Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fCETCFGKUVV0Ke6FKZIJfmDP_38.roa
File:                     fCETCFGKUVV0Ke6FKZIJfmDP_38.roa (raw, json)
Hash identifier:          qv9NeZ1nX+vctV5LCI9GEi0CJ0Ju7KBeccLMxHTvaGU=
Subject key identifier:   7C:21:13:08:51:8A:51:55:74:29:EE:85:29:92:09:7E:60:CF:FF:7F
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       0185E7DA7CBF97022C5FAFB8A1A2A677C0C4
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fCETCFGKUVV0Ke6FKZIJfmDP_38.roa
Signing time:             Wed 25 Jan 2023 07:35:33 +0000
ROA not before:           Wed 25 Jan 2023 07:35:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43350
IP address blocks:        85.122.82.0/24 maxlen: 24
                          85.122.112.0/23 maxlen: 24
                          194.102.168.0/22 maxlen: 24
                          85.120.12.0/23 maxlen: 24
                          217.156.84.0/24 maxlen: 24
                          194.102.218.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Feb 2023 07:07:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e7:da:7c:bf:97:02:2c:5f:af:b8:a1:a2:a6:77:c0:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan 25 07:35:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c211308518a51557429ee852992097e60cfff7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:dc:1f:ea:2f:e0:40:aa:de:0c:01:3f:d8:b4:
                    56:07:4b:d7:09:9a:c5:c4:5e:92:c6:90:21:c6:2f:
                    ab:4c:63:47:09:9d:d1:60:53:bf:4e:54:08:17:6d:
                    99:a9:cc:b2:f7:dd:2f:9f:c5:7b:fa:ce:7f:84:c5:
                    26:d2:ac:cc:50:b1:5d:09:b7:63:ca:c4:45:d4:3f:
                    ea:d5:9b:62:93:4d:8a:57:1d:ad:e1:8e:c0:ba:7f:
                    69:9a:d2:f9:3f:90:aa:e9:e7:b5:44:68:7e:fb:31:
                    17:78:cb:29:9c:9b:3f:0b:18:e8:3b:9e:eb:fb:84:
                    0a:7a:a5:4c:21:d0:e9:98:da:dc:bc:66:9c:f8:1c:
                    c9:27:20:60:23:f7:ed:4e:92:1d:96:b8:12:e2:7f:
                    d2:88:0f:21:32:19:56:7d:cd:ad:0c:eb:36:63:7e:
                    a2:f6:e1:d1:e7:a0:87:f9:a5:68:70:f8:a4:2f:22:
                    68:3a:68:d5:e8:16:32:cb:fb:ec:33:1d:5d:87:1d:
                    cf:eb:01:ae:6c:e9:dd:1c:a2:a5:cf:18:ac:4b:ce:
                    ba:5e:53:97:92:ed:3a:11:a6:a0:6b:f2:19:a8:09:
                    fb:c3:19:4d:2a:b4:2b:dc:32:9e:89:06:d5:c9:60:
                    ec:61:a9:8d:8f:a5:bb:c1:4e:96:3f:43:b0:07:08:
                    1c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:21:13:08:51:8A:51:55:74:29:EE:85:29:92:09:7E:60:CF:FF:7F
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fCETCFGKUVV0Ke6FKZIJfmDP_38.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.120.12.0/23
                  85.122.82.0/24
                  85.122.112.0/23
                  194.102.168.0/22
                  194.102.218.0/24
                  217.156.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:26:e2:b7:82:f8:fa:34:36:ca:7c:71:44:b1:12:b5:82:69:
         7f:b0:6e:14:54:e5:82:b7:e1:23:32:fb:f4:70:09:80:b8:e5:
         96:95:89:8a:1b:6c:44:ce:4a:e5:6a:bb:ff:c8:bc:73:32:0e:
         aa:0e:bb:0f:70:c1:fe:31:fc:f6:7e:6f:66:a5:a2:e8:1a:af:
         b2:5e:39:c9:ad:15:3d:b6:f2:2e:0e:49:93:90:94:e7:58:e6:
         34:24:d2:2f:c5:a8:9c:e3:e1:df:70:32:c3:8d:f5:2e:d4:ea:
         e2:e1:52:15:dc:9d:d4:48:f2:d4:93:ea:a2:37:85:11:df:c4:
         38:4d:9b:bd:bd:82:13:f2:33:d1:72:6e:80:f7:15:ef:37:c4:
         85:46:7a:27:c3:7f:17:1c:af:71:10:52:e2:e7:44:a6:40:db:
         43:d1:0f:e8:f8:6a:3f:53:60:31:46:26:bf:7b:a9:17:c6:c8:
         af:e2:eb:c3:2e:5c:7c:db:50:93:7b:6d:12:6c:c4:bf:c1:38:
         c4:fb:5c:7a:b4:6c:2f:0d:85:d1:33:f6:59:6b:de:6e:de:3a:
         43:b3:8c:f4:34:e4:74:a9:0a:9b:0c:1f:23:45:fe:2b:72:bf:
         e7:12:5f:bc:ac:e3:46:a7:da:84:50:87:81:99:54:58:98:f8:
         fd:32:20:b2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYXn2ny/lwIsX6+4oaKmd8DEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTI1MDczNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzIxMTMwODUxOGE1MTU1NzQyOWVlODUyOTkyMDk3ZTYwY2ZmZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdwf6i/gQKreDAE/2LRWB0vXCZrF
xF6SxpAhxi+rTGNHCZ3RYFO/TlQIF22Zqcyy990vn8V7+s5/hMUm0qzMULFdCbdj
ysRF1D/q1Ztik02KVx2t4Y7Aun9pmtL5P5Cq6ee1RGh++zEXeMspnJs/CxjoO57r
+4QKeqVMIdDpmNrcvGac+BzJJyBgI/ftTpIdlrgS4n/SiA8hMhlWfc2tDOs2Y36i
9uHR56CH+aVocPikLyJoOmjV6BYyy/vsMx1dhx3P6wGubOndHKKlzxisS866XlOX
ku06Eaaga/IZqAn7wxlNKrQr3DKeiQbVyWDsYamNj6W7wU6WP0OwBwgcIwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHwhEwhRilFVdCnuhSmSCX5gz/9/MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvZkNFVENGR0tVVlYwS2U2RktaSUpmbURQXzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVXgMAwQA
VXpSAwQBVXpwAwQCwmaoAwQAwmbaAwQA2ZxUMA0GCSqGSIb3DQEBCwUAA4IBAQB7
JuK3gvj6NDbKfHFEsRK1gml/sG4UVOWCt+EjMvv0cAmAuOWWlYmKG2xEzkrlarv/
yLxzMg6qDrsPcMH+Mfz2fm9mpaLoGq+yXjnJrRU9tvIuDkmTkJTnWOY0JNIvxaic
4+HfcDLDjfUu1Ori4VIV3J3USPLUk+qiN4UR38Q4TZu9vYIT8jPRcm6A9xXvN8SF
Rnonw38XHK9xEFLi50SmQNtD0Q/o+Go/U2AxRia/e6kXxsiv4uvDLlx821CTe20S
bMS/wTjE+1x6tGwvDYXRM/ZZa95u3jpDs4z0NOR0qQqbDB8jRf4rcr/nEl+8rONG
p9qEUIeBmVRYmPj9MiCy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org