Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/1-6FpSCxci7Q4v1E1bXOZyN1-vQs.roa
File:                     1-6FpSCxci7Q4v1E1bXOZyN1-vQs.roa (raw, json)
Hash identifier:          trjGQwz96cERs/TdbyNLTOikwF3e7xFsvQTn1NKT3gw=
Subject key identifier:   FB:A1:69:48:2C:5C:8B:B4:38:BF:51:35:6D:73:99:C8:DD:7E:BD:0B
Certificate issuer:       /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial:       018CC3B6758796DAC6CF0F1F731A7B45873B
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/1-6FpSCxci7Q4v1E1bXOZyN1-vQs.roa
Signing time:             Mon 01 Jan 2024 06:29:23 +0000
ROA not before:           Mon 01 Jan 2024 06:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202909
IP address blocks:        81.94.55.0/24 maxlen: 24
                          37.186.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 19 Sep 2024 08:24:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:75:87:96:da:c6:cf:0f:1f:73:1a:7b:45:87:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
        Validity
            Not Before: Jan  1 06:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fba169482c5c8bb438bf51356d7399c8dd7ebd0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:fb:bf:bf:be:04:70:ee:ae:4e:3a:1c:bd:f3:
                    f9:89:fb:33:c4:4d:35:b2:15:85:41:35:81:37:07:
                    1c:b5:b5:d2:1e:e3:7a:f2:8e:af:dc:69:6d:d6:bf:
                    23:e7:82:f3:82:09:fa:27:57:78:99:61:5a:56:f5:
                    db:9c:bd:b3:1f:95:77:7e:3d:4f:37:db:bf:dc:d2:
                    35:f2:59:02:d2:00:eb:99:b6:8e:99:e1:cf:06:17:
                    dd:bb:36:3b:90:05:e6:97:68:d0:05:bc:28:bb:cc:
                    f5:54:44:3d:2d:ac:87:4f:be:17:57:39:ee:0e:4b:
                    1a:33:db:b8:17:44:76:96:4e:83:2e:44:2f:fb:f1:
                    bd:9f:09:b5:e7:d3:98:42:bd:57:d9:79:be:58:a7:
                    5e:ea:c3:5c:13:a4:63:83:70:a8:e3:27:5a:59:3a:
                    3d:88:aa:55:ce:53:77:e9:b7:36:b3:db:e8:96:ad:
                    ce:39:1b:dd:37:71:14:a7:6d:95:dd:23:51:fa:02:
                    bd:d9:25:ac:db:a2:c0:3f:81:2f:45:88:d0:2c:72:
                    0f:9b:18:51:04:c5:43:47:80:3f:98:90:ed:ea:28:
                    a9:50:55:72:32:43:f2:66:c1:b6:07:f0:e2:e0:ac:
                    c9:a5:87:79:8e:c8:98:5d:ea:0a:88:5d:6c:51:84:
                    72:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:A1:69:48:2C:5C:8B:B4:38:BF:51:35:6D:73:99:C8:DD:7E:BD:0B
            X509v3 Authority Key Identifier:
                keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/1-6FpSCxci7Q4v1E1bXOZyN1-vQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.186.5.0/24
                  81.94.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:67:18:0e:44:3c:b2:d5:17:58:78:ff:fb:05:0b:e7:37:5f:
         6d:65:e1:4d:cf:ae:48:12:a2:93:b0:59:4c:bd:f7:b3:76:97:
         3e:fb:16:8f:9a:30:ef:a8:57:d3:1f:ea:de:b2:5d:7e:b3:ec:
         75:b7:93:1e:20:f0:03:b8:62:cf:c6:c5:2f:37:5c:ff:d6:47:
         6c:5b:d7:7b:86:9c:a3:9d:5d:a0:a9:f3:d8:ed:b5:63:8f:9f:
         09:10:90:e4:d2:43:bf:50:da:d5:6e:b8:b5:39:3a:4c:3e:0a:
         09:45:6d:12:35:c4:ef:f5:91:fd:8e:71:c6:06:56:74:f6:3e:
         09:ad:8b:dd:da:b2:b5:6f:3f:99:ec:48:7c:6e:06:73:c9:71:
         8a:60:16:09:d7:d9:f8:cb:b5:59:de:a6:0e:ac:cb:8b:2a:6a:
         4f:65:97:5c:71:4d:76:25:1f:af:77:ca:8d:10:ad:4e:3a:9f:
         1d:d2:7a:84:5a:97:83:1d:eb:d7:df:5e:5a:a3:5a:07:2a:d9:
         f5:6d:1b:4e:1e:ce:28:d3:08:83:13:6e:99:62:03:09:7b:a4:
         59:d9:38:45:3e:e1:80:d0:cd:8a:32:ec:52:5e:f1:74:02:5f:
         cc:52:2a:6c:d0:50:3b:be:84:cf:8b:88:57:b2:cf:c9:da:6e:
         80:b5:4d:c8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzDtnWHltrGzw8fcxp7RYc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmExNjk0ODJjNWM4YmI0MzhiZjUxMzU2ZDczOTljOGRkN2ViZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPu/v74EcO6uTjocvfP5ifszxE01
shWFQTWBNwcctbXSHuN68o6v3Glt1r8j54Lzggn6J1d4mWFaVvXbnL2zH5V3fj1P
N9u/3NI18lkC0gDrmbaOmeHPBhfduzY7kAXml2jQBbwou8z1VEQ9LayHT74XVznu
DksaM9u4F0R2lk6DLkQv+/G9nwm159OYQr1X2Xm+WKde6sNcE6Rjg3Co4ydaWTo9
iKpVzlN36bc2s9volq3OORvdN3EUp22V3SNR+gK92SWs26LAP4EvRYjQLHIPmxhR
BMVDR4A/mJDt6iipUFVyMkPyZsG2B/Di4KzJpYd5jsiYXeoKiF1sUYRybQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPuhaUgsXIu0OL9RNW1zmcjdfr0LMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvMS02RnBTQ3hjaTdRNHYxRTFiWE9aeU4xLXZRcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzEvYjhjYWU0LWI1YWYtNDM4MC05ODE3LTQ2NTM4Y2E1Mzgz
Yy8xL090WlNGb0V1MGtfUnh4bUhHbG1wY2Q3RENpWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEACW6BQME
AFFeNzANBgkqhkiG9w0BAQsFAAOCAQEAGWcYDkQ8stUXWHj/+wUL5zdfbWXhTc+u
SBKik7BZTL33s3aXPvsWj5ow76hX0x/q3rJdfrPsdbeTHiDwA7hiz8bFLzdc/9ZH
bFvXe4aco51doKnz2O21Y4+fCRCQ5NJDv1Da1W64tTk6TD4KCUVtEjXE7/WR/Y5x
xgZWdPY+Ca2L3dqytW8/mexIfG4Gc8lximAWCdfZ+Mu1Wd6mDqzLiypqT2WXXHFN
diUfr3fKjRCtTjqfHdJ6hFqXgx3r199eWqNaByrZ9W0bTh7OKNMIgxNumWIDCXuk
Wdk4RT7hgNDNijLsUl7xdAJfzFIqbNBQO76Ez4uIV7LPydpugLVNyA==
-----END CERTIFICATE-----
Generated at Thu Sep 19 13:12:31 2024 by rpki-client on console-ams.rpki-client.org