Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/xHbKjHxUd0DmDuh15ME4YDkBbD8.roa
File:                     xHbKjHxUd0DmDuh15ME4YDkBbD8.roa (raw, json)
Hash identifier:          rMJFAKh3ME2BJHhLvML71ah79We9rHgPE9oq3ZOYgbA=
Subject key identifier:   C4:76:CA:8C:7C:54:77:40:E6:0E:E8:75:E4:C1:38:60:39:01:6C:3F
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       01894E1EDABE353D994EB47741699015A4EC
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/xHbKjHxUd0DmDuh15ME4YDkBbD8.roa
Signing time:             Thu 13 Jul 2023 07:19:52 +0000
ROA not before:           Thu 13 Jul 2023 07:19:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400377
IP address blocks:        85.204.125.0/24 maxlen: 24
                          86.106.104.0/24 maxlen: 24
                          93.114.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 15:58:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:4e:1e:da:be:35:3d:99:4e:b4:77:41:69:90:15:a4:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jul 13 07:19:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c476ca8c7c547740e60ee875e4c1386039016c3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:23:ef:d7:8f:f7:14:5f:d0:42:81:e2:08:b3:
                    93:11:10:9c:9f:e0:d5:18:af:d7:e4:d8:f3:c5:7a:
                    f0:42:5d:54:e4:40:98:15:66:d0:94:c0:06:c6:7c:
                    bc:a7:b6:b1:02:76:79:18:45:9e:52:98:14:e0:22:
                    d5:92:bc:d8:95:54:67:83:5e:17:b1:69:be:e0:30:
                    43:7a:01:c4:48:e6:06:5c:f1:26:62:4d:9d:11:61:
                    bb:81:e8:ed:1e:16:02:56:1d:73:2d:cb:91:89:06:
                    b1:5d:9b:3e:ff:15:00:c8:ca:f3:d4:50:08:50:ca:
                    20:5a:1c:28:12:39:59:36:9e:b3:79:d4:23:d4:c2:
                    3d:fd:8a:a5:df:88:db:a1:db:55:d5:32:ff:fa:93:
                    1a:d2:73:e7:66:8f:01:70:f9:5e:34:fe:3a:1d:0b:
                    26:93:61:8c:20:1f:fb:0e:81:61:c1:94:70:0c:bb:
                    0f:3b:1d:36:94:f7:b8:8f:a3:b0:68:22:c7:cd:4f:
                    30:35:a0:a5:b9:29:b0:ae:59:48:be:e4:2a:21:a4:
                    80:c8:4f:d8:47:1f:b5:c5:c0:81:d0:a7:47:8d:15:
                    22:24:6c:ef:46:a4:d7:a2:bc:1c:49:04:aa:d9:74:
                    b4:07:0b:41:cb:34:64:d9:76:3b:55:14:2b:4f:e4:
                    e9:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:76:CA:8C:7C:54:77:40:E6:0E:E8:75:E4:C1:38:60:39:01:6C:3F
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/xHbKjHxUd0DmDuh15ME4YDkBbD8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.125.0/24
                  86.106.104.0/24
                  93.114.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:f8:15:00:fc:06:e0:6c:b5:8f:4c:f2:ae:8d:e5:cf:03:f2:
         5a:01:0e:bd:de:45:3d:81:38:8f:ae:56:9f:36:6c:2b:a5:de:
         10:ac:2d:c4:59:9e:e8:8e:12:df:27:d6:91:e8:48:e7:3f:4c:
         d0:19:4e:a2:3c:5f:c1:18:8f:50:2c:3d:f7:5a:3f:b1:b3:37:
         6e:30:ff:95:4f:3a:26:72:87:ed:76:d2:54:f4:d3:0b:76:aa:
         f9:4d:35:34:35:5c:96:46:73:15:13:19:9f:b9:60:4f:ae:42:
         9e:d3:4a:0e:4f:3a:1b:bf:64:2d:f4:94:b6:d1:a9:1c:77:17:
         80:0e:e1:2e:b8:22:1f:05:78:e1:68:2c:38:29:66:bc:f6:25:
         b7:c4:ae:70:44:45:da:33:3c:95:28:0b:e2:00:1e:39:2c:7f:
         3e:d8:51:8a:24:37:1b:70:cf:8a:28:ca:73:b4:fe:8a:7d:a8:
         d1:20:32:31:a8:c0:69:e2:f2:97:72:da:f4:3c:24:cd:8c:52:
         7e:e8:7c:82:1e:2d:58:fa:9c:fc:72:ba:d6:14:13:8f:b6:96:
         ab:fc:76:1a:d3:b1:ea:7b:0c:60:3f:97:0c:cd:0b:be:22:7f:
         d8:a3:bb:57:31:1d:25:8e:e8:10:f9:e0:83:a2:44:7e:5e:fa:
         5b:a8:43:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlOHtq+NT2ZTrR3QWmQFaTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwNzEzMDcxOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDc2Y2E4YzdjNTQ3NzQwZTYwZWU4NzVlNGMxMzg2MDM5MDE2YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyPv14/3FF/QQoHiCLOTERCcn+DV
GK/X5NjzxXrwQl1U5ECYFWbQlMAGxny8p7axAnZ5GEWeUpgU4CLVkrzYlVRng14X
sWm+4DBDegHESOYGXPEmYk2dEWG7gejtHhYCVh1zLcuRiQaxXZs+/xUAyMrz1FAI
UMogWhwoEjlZNp6zedQj1MI9/Yql34jbodtV1TL/+pMa0nPnZo8BcPleNP46HQsm
k2GMIB/7DoFhwZRwDLsPOx02lPe4j6OwaCLHzU8wNaCluSmwrllIvuQqIaSAyE/Y
Rx+1xcCB0KdHjRUiJGzvRqTXorwcSQSq2XS0BwtByzRk2XY7VRQrT+TpvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMR2yox8VHdA5g7odeTBOGA5AWw/MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEveEhiS2pIeFVkMERtRHVoMTVNRTRZRGtCYkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcx9AwQA
VmpoAwQAXXKrMA0GCSqGSIb3DQEBCwUAA4IBAQBt+BUA/AbgbLWPTPKujeXPA/Ja
AQ693kU9gTiPrlafNmwrpd4QrC3EWZ7ojhLfJ9aR6EjnP0zQGU6iPF/BGI9QLD33
Wj+xszduMP+VTzomcoftdtJU9NMLdqr5TTU0NVyWRnMVExmfuWBPrkKe00oOTzob
v2Qt9JS20akcdxeADuEuuCIfBXjhaCw4KWa89iW3xK5wREXaMzyVKAviAB45LH8+
2FGKJDcbcM+KKMpztP6KfajRIDIxqMBp4vKXctr0PCTNjFJ+6HyCHi1Y+pz8crrW
FBOPtpar/HYa07HqewxgP5cMzQu+In/Yo7tXMR0ljugQ+eCDokR+XvpbqEOq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org