Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/a_FjcYDSY_xHz5ebINTYne1h2aQ.roa
File:                     a_FjcYDSY_xHz5ebINTYne1h2aQ.roa (raw, json)
Hash identifier:          zTDWHTLPmOjFsPDSfFAyCEOeZnOwSs6b7fYWApiMC6Y=
Subject key identifier:   6B:F1:63:71:80:D2:63:FC:47:CF:97:9B:20:D4:D8:9D:ED:61:D9:A4
Certificate issuer:       /CN=822b30d89b1bcff699f641f88026942d16a72bcc
Certificate serial:       0186FBD2EC73AB48F7455BA0A786C50A60C0
Authority key identifier: 82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/a_FjcYDSY_xHz5ebINTYne1h2aQ.roa
Signing time:             Sun 19 Mar 2023 21:42:29 +0000
ROA not before:           Sun 19 Mar 2023 21:42:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2856
IP address blocks:        198.56.128.0/17 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 May 2023 15:18:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:fb:d2:ec:73:ab:48:f7:45:5b:a0:a7:86:c5:0a:60:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=822b30d89b1bcff699f641f88026942d16a72bcc
        Validity
            Not Before: Mar 19 21:42:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6bf1637180d263fc47cf979b20d4d89ded61d9a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:48:eb:b1:e4:49:29:cf:a3:3e:56:40:eb:6c:
                    32:0a:74:3d:c1:84:67:14:de:c9:f3:f0:5e:d0:01:
                    5f:dd:1e:3f:38:7b:94:30:3f:3e:53:04:1a:ff:6f:
                    80:3f:08:94:2d:65:67:de:6a:38:e7:9c:f0:16:b6:
                    76:9d:97:69:c0:7a:21:64:d6:97:b0:f4:9c:e5:a6:
                    1d:80:1c:e1:12:92:5a:83:ef:69:8a:8a:fe:e0:8c:
                    26:32:26:b4:95:ab:9c:9a:7b:f2:47:14:09:92:8c:
                    12:26:33:fe:ab:46:c1:32:92:17:aa:33:23:39:13:
                    e3:41:b4:55:c3:5f:47:a2:67:84:68:5d:ce:24:35:
                    7e:fe:14:4f:5d:90:95:69:f0:8d:7e:c4:68:79:1b:
                    2f:ae:ae:30:74:e0:ad:2e:c7:a5:c5:1d:4a:3e:72:
                    2b:d0:57:1a:9e:65:ba:cf:36:39:5e:2a:70:6e:27:
                    12:08:cc:cd:7e:4a:cd:3c:3b:b3:91:77:6c:17:05:
                    38:02:5c:33:1e:c9:82:54:e4:ae:4b:cf:a8:30:48:
                    f5:5e:02:ab:a5:7a:2f:b3:bb:11:05:c4:b5:20:f8:
                    3d:1d:94:3c:63:88:8b:32:5d:28:c4:95:93:c3:82:
                    63:2a:fb:f5:71:c3:82:21:a7:59:7a:2d:76:58:df:
                    c2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:F1:63:71:80:D2:63:FC:47:CF:97:9B:20:D4:D8:9D:ED:61:D9:A4
            X509v3 Authority Key Identifier:
                keyid:82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/a_FjcYDSY_xHz5ebINTYne1h2aQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.56.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         30:49:c0:96:a0:a5:78:86:f7:a7:e5:ef:83:18:47:d1:67:6a:
         b6:d5:09:8e:24:1d:c3:80:23:f4:9a:3c:7e:21:38:a5:1d:99:
         5f:2c:2b:d7:b2:01:f0:4b:60:87:5b:2e:14:7a:e8:24:07:1e:
         fc:2d:fb:9f:66:43:92:fe:db:71:e3:f9:1c:55:5a:f6:33:13:
         a7:f1:03:a1:01:ac:ae:f1:d8:1e:45:7b:4c:20:75:4d:b6:a2:
         05:70:e5:d4:4b:e7:c5:4e:d6:89:26:63:fc:8a:5f:25:cc:3a:
         fd:6d:98:a4:b4:7a:e7:69:b2:2e:23:1d:81:63:50:2d:1c:60:
         67:4c:5f:87:ce:63:5c:57:3a:6f:30:1f:04:42:6a:50:1e:2b:
         9a:e6:b7:3f:54:97:a9:13:61:c6:42:7c:b3:8f:08:0c:70:c8:
         30:5f:64:ea:ee:cf:be:5c:33:8a:0c:e1:69:2a:e3:1a:37:db:
         62:0e:96:25:8d:c2:84:1c:d1:51:88:f1:74:35:bd:f9:15:17:
         fa:08:45:99:da:84:ce:d5:0d:e6:ec:c4:fe:4f:7d:4f:63:b1:
         27:8d:a2:37:5d:64:4f:ed:cd:47:3e:f8:c5:ff:7f:bb:3d:ec:
         85:d8:e8:05:35:a4:6b:54:7b:37:49:b3:a2:b8:e0:86:ab:a6:
         0e:9f:19:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb70uxzq0j3RVugp4bFCmDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMmIzMGQ4OWIxYmNmZjY5OWY2NDFmODgwMjY5NDJkMTZh
NzJiY2MwHhcNMjMwMzE5MjE0MjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmYxNjM3MTgwZDI2M2ZjNDdjZjk3OWIyMGQ0ZDg5ZGVkNjFkOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0jrseRJKc+jPlZA62wyCnQ9wYRn
FN7J8/Be0AFf3R4/OHuUMD8+UwQa/2+APwiULWVn3mo455zwFrZ2nZdpwHohZNaX
sPSc5aYdgBzhEpJag+9pior+4IwmMia0laucmnvyRxQJkowSJjP+q0bBMpIXqjMj
ORPjQbRVw19HomeEaF3OJDV+/hRPXZCVafCNfsRoeRsvrq4wdOCtLselxR1KPnIr
0FcanmW6zzY5XipwbicSCMzNfkrNPDuzkXdsFwU4AlwzHsmCVOSuS8+oMEj1XgKr
pXovs7sRBcS1IPg9HZQ8Y4iLMl0oxJWTw4JjKvv1ccOCIadZei12WN/CtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvxY3GA0mP8R8+XmyDU2J3tYdmkMB8GA1UdIwQY
MBaAFIIrMNibG8/2mfZB+IAmlC0WpyvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEt
OTE0ZDVkYzUxOTdmLzEvYV9GamNZRFNZX3hIejVlYklOVFluZTFoMmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEtOTE0ZDVkYzUxOTdm
LzEvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHxjiAMA0G
CSqGSIb3DQEBCwUAA4IBAQAwScCWoKV4hven5e+DGEfRZ2q21QmOJB3DgCP0mjx+
ITilHZlfLCvXsgHwS2CHWy4UeugkBx78LfufZkOS/ttx4/kcVVr2MxOn8QOhAayu
8dgeRXtMIHVNtqIFcOXUS+fFTtaJJmP8il8lzDr9bZiktHrnabIuIx2BY1AtHGBn
TF+HzmNcVzpvMB8EQmpQHiua5rc/VJepE2HGQnyzjwgMcMgwX2Tq7s++XDOKDOFp
KuMaN9tiDpYljcKEHNFRiPF0Nb35FRf6CEWZ2oTO1Q3m7MT+T31PY7EnjaI3XWRP
7c1HPvjF/3+7PeyF2OgFNaRrVHs3SbOiuOCGq6YOnxkl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org