Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8uRtp8fq4IsFkr4sMkouiim2y6k.roa
File:                     8uRtp8fq4IsFkr4sMkouiim2y6k.roa (raw, json)
Hash identifier:          F5gawdyEjiJRow23DN7y2cVGARP3Bh/nJDoWzB/AaOw=
Subject key identifier:   F2:E4:6D:A7:C7:EA:E0:8B:05:92:BE:2C:32:4A:2E:8A:29:B6:CB:A9
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       01856EA6B855DCDA4A36CA09F1D227FB49F7
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8uRtp8fq4IsFkr4sMkouiim2y6k.roa
Signing time:             Sun 01 Jan 2023 18:44:57 +0000
ROA not before:           Sun 01 Jan 2023 18:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39107
IP address blocks:        86.104.125.0/24 maxlen: 24
                          2001:7f8:64::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:b8:55:dc:da:4a:36:ca:09:f1:d2:27:fb:49:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jan  1 18:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2e46da7c7eae08b0592be2c324a2e8a29b6cba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:72:dd:07:b4:9b:fe:c4:2c:33:0c:07:af:34:
                    29:b7:24:cb:50:b5:8f:1d:fc:53:18:23:5e:2c:e9:
                    ad:59:3c:5e:c0:3f:2b:20:5e:e5:0e:34:a5:c7:7e:
                    70:c5:ca:a1:30:5b:5f:08:a6:13:84:7c:bd:2a:d1:
                    07:43:ed:42:cf:36:42:7d:67:53:89:7f:9d:24:cb:
                    5e:48:33:79:03:4e:fa:04:92:5e:c3:c5:dd:dd:20:
                    74:23:97:22:a8:c6:66:e7:ff:1d:90:aa:c8:69:84:
                    b2:37:95:12:e1:e4:e3:95:e1:a1:48:b4:dd:1e:e6:
                    41:a3:36:72:39:ff:93:71:bd:e9:64:e6:77:d6:3f:
                    af:7f:65:02:37:02:6d:8b:da:02:2c:66:b6:3c:11:
                    62:cd:16:d5:a3:d6:01:06:0a:0d:78:ea:a6:51:93:
                    13:0e:2e:cf:57:40:01:51:4f:14:08:d6:13:53:99:
                    09:e8:7b:04:15:56:1c:31:cd:47:3b:d3:07:2f:5e:
                    22:f5:d6:e2:f1:d1:20:0d:fc:f9:35:e6:82:dc:e8:
                    4d:2e:6b:38:d0:9b:c4:79:c0:36:0f:31:d0:38:4b:
                    9b:45:73:07:5c:55:de:0a:7b:be:11:f8:9f:74:f9:
                    24:ff:ed:9e:d1:c7:67:37:b9:44:a5:a0:3e:72:e5:
                    86:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:E4:6D:A7:C7:EA:E0:8B:05:92:BE:2C:32:4A:2E:8A:29:B6:CB:A9
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8uRtp8fq4IsFkr4sMkouiim2y6k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.104.125.0/24
                IPv6:
                  2001:7f8:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:cf:67:0e:ce:95:29:cc:4e:02:b8:46:79:91:ad:81:81:d8:
         67:7d:98:5f:ea:87:ac:3d:3f:ff:d1:9a:e5:2e:36:69:20:bd:
         dd:41:55:c4:10:fe:b6:3e:49:d3:9a:81:38:a5:b3:4c:89:6c:
         61:0e:96:e8:0b:a7:41:a8:9a:56:c4:31:6d:5e:b6:56:ef:85:
         5c:cc:92:2a:9b:8c:b9:05:8d:80:23:85:92:6e:da:ef:fe:ea:
         3a:b9:fe:f0:5a:36:c9:8f:c1:f3:d2:24:83:93:48:34:ab:62:
         79:3c:d3:3f:51:8a:5f:6f:cc:47:db:32:36:74:ff:e0:d9:cd:
         d9:36:fa:46:91:ce:ea:93:58:fd:5d:18:46:d8:6e:1d:64:b7:
         57:11:1f:b5:66:49:de:4d:1a:c0:c6:8c:f0:29:a5:23:ab:e4:
         a6:fb:3d:08:e2:d2:a6:ce:e4:af:1a:0f:a1:40:00:b4:3a:09:
         8e:45:02:e6:de:3e:76:1d:55:95:3a:33:eb:5b:b4:d9:31:46:
         72:fb:25:1c:df:f8:ec:fa:68:59:8a:79:a7:bc:c5:17:32:09:
         36:5a:7a:23:1c:85:dd:2f:cc:29:6a:ff:74:83:83:04:a2:15:
         a5:85:e5:6f:b5:20:77:44:1c:09:6a:3f:64:24:94:1d:4a:26:
         80:d3:d1:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuprhV3NpKNsoJ8dIn+0n3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmU0NmRhN2M3ZWFlMDhiMDU5MmJlMmMzMjRhMmU4YTI5YjZjYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3LdB7Sb/sQsMwwHrzQptyTLULWP
HfxTGCNeLOmtWTxewD8rIF7lDjSlx35wxcqhMFtfCKYThHy9KtEHQ+1CzzZCfWdT
iX+dJMteSDN5A076BJJew8Xd3SB0I5ciqMZm5/8dkKrIaYSyN5US4eTjleGhSLTd
HuZBozZyOf+Tcb3pZOZ31j+vf2UCNwJti9oCLGa2PBFizRbVo9YBBgoNeOqmUZMT
Di7PV0ABUU8UCNYTU5kJ6HsEFVYcMc1HO9MHL14i9dbi8dEgDfz5NeaC3OhNLms4
0JvEecA2DzHQOEubRXMHXFXeCnu+EfifdPkk/+2e0cdnN7lEpaA+cuWGMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPLkbafH6uCLBZK+LDJKLooptsupMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvOHVSdHA4ZnE0SXNGa3I0c01rb3VpaW0yeTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVmh9MA8E
AgACMAkDBwAgAQf4AGQwDQYJKoZIhvcNAQELBQADggEBAJXPZw7OlSnMTgK4RnmR
rYGB2Gd9mF/qh6w9P//RmuUuNmkgvd1BVcQQ/rY+SdOagTils0yJbGEOlugLp0Go
mlbEMW1etlbvhVzMkiqbjLkFjYAjhZJu2u/+6jq5/vBaNsmPwfPSJIOTSDSrYnk8
0z9Ril9vzEfbMjZ0/+DZzdk2+kaRzuqTWP1dGEbYbh1kt1cRH7VmSd5NGsDGjPAp
pSOr5Kb7PQji0qbO5K8aD6FAALQ6CY5FAubePnYdVZU6M+tbtNkxRnL7JRzf+Oz6
aFmKeae8xRcyCTZaeiMchd0vzClq/3SDgwSiFaWF5W+1IHdEHAlqP2QklB1KJoDT
0cY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org