Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/fGpOTmPqV0gEWtQehwufGmFDxZI.roa
File:                     fGpOTmPqV0gEWtQehwufGmFDxZI.roa (raw, json)
Hash identifier:          XlG2FLw52h9VgkIGUN6g+mYYxWT8qZAhdd7Tff8SV14=
Subject key identifier:   7C:6A:4E:4E:63:EA:57:48:04:5A:D4:1E:87:0B:9F:1A:61:43:C5:92
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       01857355D5599C32AE282253C53DABDB503C
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/fGpOTmPqV0gEWtQehwufGmFDxZI.roa
Signing time:             Mon 02 Jan 2023 16:34:42 +0000
ROA not before:           Mon 02 Jan 2023 16:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3257
IP address blocks:        213.200.64.0/18 maxlen: 18
                          141.136.96.0/20 maxlen: 20
                          46.33.64.0/19 maxlen: 24
                          213.254.192.0/18 maxlen: 24
                          89.149.128.0/18 maxlen: 24
                          213.251.0.0/18 maxlen: 24
                          77.67.0.0/17 maxlen: 24
                          185.160.40.0/22 maxlen: 22
                          2001:668::/29 maxlen: 29
                          2001:668::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 10:44:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:55:d5:59:9c:32:ae:28:22:53:c5:3d:ab:db:50:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Jan  2 16:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c6a4e4e63ea5748045ad41e870b9f1a6143c592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:11:23:09:da:be:9d:11:07:e5:94:0a:43:9f:
                    6c:41:b2:83:f0:c5:8e:8c:ff:03:0a:8c:6a:aa:37:
                    ae:4d:03:e7:76:08:38:6d:70:b8:06:44:48:bc:b5:
                    5d:98:9b:06:e3:a7:d8:ca:6d:21:4c:2e:87:b9:f9:
                    4f:78:5c:14:9e:21:8a:bc:fc:59:26:10:23:c0:33:
                    8d:6b:69:65:74:fa:8f:a8:65:7d:43:2f:fa:c3:5d:
                    fc:b9:a5:4d:9e:e9:ed:2c:89:22:c2:7e:6a:ef:ad:
                    c1:b4:59:48:b5:33:08:90:30:78:f7:90:0c:e2:08:
                    17:19:c0:72:be:15:90:ed:95:e9:3d:89:62:07:f8:
                    04:b0:fa:40:1c:67:7b:ac:14:60:5b:0d:4d:b3:91:
                    73:29:3e:c4:ab:50:15:16:c3:c7:34:d1:90:8e:97:
                    7b:f7:9f:f7:cb:ea:6b:f3:3e:de:46:b0:39:a1:c6:
                    44:12:d5:53:8e:dc:ae:2f:eb:9f:3b:06:2a:42:97:
                    9f:d2:f7:e2:95:34:f2:47:68:9b:e8:f0:86:87:51:
                    7e:f5:4c:4e:78:1a:96:33:ee:36:e3:58:53:f7:9f:
                    a9:ec:de:2f:16:af:da:7b:72:ea:18:43:da:eb:4b:
                    3e:2c:4e:3f:11:ba:c2:2e:d8:b0:11:f9:46:c4:ea:
                    de:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:6A:4E:4E:63:EA:57:48:04:5A:D4:1E:87:0B:9F:1A:61:43:C5:92
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/fGpOTmPqV0gEWtQehwufGmFDxZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.33.64.0/19
                  77.67.0.0/17
                  89.149.128.0/18
                  141.136.96.0/20
                  185.160.40.0/22
                  213.200.64.0/18
                  213.251.0.0/18
                  213.254.192.0/18
                IPv6:
                  2001:668::/29

    Signature Algorithm: sha256WithRSAEncryption
         b9:7b:67:2b:f1:c0:22:c3:eb:41:d9:a2:56:af:e0:1e:7d:9c:
         9f:c3:fc:f8:ee:d1:9b:08:10:19:8a:fa:7d:d0:22:7a:33:2b:
         53:69:7d:59:a9:20:74:b1:8e:0c:87:18:8e:1c:d5:27:f4:a4:
         2c:f4:62:d7:c0:1a:bf:d8:46:6a:a7:07:ca:9e:cc:ed:d1:77:
         89:36:8c:d7:5b:6a:06:51:64:0d:f8:af:b0:1c:1c:22:1e:5b:
         66:e4:8b:cb:83:56:1b:73:a5:32:7d:38:2c:4b:59:61:b3:75:
         5f:a6:3d:db:60:e0:9e:50:33:c6:1c:db:4e:fc:83:49:6e:29:
         b6:b1:57:7c:8f:7c:ce:c2:31:95:81:5c:1b:53:d6:62:f2:58:
         e4:60:39:65:d5:bb:56:f5:b8:08:98:36:cb:78:39:86:b4:62:
         93:23:d4:b7:b8:cd:51:c7:8b:3a:fb:8a:34:36:76:ac:eb:41:
         2d:4a:0b:47:0c:2c:11:34:fa:fb:5b:64:d4:71:38:87:c6:a7:
         0e:3f:a9:99:53:41:ec:c9:fd:1e:c3:c5:81:ab:f9:5a:38:43:
         ec:fa:0b:76:f9:4b:8f:62:27:98:fd:ad:79:8e:c9:ac:4c:6f:
         0d:d2:95:f3:53:5a:5d:49:9a:7b:61:17:68:65:1c:8c:4f:0f:
         8d:a7:82:b4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVzVdVZnDKuKCJTxT2r21A8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTAyMTYzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzZhNGU0ZTYzZWE1NzQ4MDQ1YWQ0MWU4NzBiOWYxYTYxNDNjNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihEjCdq+nREH5ZQKQ59sQbKD8MWO
jP8DCoxqqjeuTQPndgg4bXC4BkRIvLVdmJsG46fYym0hTC6HuflPeFwUniGKvPxZ
JhAjwDONa2lldPqPqGV9Qy/6w138uaVNnuntLIkiwn5q763BtFlItTMIkDB495AM
4ggXGcByvhWQ7ZXpPYliB/gEsPpAHGd7rBRgWw1Ns5FzKT7Eq1AVFsPHNNGQjpd7
95/3y+pr8z7eRrA5ocZEEtVTjtyuL+ufOwYqQpef0vfilTTyR2ib6PCGh1F+9UxO
eBqWM+4241hT95+p7N4vFq/ae3LqGEPa60s+LE4/EbrCLtiwEflGxOreTwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHxqTk5j6ldIBFrUHocLnxphQ8WSMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvZkdwT1RtUHFWMGdFV3RRZWh3dWZHbUZEeFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQFLiFAAwQH
TUMAAwQGWZWAAwQEjYhgAwQCuaAoAwQG1chAAwQG1fsAAwQG1f7AMA0EAgACMAcD
BQMgAQZoMA0GCSqGSIb3DQEBCwUAA4IBAQC5e2cr8cAiw+tB2aJWr+AefZyfw/z4
7tGbCBAZivp90CJ6MytTaX1ZqSB0sY4MhxiOHNUn9KQs9GLXwBq/2EZqpwfKnszt
0XeJNozXW2oGUWQN+K+wHBwiHltm5IvLg1Ybc6UyfTgsS1lhs3Vfpj3bYOCeUDPG
HNtO/INJbim2sVd8j3zOwjGVgVwbU9Zi8ljkYDll1btW9bgImDbLeDmGtGKTI9S3
uM1Rx4s6+4o0Nnas60EtSgtHDCwRNPr7W2TUcTiHxqcOP6mZU0Hsyf0ew8WBq/la
OEPs+gt2+UuPYieY/a15jsmsTG8N0pXzU1pdSZp7YRdoZRyMTw+Np4K0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:34 2024 by rpki-client on console-ams.rpki-client.org