:a7:
                    36:ad:67:e2:cf:83:be:ec:41:55:cb:cf:78:fa:fd:
                    67:8f:69:cc:85:78:e7:46:35:ec:e8:fb:64:e7:d5:
                    c6:ab:6e:a2:ff:2a:16:ac:33:84:e6:20:2f:00:b3:
                    23:2b:96:de:be:47:c3:a3:45:48:b3:dc:cc:ec:e2:
                    e3:9b:82:83:2f:84:82:d2:b9:4e:f7:ef:d3:58:ba:
                    f9:9c:81:e7:50:a7:87:7e:69:02:1b:73:c3:6f:ac:
                    da:1c:12:31:6d:7f:7e:7f:f7:8e:7d:44:40:20:dc:
                    be:67:f5:a0:c7:d7:24:21:3f:25:c9:c2:ac:75:ce:
                    e4:93:d7:9d:0a:61:22:0e:6b:1b:45:b1:7b:42:4c:
                    76:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:5D:57:82:12:5A:60:17:FB:D9:BF:4A:4E:6C:56:F1:D2:01:85:26
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/fF1XghJaYBf72b9KTmxW8dIBhSY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:69:ff:ae:52:e1:82:57:6e:3c:85:c2:a1:60:44:3d:f1:82:
         db:cf:f1:ec:ce:4d:01:f8:32:2d:fe:6b:7b:d1:38:f8:20:a0:
         9e:36:2d:4a:e2:b8:cc:92:da:ae:bf:1c:a9:dc:d8:8c:9c:7f:
         ea:33:72:09:52:3a:73:a6:0c:14:a8:42:e7:72:7f:3c:82:4b:
         9b:dc:e8:aa:c9:6f:a8:e6:e1:60:c1:8e:2a:42:41:97:4e:11:
         e4:66:52:62:4b:d0:00:f5:76:62:80:ce:18:79:db:a5:1a:eb:
         ed:bf:6e:c6:54:56:c9:a4:05:ed:a6:6e:c4:12:64:82:47:0d:
         95:f8:be:54:dd:53:b2:50:23:d1:33:4f:17:a0:ac:1b:94:67:
         84:77:76:98:89:4d:22:75:33:f4:98:37:dd:b0:e9:3b:d1:24:
         38:60:65:f9:2c:86:75:a6:97:f0:be:17:7e:20:a9:31:86:c0:
         a2:f1:89:84:a3:f9:aa:ee:bd:62:75:18:ec:da:54:26:26:9c:
         3f:ed:07:1f:fd:1a:b3:24:10:f3:f5:5e:21:b8:68:c0:9d:b2:
         2b:68:f9:ec:13:09:46:a2:32:85:76:c4:88:a8:22:8e:d5:e7:
         02:3e:83:73:05:32:38:fa:dc:01:3f:fd:a2:ff:b0:83:ba:bb:
         de:b0:f6:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbvuvZ2lwnNyW0KQNzDfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZWY5Njk0YWE0OGQ4MTI3OWU4ZWRlNDMwNzk1ZjI3Njhk
MmRkNTIwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVkNTc4MjEyNWE2MDE3ZmJkOWJmNGE0ZTZjNTZmMWQyMDE4NTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhttKZFRfx30rAY7UB5LBPKMihr1+
dH1PsEXhlEwFIaGX1XF11L1ybqIndZ6OjiEzjz59w6md5BJKJlwmos1svygaK8cZ
5HRxhzo91LxEfGBfbwDPPzNBGZKdxBroCGJOOImk+2EAThgNHicv1zK5LvaYng3a
Zac2rWfiz4O+7EFVy894+v1nj2nMhXjnRjXs6Ptk59XGq26i/yoWrDOE5iAvALMj
K5bevkfDo0VIs9zM7OLjm4KDL4SC0rlO9+/TWLr5nIHnUKeHfmkCG3PDb6zaHBIx
bX9+f/eOfURAINy+Z/Wgx9ckIT8lycKsdc7kk9edCmEiDmsbRbF7Qkx26wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxdV4ISWmAX+9m/Sk5sVvHSAYUmMB8GA1UdIwQY
MBaAFOHvlpSqSNgSeejt5DB5Xydo0t1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMt
YWRlZDFjNDY5ZWFmLzEvZkYxWGdoSmFZQmY3MmI5S1RteFc4ZElCaFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMtYWRlZDFjNDY5ZWFm
LzEvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuScyMA0G
CSqGSIb3DQEBCwUAA4IBAQAbaf+uUuGCV248hcKhYEQ98YLbz/Hszk0B+DIt/mt7
0Tj4IKCeNi1K4rjMktquvxyp3NiMnH/qM3IJUjpzpgwUqELncn88gkub3OiqyW+o
5uFgwY4qQkGXThHkZlJiS9AA9XZigM4YedulGuvtv27GVFbJpAXtpm7EEmSCRw2V
+L5U3VOyUCPRM08XoKwblGeEd3aYiU0idTP0mDfdsOk70SQ4YGX5LIZ1ppfwvhd+
IKkxhsCi8YmEo/mq7r1idRjs2lQmJpw/7Qcf/RqzJBDz9V4huGjAnbIraPnsEwlG
ojKFdsSIqCKO1ecCPoNzBTI4+twBP/2i/7CDurvesPY1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:55 2024 by rpki-client on console-fra.rpki-client.org