Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/u9vZ_1vR0J11JBNuQN7de-mYNlI.roa
File:                     u9vZ_1vR0J11JBNuQN7de-mYNlI.roa (raw, json)
Hash identifier:          INtZ+18U6/ge75CEPPppYgteW8rwl0/+RlacJP5ByUg=
Subject key identifier:   BB:DB:D9:FF:5B:D1:D0:9D:75:24:13:6E:40:DE:DD:7B:E9:98:36:52
Certificate issuer:       /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial:       0186E4101F1391BD8DFCA7D8E78667618135
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/u9vZ_1vR0J11JBNuQN7de-mYNlI.roa
Signing time:             Wed 15 Mar 2023 06:58:27 +0000
ROA not before:           Wed 15 Mar 2023 06:58:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.103.4.0/22 maxlen: 22
                          185.103.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Jun 2023 13:14:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e4:10:1f:13:91:bd:8d:fc:a7:d8:e7:86:67:61:81:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
        Validity
            Not Before: Mar 15 06:58:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bbdbd9ff5bd1d09d7524136e40dedd7be9983652
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:e6:a8:18:bb:e7:7a:99:17:db:ab:d6:a3:2b:
                    2c:df:bd:68:23:94:dc:8d:94:41:71:bd:28:1a:c2:
                    a2:5a:f9:fc:2a:d6:00:89:33:6d:d8:7b:af:a0:6c:
                    67:0c:f3:fb:02:ec:70:08:e1:ac:c9:59:ed:ce:f3:
                    d9:22:f7:24:36:9b:12:b5:db:96:0d:7d:aa:d0:ec:
                    56:4c:5b:8f:90:62:f7:2c:0a:c4:64:60:35:f3:34:
                    65:de:2a:20:87:28:7c:52:b4:a2:06:9d:bb:6d:e4:
                    ba:40:da:37:ad:fd:84:d2:dd:f7:cb:15:8e:73:8d:
                    54:48:a8:17:b0:18:34:56:d2:21:47:60:0c:c4:69:
                    f8:19:57:fe:8e:c7:5b:31:05:c5:99:94:98:5d:80:
                    6b:66:40:30:92:d4:be:eb:d6:57:cf:69:0a:e9:a3:
                    14:de:24:d6:4f:1a:c3:a0:98:03:8e:a4:31:41:84:
                    60:a4:ca:f7:fb:4b:ca:95:95:a8:f1:0a:54:0d:bd:
                    7f:3c:24:81:a8:2c:69:ac:f3:45:18:22:c6:33:c2:
                    33:c4:84:73:82:a6:5a:ca:e0:bc:d9:e3:1e:47:c5:
                    75:41:27:1f:b6:94:f0:a7:00:5e:b5:53:58:eb:76:
                    d7:5d:85:be:7b:f8:ee:52:f0:78:d2:bd:40:ec:a5:
                    bc:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:DB:D9:FF:5B:D1:D0:9D:75:24:13:6E:40:DE:DD:7B:E9:98:36:52
            X509v3 Authority Key Identifier:
                keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/u9vZ_1vR0J11JBNuQN7de-mYNlI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:f9:20:1f:9e:47:8a:4e:7a:d5:b5:23:a0:fd:70:97:3e:b5:
         80:83:b9:94:a6:0c:e6:49:52:ae:b8:1d:53:48:cf:dd:2e:46:
         74:8c:32:4e:1e:b5:b4:f0:b4:96:99:a1:ef:6a:f7:23:74:9f:
         57:21:f8:a4:a6:86:9b:32:31:6f:a6:3c:57:fa:ed:54:b7:a3:
         bc:79:20:3a:9c:ad:14:9e:73:00:1e:f5:07:d9:e3:9f:01:ac:
         e0:72:38:d5:29:7a:b5:68:f9:78:18:09:45:c2:5b:e3:2b:5d:
         ee:a0:80:80:ab:9f:7c:7f:a1:62:43:7f:36:1f:59:54:0f:dc:
         c9:d9:50:d5:8c:f7:2b:44:3b:85:86:8e:2f:69:d4:45:06:0a:
         ab:71:20:03:3d:10:cb:8a:72:1b:5d:e7:b6:b0:c7:d9:d8:13:
         d4:6d:25:c2:dd:01:09:ab:90:d7:31:26:d3:fd:7c:56:9f:24:
         79:78:4f:08:fb:57:a8:7d:e8:fd:21:56:3d:e7:5e:0b:72:44:
         59:7f:dc:22:1f:0b:f6:1e:24:c6:eb:ab:53:34:fe:bb:bc:3f:
         b6:95:b6:ac:f9:24:59:db:2c:f9:7b:85:22:4b:64:e6:96:43:
         f9:b4:ab:81:cf:38:9c:d6:fa:d6:8f:d7:61:cc:7e:12:8d:b6:
         8c:b2:67:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbkEB8Tkb2N/KfY54ZnYYE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MjE5ZWM3MzgzZmEwNjEwNDgwZGRmYTYyYzNmODJjNDAw
Y2Q1NmYwHhcNMjMwMzE1MDY1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmRiZDlmZjViZDFkMDlkNzUyNDEzNmU0MGRlZGQ3YmU5OTgzNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeaoGLvnepkX26vWoyss371oI5Tc
jZRBcb0oGsKiWvn8KtYAiTNt2HuvoGxnDPP7AuxwCOGsyVntzvPZIvckNpsStduW
DX2q0OxWTFuPkGL3LArEZGA18zRl3ioghyh8UrSiBp27beS6QNo3rf2E0t33yxWO
c41USKgXsBg0VtIhR2AMxGn4GVf+jsdbMQXFmZSYXYBrZkAwktS+69ZXz2kK6aMU
3iTWTxrDoJgDjqQxQYRgpMr3+0vKlZWo8QpUDb1/PCSBqCxprPNFGCLGM8IzxIRz
gqZayuC82eMeR8V1QScftpTwpwBetVNY63bXXYW+e/juUvB40r1A7KW8tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvb2f9b0dCddSQTbkDe3XvpmDZSMB8GA1UdIwQY
MBaAFNchnsc4P6BhBIDd+mLD+CxADNVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4Yjct
ZDBjODJhM2NmNGI2LzEvdTl2Wl8xdlIwSjExSkJOdVFON2RlLW1ZTmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4YjctZDBjODJhM2NmNGI2
LzEvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWcEMA0G
CSqGSIb3DQEBCwUAA4IBAQAV+SAfnkeKTnrVtSOg/XCXPrWAg7mUpgzmSVKuuB1T
SM/dLkZ0jDJOHrW08LSWmaHvavcjdJ9XIfikpoabMjFvpjxX+u1Ut6O8eSA6nK0U
nnMAHvUH2eOfAazgcjjVKXq1aPl4GAlFwlvjK13uoICAq598f6FiQ382H1lUD9zJ
2VDVjPcrRDuFho4vadRFBgqrcSADPRDLinIbXee2sMfZ2BPUbSXC3QEJq5DXMSbT
/XxWnyR5eE8I+1eofej9IVY9514LckRZf9wiHwv2HiTG66tTNP67vD+2lbas+SRZ
2yz5e4UiS2TmlkP5tKuBzzic1vrWj9dhzH4SjbaMsmcn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:10 2024 by rpki-client on console-fra.rpki-client.org