Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/fFYU1W2sSH58DFHloCkrjy88lA8.roa
File:                     fFYU1W2sSH58DFHloCkrjy88lA8.roa (raw, json)
Hash identifier:          6i7pAw7pS98r6kNg1HwUKN15BnaJxZn/D7nw18YZ564=
Subject key identifier:   7C:56:14:D5:6D:AC:48:7E:7C:0C:51:E5:A0:29:2B:8F:2F:3C:94:0F
Certificate issuer:       /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial:       0188E8A4D4E403F054A53CEC3996B00C0A42
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/fFYU1W2sSH58DFHloCkrjy88lA8.roa
Signing time:             Fri 23 Jun 2023 14:24:56 +0000
ROA not before:           Fri 23 Jun 2023 14:24:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        185.240.24.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Dec 2023 19:16:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e8:a4:d4:e4:03:f0:54:a5:3c:ec:39:96:b0:0c:0a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
        Validity
            Not Before: Jun 23 14:24:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c5614d56dac487e7c0c51e5a0292b8f2f3c940f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b1:b8:79:cf:e2:4d:b0:06:8d:4e:32:29:0e:
                    2b:65:f2:2b:81:bf:23:44:ef:47:ea:a6:a1:3c:f6:
                    2e:59:4b:01:d8:61:2e:ea:30:4a:47:19:18:fd:c8:
                    5a:65:16:cf:c9:7a:03:f0:59:7c:5f:d3:35:1a:ed:
                    16:da:b4:56:9a:c3:16:94:fe:c9:9d:71:fe:88:b9:
                    c3:3a:8e:dd:75:5e:dc:90:c8:6a:98:58:0b:80:fc:
                    ba:80:9a:5b:99:f1:01:d0:9c:67:1e:12:e8:21:0e:
                    a9:b1:d2:b1:d0:ba:4c:02:89:6d:bb:84:1c:3f:f0:
                    07:35:44:d2:38:78:20:6b:71:1d:34:98:b7:87:78:
                    3f:5b:50:b3:2d:dd:26:12:2d:be:1e:ba:3b:5d:24:
                    c6:5c:7a:e9:07:f3:7f:db:f0:27:d0:84:73:d2:ca:
                    46:4d:48:86:30:f8:21:67:5a:0e:ae:62:c7:3b:c2:
                    0e:97:3f:d0:09:cc:b2:6c:98:de:f5:48:e3:8b:a9:
                    69:85:dc:ad:31:06:87:4f:8f:06:ae:11:9d:77:c6:
                    d0:8f:20:0d:44:6e:63:82:4f:54:f3:e3:d8:4f:b4:
                    7c:7a:bd:0f:96:ac:06:ba:9d:2c:89:fb:29:80:9b:
                    9e:c6:00:c1:4d:1a:3a:76:fc:79:29:0b:cc:e2:59:
                    45:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:56:14:D5:6D:AC:48:7E:7C:0C:51:E5:A0:29:2B:8F:2F:3C:94:0F
            X509v3 Authority Key Identifier:
                keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/fFYU1W2sSH58DFHloCkrjy88lA8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.240.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c7:24:7d:52:d1:f4:64:96:05:23:50:ec:ad:fc:fc:f2:f3:0d:
         14:18:e8:9e:5b:ed:0b:50:4b:5a:76:29:39:a0:2e:ad:ef:0f:
         1a:72:86:97:82:b8:57:9a:80:66:ed:b0:a9:59:44:39:fc:5f:
         5d:05:6c:a2:4d:73:3a:71:5e:28:43:b2:15:6c:8b:dc:fd:a4:
         8e:f8:47:b9:37:cd:d0:43:56:2e:ac:0d:dd:0c:80:b8:15:34:
         22:9e:82:77:a1:16:8d:c9:d2:60:1e:6c:2e:c6:0f:83:16:15:
         89:78:8f:d4:5b:fd:0e:fb:37:28:a5:90:ff:3e:6b:4f:e3:c1:
         fe:15:9c:72:9a:f4:c8:df:41:31:45:23:94:67:c0:c2:86:37:
         4a:c8:11:56:f5:81:6e:a2:ce:eb:99:be:b2:f2:74:5d:64:53:
         d0:88:cb:dd:5e:f2:96:b9:a2:59:01:3f:c4:74:00:6e:dc:e4:
         23:2c:b5:8d:c8:a5:e2:15:df:03:86:f2:8a:2f:ad:7f:14:c9:
         d6:7e:8d:44:76:27:1c:b8:8f:6e:38:13:ee:71:3f:a0:26:6b:
         ea:2b:8a:69:ba:df:2c:e6:22:1e:82:11:4e:48:58:48:f9:e3:
         e6:f5:2e:f3:a8:42:c3:5c:6b:69:71:24:5f:22:b9:84:c0:c0:
         61:8b:5f:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjopNTkA/BUpTzsOZawDApCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjMwNjIzMTQyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzU2MTRkNTZkYWM0ODdlN2MwYzUxZTVhMDI5MmI4ZjJmM2M5NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLG4ec/iTbAGjU4yKQ4rZfIrgb8j
RO9H6qahPPYuWUsB2GEu6jBKRxkY/chaZRbPyXoD8Fl8X9M1Gu0W2rRWmsMWlP7J
nXH+iLnDOo7ddV7ckMhqmFgLgPy6gJpbmfEB0JxnHhLoIQ6psdKx0LpMAoltu4Qc
P/AHNUTSOHgga3EdNJi3h3g/W1CzLd0mEi2+Hro7XSTGXHrpB/N/2/An0IRz0spG
TUiGMPghZ1oOrmLHO8IOlz/QCcyybJje9Ujji6lphdytMQaHT48GrhGdd8bQjyAN
RG5jgk9U8+PYT7R8er0PlqwGup0sifspgJuexgDBTRo6dvx5KQvM4llFowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxWFNVtrEh+fAxR5aApK48vPJQPMB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvZkZZVTFXMnNTSDU4REZIbG9Da3JqeTg4bEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufAYMA0G
CSqGSIb3DQEBCwUAA4IBAQDHJH1S0fRklgUjUOyt/Pzy8w0UGOieW+0LUEtadik5
oC6t7w8acoaXgrhXmoBm7bCpWUQ5/F9dBWyiTXM6cV4oQ7IVbIvc/aSO+Ee5N83Q
Q1YurA3dDIC4FTQinoJ3oRaNydJgHmwuxg+DFhWJeI/UW/0O+zcopZD/PmtP48H+
FZxymvTI30ExRSOUZ8DChjdKyBFW9YFuos7rmb6y8nRdZFPQiMvdXvKWuaJZAT/E
dABu3OQjLLWNyKXiFd8DhvKKL61/FMnWfo1EdiccuI9uOBPucT+gJmvqK4pput8s
5iIeghFOSFhI+ePm9S7zqELDXGtpcSRfIrmEwMBhi1/w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:04 2024 by rpki-client on console-fra.rpki-client.org