Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/AgSYsvR11ZRGdssllZtWIoCCJ9Q.roa
File:                     AgSYsvR11ZRGdssllZtWIoCCJ9Q.roa (raw, json)
Hash identifier:          LKkIiL4wmW1DG7mG+zArG/K8T0ABRus1meoINDgv0+E=
Subject key identifier:   02:04:98:B2:F4:75:D5:94:46:76:CB:25:95:9B:56:22:80:82:27:D4
Certificate issuer:       /CN=fbd83efdd9996f8c75e7f4114e466ebf836968ea
Certificate serial:       01856D81CC7D82EB8C3809583F3BD9864691
Authority key identifier: FB:D8:3E:FD:D9:99:6F:8C:75:E7:F4:11:4E:46:6E:BF:83:69:68:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-9g-_dmZb4x15_QRTkZuv4NpaOo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/AgSYsvR11ZRGdssllZtWIoCCJ9Q.roa
Signing time:             Sun 01 Jan 2023 13:25:00 +0000
ROA not before:           Sun 01 Jan 2023 13:25:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28854
IP address blocks:        185.60.128.0/22 maxlen: 24
                          80.84.32.0/20 maxlen: 24
                          88.206.128.0/17 maxlen: 24
                          2a04:f40::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:cc:7d:82:eb:8c:38:09:58:3f:3b:d9:86:46:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fbd83efdd9996f8c75e7f4114e466ebf836968ea
        Validity
            Not Before: Jan  1 13:25:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=020498b2f475d5944676cb25959b5622808227d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:9f:f8:de:e5:1d:40:38:48:0f:86:93:b2:a5:
                    a3:8d:8d:ca:2e:79:08:0c:52:02:5d:d2:7a:3d:c4:
                    88:dd:c8:7d:a5:24:1a:1b:4b:4b:71:5d:08:f4:56:
                    1b:1f:a9:29:b7:36:ec:05:76:bd:ac:d5:d7:66:70:
                    9e:17:09:f6:5b:65:99:e1:28:81:34:34:c1:92:ed:
                    6b:87:23:d6:e0:79:32:18:41:7c:81:bd:ea:d6:5a:
                    87:44:60:87:bb:4c:ed:7a:dd:d1:e4:93:99:26:c6:
                    cb:56:19:b5:e1:31:f3:36:78:f1:a9:fa:f6:f8:83:
                    db:85:42:1a:c2:35:9b:aa:b9:ab:ab:db:84:ed:f4:
                    c3:4a:e8:07:5c:8a:05:3d:87:fb:4f:b7:e4:4c:a2:
                    a6:8c:9f:51:e8:b7:0c:86:aa:a2:01:26:56:bc:c7:
                    82:60:12:99:c2:1c:a6:28:39:e6:91:1c:b4:83:a4:
                    11:ff:d4:e8:e9:fe:7d:8d:0b:0b:4d:95:00:bb:2d:
                    ac:13:27:a1:80:2c:0f:e3:97:a3:5a:cd:ce:6b:2c:
                    b2:ca:25:02:bb:11:a1:4b:78:3c:f0:7b:1f:43:0c:
                    aa:49:31:bc:0e:7a:f2:00:04:d9:b4:b3:be:24:8e:
                    a0:a0:ef:59:42:7d:1d:e9:ad:c2:dd:37:c2:3a:9c:
                    08:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:04:98:B2:F4:75:D5:94:46:76:CB:25:95:9B:56:22:80:82:27:D4
            X509v3 Authority Key Identifier:
                keyid:FB:D8:3E:FD:D9:99:6F:8C:75:E7:F4:11:4E:46:6E:BF:83:69:68:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-9g-_dmZb4x15_QRTkZuv4NpaOo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/AgSYsvR11ZRGdssllZtWIoCCJ9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/1-9g-_dmZb4x15_QRTkZuv4NpaOo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.84.32.0/20
                  88.206.128.0/17
                  185.60.128.0/22
                IPv6:
                  2a04:f40::/29

    Signature Algorithm: sha256WithRSAEncryption
         8d:89:ab:cf:16:75:f3:0c:e5:cd:ab:cd:7a:4b:f5:b3:36:6a:
         40:72:5c:6c:a1:b4:ae:44:68:81:d3:7c:b9:1d:d3:26:ae:14:
         78:56:3d:4f:b0:44:87:b6:e6:3e:87:15:d8:5d:b0:b5:09:3c:
         4c:60:f3:45:7e:c6:56:2a:64:35:6c:a4:20:b2:7a:f5:da:2e:
         10:72:b1:d6:af:61:c8:af:d5:35:8c:ff:75:68:7b:38:fe:fb:
         0f:5a:2c:04:88:cd:e8:0d:01:df:5f:52:59:30:2c:7d:cf:7f:
         f5:07:54:16:c9:af:a8:7b:c2:95:00:80:b3:42:a6:9e:b8:59:
         0e:80:2f:e2:3a:fc:45:9d:34:c3:c9:ba:ea:6b:6f:9f:a2:4c:
         cb:9a:36:1f:11:65:e4:1f:05:9b:c5:f6:5a:1a:8c:05:5b:55:
         b3:67:5d:d2:0d:c6:d8:0d:5f:01:8c:f8:30:1c:65:6b:e6:88:
         2d:11:48:02:9b:81:5a:05:47:eb:3d:5f:59:91:54:01:e6:30:
         a6:d9:1b:ad:85:fd:c6:fd:05:31:b5:15:53:54:d7:41:a4:ec:
         34:06:1f:f4:db:8f:eb:5b:64:af:de:9b:dd:94:f5:1c:62:47:
         74:28:5e:3e:7d:2e:28:37:7b:ea:e9:45:d1:5c:10:b1:9a:a4:
         88:30:a3:4f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtgcx9guuMOAlYPzvZhkaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZDgzZWZkZDk5OTZmOGM3NWU3ZjQxMTRlNDY2ZWJmODM2
OTY4ZWEwHhcNMjMwMTAxMTMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjA0OThiMmY0NzVkNTk0NDY3NmNiMjU5NTliNTYyMjgwODIyN2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp/43uUdQDhID4aTsqWjjY3KLnkI
DFICXdJ6PcSI3ch9pSQaG0tLcV0I9FYbH6kptzbsBXa9rNXXZnCeFwn2W2WZ4SiB
NDTBku1rhyPW4HkyGEF8gb3q1lqHRGCHu0ztet3R5JOZJsbLVhm14THzNnjxqfr2
+IPbhUIawjWbqrmrq9uE7fTDSugHXIoFPYf7T7fkTKKmjJ9R6LcMhqqiASZWvMeC
YBKZwhymKDnmkRy0g6QR/9To6f59jQsLTZUAuy2sEyehgCwP45ejWs3OayyyyiUC
uxGhS3g88HsfQwyqSTG8DnryAATZtLO+JI6goO9ZQn0d6a3C3TfCOpwI7wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAIEmLL0ddWURnbLJZWbViKAgifUMB8GA1UdIwQY
MBaAFPvYPv3ZmW+Mdef0EU5Gbr+DaWjqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS05Zy1fZG1aYjR4MTVfUVJUa1p1djROcGFPby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvYWEwNmE1LTdlZjYtNGJjOS1iMGEw
LTJmYTgzOTAxN2Q3NS8xL0FnU1lzdlIxMVpSR2Rzc2xsWnRXSW9DQ0o5US5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmMvYWEwNmE1LTdlZjYtNGJjOS1iMGEwLTJmYTgzOTAxN2Q3
NS8xLzEtOWctX2RtWmI0eDE1X1FSVGtadXY0TnBhT28uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBARQVCAD
BAdYzoADBAK5PIAwDQQCAAIwBwMFAyoED0AwDQYJKoZIhvcNAQELBQADggEBAI2J
q88WdfMM5c2rzXpL9bM2akByXGyhtK5EaIHTfLkd0yauFHhWPU+wRIe25j6HFdhd
sLUJPExg80V+xlYqZDVspCCyevXaLhBysdavYciv1TWM/3Voezj++w9aLASIzegN
Ad9fUlkwLH3Pf/UHVBbJr6h7wpUAgLNCpp64WQ6AL+I6/EWdNMPJuuprb5+iTMua
Nh8RZeQfBZvF9loajAVbVbNnXdINxtgNXwGM+DAcZWvmiC0RSAKbgVoFR+s9X1mR
VAHmMKbZG62F/cb9BTG1FVNU10Gk7DQGH/Tbj+tbZK/em92U9RxiR3QoXj59Lig3
e+rpRdFcELGapIgwo08=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:50 2024 by rpki-client on console-fra.rpki-client.org