Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/ne3rPQofGXWMz6wb6UWdGdyT4Uc.roa
File:                     ne3rPQofGXWMz6wb6UWdGdyT4Uc.roa (raw, json)
Hash identifier:          c2TzFrs6pgbbd3deodc73IhDZ8czwuW7mYffYpd3Mvo=
Subject key identifier:   9D:ED:EB:3D:0A:1F:19:75:8C:CF:AC:1B:E9:45:9D:19:DC:93:E1:47
Certificate issuer:       /CN=fb02bac7b79a3109e9be3dfe4f06d585bb9f9051
Certificate serial:       0187062259583F55FC37CFC4F0A2418D8034
Authority key identifier: FB:02:BA:C7:B7:9A:31:09:E9:BE:3D:FE:4F:06:D5:85:BB:9F:90:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-wK6x7eaMQnpvj3-TwbVhbufkFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/ne3rPQofGXWMz6wb6UWdGdyT4Uc.roa
Signing time:             Tue 21 Mar 2023 21:45:26 +0000
ROA not before:           Tue 21 Mar 2023 21:45:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212321
IP address blocks:        185.217.142.0/24 maxlen: 24
                          2a10:cd01::/32 maxlen: 32
                          2a10:cd02::/32 maxlen: 32
                          2a10:cd00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:06:22:59:58:3f:55:fc:37:cf:c4:f0:a2:41:8d:80:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb02bac7b79a3109e9be3dfe4f06d585bb9f9051
        Validity
            Not Before: Mar 21 21:45:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9dedeb3d0a1f19758ccfac1be9459d19dc93e147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:86:ed:29:ce:b7:5f:29:92:38:30:34:7c:d8:
                    6d:f5:80:94:b9:be:2b:b4:51:9e:ef:fc:22:f7:49:
                    40:dc:cb:36:1b:38:91:e1:cc:01:51:06:4d:34:21:
                    4d:fc:2f:6e:1c:e3:e4:49:32:9f:48:5c:10:97:f2:
                    1b:94:ab:a9:b3:a4:4e:74:2d:76:ae:e5:bd:5f:b0:
                    ae:18:6a:0b:73:10:d8:08:52:47:ea:aa:64:41:8b:
                    50:ce:de:7b:76:e5:f5:76:82:40:5d:3a:c7:e9:20:
                    e0:b9:bd:95:af:80:d6:92:47:14:e3:e9:13:38:21:
                    bb:ce:ef:f4:20:f1:57:99:10:bb:3c:0c:1d:65:42:
                    49:ae:62:e1:22:d9:f8:7f:8d:01:19:f8:0b:da:77:
                    87:da:80:02:5a:08:d0:93:72:69:60:77:f7:78:94:
                    3a:a9:f9:3f:06:5b:fe:57:18:05:93:50:e0:11:22:
                    57:97:69:79:6a:ef:02:be:8b:36:d7:55:95:62:92:
                    4b:b7:53:b1:6e:3e:4b:3a:7b:96:7b:28:52:bc:f5:
                    e9:2e:44:01:76:a1:21:93:54:b3:c6:e9:ef:ba:25:
                    0d:63:7e:3d:0a:b1:e3:eb:9f:43:40:93:ac:b7:f1:
                    7a:fa:c3:2b:a1:75:ba:4d:c5:9e:02:61:bd:8f:fd:
                    b7:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:ED:EB:3D:0A:1F:19:75:8C:CF:AC:1B:E9:45:9D:19:DC:93:E1:47
            X509v3 Authority Key Identifier:
                keyid:FB:02:BA:C7:B7:9A:31:09:E9:BE:3D:FE:4F:06:D5:85:BB:9F:90:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wK6x7eaMQnpvj3-TwbVhbufkFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/ne3rPQofGXWMz6wb6UWdGdyT4Uc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/1-wK6x7eaMQnpvj3-TwbVhbufkFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.142.0/24
                IPv6:
                  2a10:cd00::-2a10:cd02:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         0b:d3:9c:f0:25:dd:ba:6c:6c:48:4a:3b:26:71:c8:d7:65:d1:
         12:1f:f3:87:ae:99:0d:78:82:6c:c8:96:cc:31:c1:58:35:94:
         2d:e8:e2:6c:dd:94:5b:22:26:1f:8b:c8:40:65:b1:93:4d:ec:
         8f:e9:37:a2:78:4a:45:43:e7:46:4f:a9:e0:4d:e6:75:8a:36:
         f4:09:38:b4:e1:f3:a9:5c:ee:f3:ff:ab:93:57:07:08:ff:f9:
         b1:91:cd:48:99:85:15:0e:07:57:d7:1d:1a:ed:40:7b:e9:75:
         8d:b1:1b:36:92:78:56:5f:62:64:fa:ce:b2:7c:38:fe:81:cc:
         25:70:5b:50:f1:00:89:e8:18:d6:3d:ed:80:32:40:19:03:8b:
         89:5f:c1:86:c1:81:10:15:33:7e:ca:bb:df:f0:30:d3:1f:b5:
         f2:fa:68:a6:bf:68:ee:0d:25:33:ef:a2:f8:b1:5d:b8:54:25:
         40:3e:4a:41:84:b9:e1:b1:0d:f8:47:d1:b4:97:a9:6f:c3:85:
         b7:d2:e4:d1:37:0d:2f:63:0b:57:22:88:cc:64:6d:99:dc:b8:
         55:e6:d6:81:28:50:2f:4d:5f:2d:78:60:c8:c9:c3:66:c7:27:
         0c:5e:59:94:64:f9:3d:e2:5c:29:13:2a:56:e1:0c:2b:ff:33:
         1d:a4:74:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYcGIllYP1X8N8/E8KJBjYA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDJiYWM3Yjc5YTMxMDllOWJlM2RmZTRmMDZkNTg1YmI5
ZjkwNTEwHhcNMjMwMzIxMjE0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGVkZWIzZDBhMWYxOTc1OGNjZmFjMWJlOTQ1OWQxOWRjOTNlMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYbtKc63XymSODA0fNht9YCUub4r
tFGe7/wi90lA3Ms2GziR4cwBUQZNNCFN/C9uHOPkSTKfSFwQl/IblKups6ROdC12
ruW9X7CuGGoLcxDYCFJH6qpkQYtQzt57duX1doJAXTrH6SDgub2Vr4DWkkcU4+kT
OCG7zu/0IPFXmRC7PAwdZUJJrmLhItn4f40BGfgL2neH2oACWgjQk3JpYHf3eJQ6
qfk/Blv+VxgFk1DgESJXl2l5au8Cvos211WVYpJLt1Oxbj5LOnuWeyhSvPXpLkQB
dqEhk1SzxunvuiUNY349CrHj659DQJOst/F6+sMroXW6TcWeAmG9j/23kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3t6z0KHxl1jM+sG+lFnRnck+FHMB8GA1UdIwQY
MBaAFPsCuse3mjEJ6b49/k8G1YW7n5BRMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13SzZ4N2VhTVFucHZqMy1Ud2JWaGJ1ZmtGRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvMjAwZTJiLWQzYTQtNDU1Ny05NzM1
LTQ5NTBmODZjYmI1Yi8xL25lM3JQUW9mR1hXTXo2d2I2VVdkR2R5VDRVYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWQvMjAwZTJiLWQzYTQtNDU1Ny05NzM1LTQ5NTBmODZjYmI1
Yi8xLzEtd0s2eDdlYU1RbnB2ajMtVHdiVmhidWZrRkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMAwEAgABMAYDBAC52Y4w
FQQCAAIwDzANAwQAKhDNAwUAKhDNAjANBgkqhkiG9w0BAQsFAAOCAQEAC9Oc8CXd
umxsSEo7JnHI12XREh/zh66ZDXiCbMiWzDHBWDWULejibN2UWyImH4vIQGWxk03s
j+k3onhKRUPnRk+p4E3mdYo29Ak4tOHzqVzu8/+rk1cHCP/5sZHNSJmFFQ4HV9cd
Gu1Ae+l1jbEbNpJ4Vl9iZPrOsnw4/oHMJXBbUPEAiegY1j3tgDJAGQOLiV/BhsGB
EBUzfsq73/Aw0x+18vpopr9o7g0lM++i+LFduFQlQD5KQYS54bEN+EfRtJepb8OF
t9Lk0TcNL2MLVyKIzGRtmdy4VebWgShQL01fLXhgyMnDZscnDF5ZlGT5PeJcKRMq
VuEMK/8zHaR0vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:39 2024 by rpki-client on console-fra.rpki-client.org