Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/sFBUF_G-4IhKVKqcxeoOGtKpEpc.roa
File:                     sFBUF_G-4IhKVKqcxeoOGtKpEpc.roa (raw, json)
Hash identifier:          6w5E6mNMSM5qRg5kRFkLJ0dqD/cOSgc/8AnrYj8QZKc=
Subject key identifier:   B0:50:54:17:F1:BE:E0:88:4A:54:AA:9C:C5:EA:0E:1A:D2:A9:12:97
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018FEFBC52B4E218BBA0681A2779D61DCED8
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/sFBUF_G-4IhKVKqcxeoOGtKpEpc.roa
Signing time:             Thu 06 Jun 2024 22:47:27 +0000
ROA not before:           Thu 06 Jun 2024 22:47:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     152700
IP address blocks:        185.199.151.0/24 maxlen: 24
                          185.226.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 03 Aug 2024 11:09:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:ef:bc:52:b4:e2:18:bb:a0:68:1a:27:79:d6:1d:ce:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Jun  6 22:47:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b0505417f1bee0884a54aa9cc5ea0e1ad2a91297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:10:a8:83:21:59:e2:ba:60:98:12:ea:02:04:
                    c8:9e:d1:93:c3:3a:e5:86:bc:f2:1e:7c:27:23:a1:
                    85:d1:37:5c:96:70:c1:ec:d6:7c:1e:82:a2:8a:21:
                    66:d0:d7:f0:08:75:ed:ca:d4:76:48:70:d4:33:6a:
                    6b:7a:3f:69:0d:de:3e:f0:91:05:12:12:8f:1c:da:
                    2c:cf:dd:d5:b2:52:fd:f3:8e:c8:8e:8e:49:a9:df:
                    5c:2c:e6:38:f6:45:ed:d4:98:85:46:30:29:77:bb:
                    e5:bd:1c:54:8e:76:0d:fb:06:02:ba:92:c5:17:fe:
                    a2:a7:9b:18:04:78:9d:7b:e0:fd:ca:32:ff:87:92:
                    ab:61:5f:0e:48:6b:e7:e1:e3:e3:f7:aa:c8:63:d1:
                    2d:41:7f:27:fb:2f:2d:10:77:35:f1:ce:fc:fb:2e:
                    a3:08:c9:ca:e9:3a:34:41:af:bc:f8:c4:f1:b4:3e:
                    64:6b:67:2c:2a:ca:75:99:03:a4:d9:a3:72:43:59:
                    7a:96:3a:39:18:ab:14:c6:37:28:a4:4b:0b:df:e9:
                    d0:da:ec:0f:da:87:76:d2:21:71:2d:1b:33:0e:bf:
                    26:e7:04:90:83:3f:5f:9a:23:dd:16:f0:43:7d:fb:
                    9d:b4:d7:76:e5:ed:6b:0d:e7:c8:ea:a5:21:01:f1:
                    d9:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:50:54:17:F1:BE:E0:88:4A:54:AA:9C:C5:EA:0E:1A:D2:A9:12:97
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/sFBUF_G-4IhKVKqcxeoOGtKpEpc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.199.151.0/24
                  185.226.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:77:71:b1:1a:73:65:3a:1c:1a:06:81:eb:2d:a1:8c:9f:a7:
         7c:6a:62:7d:27:88:b0:e5:99:7f:73:36:63:2a:68:a6:11:ce:
         db:08:69:d1:23:d1:75:81:94:6d:ec:f5:bb:10:aa:6d:6e:21:
         ce:30:78:5e:80:f8:1b:24:9f:bf:f6:a8:7e:f9:f8:2c:d4:5b:
         f7:0d:18:61:10:74:a7:37:45:c4:d9:1b:c2:6b:58:a1:c1:43:
         09:bd:d7:89:9d:89:f4:90:46:dd:24:15:44:5b:3a:48:dc:89:
         11:6b:3c:7b:d4:e4:e3:a2:dc:94:52:98:ab:3c:9c:d3:c2:42:
         b6:b2:d9:dc:85:82:9e:cc:a1:2d:2c:11:f8:7a:1a:da:d4:31:
         11:23:39:73:5d:8f:e6:2d:7f:d4:28:3b:02:f0:7b:73:06:2f:
         b4:a6:92:95:d6:ef:42:bc:82:95:8b:16:c8:64:16:d2:5b:4d:
         21:78:c0:ac:bd:93:ed:51:0a:ac:fa:2a:c1:82:1b:60:73:3e:
         ca:01:16:d8:e4:c7:18:e1:11:84:8a:82:0a:00:98:8c:8f:13:
         97:12:fe:94:8f:86:5e:8c:04:b0:46:f7:5c:37:eb:19:77:a0:
         21:ca:fa:80:c0:dc:4b:89:68:7a:69:d3:6b:9f:37:d4:ed:69:
         4c:6a:15:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/vvFK04hi7oGgaJ3nWHc7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwNjA2MjI0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDUwNTQxN2YxYmVlMDg4NGE1NGFhOWNjNWVhMGUxYWQyYTkxMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshCogyFZ4rpgmBLqAgTIntGTwzrl
hrzyHnwnI6GF0TdclnDB7NZ8HoKiiiFm0NfwCHXtytR2SHDUM2prej9pDd4+8JEF
EhKPHNosz93VslL9847Ijo5Jqd9cLOY49kXt1JiFRjApd7vlvRxUjnYN+wYCupLF
F/6ip5sYBHide+D9yjL/h5KrYV8OSGvn4ePj96rIY9EtQX8n+y8tEHc18c78+y6j
CMnK6To0Qa+8+MTxtD5ka2csKsp1mQOk2aNyQ1l6ljo5GKsUxjcopEsL3+nQ2uwP
2od20iFxLRszDr8m5wSQgz9fmiPdFvBDffudtNd25e1rDefI6qUhAfHZvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLBQVBfxvuCISlSqnMXqDhrSqRKXMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvc0ZCVUZfRy00SWhLVktxY3hlb09HdEtwRXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuceXAwQA
ueK1MA0GCSqGSIb3DQEBCwUAA4IBAQAfd3GxGnNlOhwaBoHrLaGMn6d8amJ9J4iw
5Zl/czZjKmimEc7bCGnRI9F1gZRt7PW7EKptbiHOMHhegPgbJJ+/9qh++fgs1Fv3
DRhhEHSnN0XE2RvCa1ihwUMJvdeJnYn0kEbdJBVEWzpI3IkRazx71OTjotyUUpir
PJzTwkK2stnchYKezKEtLBH4ehra1DERIzlzXY/mLX/UKDsC8HtzBi+0ppKV1u9C
vIKVixbIZBbSW00heMCsvZPtUQqs+irBghtgcz7KARbY5McY4RGEioIKAJiMjxOX
Ev6Uj4ZejASwRvdcN+sZd6AhyvqAwNxLiWh6adNrnzfU7WlMahV7
-----END CERTIFICATE-----
Generated at Sat Aug 3 13:29:01 2024 by rpki-client on console-fra.rpki-client.org