Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/fPqZ0wCUFbbwAfVG9blLOgMfMhA.roa
File:                     fPqZ0wCUFbbwAfVG9blLOgMfMhA.roa (raw, json)
Hash identifier:          iGMhn+Y4aG6clJr1uGWWFqQVHrvBAhzDzc3+KxBwP+M=
Subject key identifier:   7C:FA:99:D3:00:94:15:B6:F0:01:F5:46:F5:B9:4B:3A:03:1F:32:10
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       01863AD42A36BF8BBCAE168CA7553DD171DF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/fPqZ0wCUFbbwAfVG9blLOgMfMhA.roa
Signing time:             Fri 10 Feb 2023 10:17:08 +0000
ROA not before:           Fri 10 Feb 2023 10:17:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12679
IP address blocks:        213.209.145.0/24 maxlen: 24
                          213.209.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 11:45:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:3a:d4:2a:36:bf:8b:bc:ae:16:8c:a7:55:3d:d1:71:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Feb 10 10:17:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7cfa99d3009415b6f001f546f5b94b3a031f3210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:91:f8:65:d7:5e:f6:cf:50:ff:eb:c3:6f:a1:
                    c3:43:04:0b:ec:61:43:7e:f1:da:d5:e3:90:38:68:
                    a8:be:35:05:89:ab:cb:d9:d7:16:a9:7f:a0:e8:55:
                    d0:81:30:e4:d3:c8:71:b1:4c:d8:e1:16:a9:37:a5:
                    82:10:b8:73:89:28:3a:ed:b2:38:b8:35:f0:be:a7:
                    8d:48:08:9e:5e:74:1d:86:5c:ef:ff:f3:a9:ad:ef:
                    ab:fc:40:86:81:27:44:d7:03:2f:60:34:17:d2:7b:
                    8d:f3:17:29:0a:39:38:09:d2:13:23:c4:f3:25:67:
                    72:8c:ef:dc:db:bc:b0:15:2f:8a:2a:ba:83:3e:c8:
                    13:d2:ae:12:45:09:9f:1c:1f:87:c6:a6:aa:07:1d:
                    eb:2d:c8:af:93:ab:a6:7c:88:50:7d:14:da:c2:05:
                    45:1b:28:86:7e:09:02:4f:8c:c0:24:d7:f9:f3:85:
                    7f:8c:ef:b0:96:0c:d8:62:57:f0:d7:db:a2:1a:95:
                    6b:1a:28:a0:7b:5b:06:be:7a:5f:31:8b:8e:df:ac:
                    a1:5e:37:16:68:0b:7e:14:c3:0e:3b:1c:19:9e:8d:
                    e8:21:20:2e:79:6b:ed:e0:e7:2f:55:11:97:b4:f9:
                    6e:fc:12:5d:cd:49:ee:60:57:af:55:5f:63:fb:39:
                    53:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:FA:99:D3:00:94:15:B6:F0:01:F5:46:F5:B9:4B:3A:03:1F:32:10
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/fPqZ0wCUFbbwAfVG9blLOgMfMhA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.209.145.0/24
                  213.209.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:cf:47:16:a1:b2:2a:9b:da:d1:ce:70:a1:70:da:96:d8:3e:
         08:8f:74:57:4d:f6:72:d4:ec:26:1b:53:9b:88:a1:b2:e4:d2:
         6a:3d:75:6e:ff:8d:35:c6:65:28:1b:09:de:49:f0:0b:18:29:
         26:b3:a9:00:e2:50:19:65:4b:af:30:f8:ae:5a:6c:bb:95:1c:
         cd:c2:f3:3e:7c:1c:2f:5b:9e:bd:d9:73:bb:32:76:6a:e1:e2:
         56:b6:4f:82:3d:30:a0:04:47:38:f3:a0:63:0c:98:c4:b4:3b:
         17:ff:a6:1c:42:7c:9d:3b:3c:51:f6:91:42:6a:42:d6:d4:1c:
         94:ba:a5:75:75:8c:a6:1b:ea:08:f7:4c:99:bc:9b:64:f5:f5:
         cb:24:2f:fd:27:cd:99:e2:e5:d9:bb:8b:e1:7c:5f:43:3a:99:
         de:70:96:d4:a0:20:70:e2:0b:fb:cd:70:c3:fd:53:69:e9:af:
         cb:b0:37:69:0c:90:44:55:a3:6f:e8:1e:1e:db:73:90:03:ea:
         36:d3:d0:93:cd:aa:17:ea:d1:b2:e9:fb:4b:d4:48:f0:0f:6d:
         dc:ef:12:23:d2:d3:3f:b5:c0:e7:fd:07:aa:5c:50:2d:1d:75:
         ff:e8:2f:2c:76:b8:66:c0:5d:f5:40:d7:96:0c:f8:19:cd:1a:
         c0:66:7d:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYY61Co2v4u8rhaMp1U90XHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMjEwMTAxNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2ZhOTlkMzAwOTQxNWI2ZjAwMWY1NDZmNWI5NGIzYTAzMWYzMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJH4Zdde9s9Q/+vDb6HDQwQL7GFD
fvHa1eOQOGiovjUFiavL2dcWqX+g6FXQgTDk08hxsUzY4RapN6WCELhziSg67bI4
uDXwvqeNSAieXnQdhlzv//Opre+r/ECGgSdE1wMvYDQX0nuN8xcpCjk4CdITI8Tz
JWdyjO/c27ywFS+KKrqDPsgT0q4SRQmfHB+HxqaqBx3rLcivk6umfIhQfRTawgVF
GyiGfgkCT4zAJNf584V/jO+wlgzYYlfw19uiGpVrGiige1sGvnpfMYuO36yhXjcW
aAt+FMMOOxwZno3oISAueWvt4OcvVRGXtPlu/BJdzUnuYFevVV9j+zlTowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHz6mdMAlBW28AH1RvW5SzoDHzIQMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZlBxWjB3Q1VGYmJ3QWZWRzlibExPZ01mTWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dGRAwQA
1dGWMA0GCSqGSIb3DQEBCwUAA4IBAQCuz0cWobIqm9rRznChcNqW2D4Ij3RXTfZy
1OwmG1ObiKGy5NJqPXVu/401xmUoGwneSfALGCkms6kA4lAZZUuvMPiuWmy7lRzN
wvM+fBwvW5692XO7MnZq4eJWtk+CPTCgBEc486BjDJjEtDsX/6YcQnydOzxR9pFC
akLW1ByUuqV1dYymG+oI90yZvJtk9fXLJC/9J82Z4uXZu4vhfF9DOpnecJbUoCBw
4gv7zXDD/VNp6a/LsDdpDJBEVaNv6B4e23OQA+o209CTzaoX6tGy6ftL1EjwD23c
7xIj0tM/tcDn/QeqXFAtHXX/6C8sdrhmwF31QNeWDPgZzRrAZn1x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org