Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/faP2XvpsEBU4Jcgj5cTG5ZhKG4U.roa
File:                     faP2XvpsEBU4Jcgj5cTG5ZhKG4U.roa (raw, json)
Hash identifier:          M4pv7OBvrhXKmmYtj2UB6t/oQzt2HWib3uMjv/MRE14=
Subject key identifier:   7D:A3:F6:5E:FA:6C:10:15:38:25:C8:23:E5:C4:C6:E5:98:4A:1B:85
Certificate issuer:       /CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Certificate serial:       01856F14A04ABAF2EA6BEEFDFF2C7C32918E
Authority key identifier: DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/faP2XvpsEBU4Jcgj5cTG5ZhKG4U.roa
Signing time:             Sun 01 Jan 2023 20:45:00 +0000
ROA not before:           Sun 01 Jan 2023 20:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201446
IP address blocks:        185.68.110.0/24 maxlen: 24
                          185.68.109.0/24 maxlen: 24
                          185.68.111.0/24 maxlen: 24
                          185.68.108.0/24 maxlen: 24
                          212.63.110.0/24 maxlen: 24
                          212.63.109.0/24 maxlen: 24
                          212.63.111.0/24 maxlen: 24
                          212.63.108.0/24 maxlen: 24
                          89.46.91.0/24 maxlen: 24
                          89.46.88.0/24 maxlen: 24
                          89.46.90.0/24 maxlen: 24
                          89.46.89.0/24 maxlen: 24
                          185.45.73.0/24 maxlen: 24
                          185.45.74.0/24 maxlen: 24
                          185.45.75.0/24 maxlen: 24
                          185.18.199.0/24 maxlen: 24
                          185.18.198.0/24 maxlen: 24
                          185.92.245.0/24 maxlen: 24
                          185.92.244.0/24 maxlen: 24
                          217.148.139.0/24 maxlen: 24
                          185.92.246.0/24 maxlen: 24
                          217.148.138.0/24 maxlen: 24
                          185.92.247.0/24 maxlen: 24
                          185.177.152.0/24 maxlen: 24
                          185.177.154.0/24 maxlen: 24
                          185.177.155.0/24 maxlen: 24
                          185.177.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 May 2023 07:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:a0:4a:ba:f2:ea:6b:ee:fd:ff:2c:7c:32:91:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
        Validity
            Not Before: Jan  1 20:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7da3f65efa6c10153825c823e5c4c6e5984a1b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:36:6b:38:ed:85:07:e1:65:08:db:02:8a:47:
                    4f:f8:60:45:df:41:1c:9f:91:ab:66:e8:da:1a:55:
                    a7:0c:4b:f1:7f:f1:87:12:a5:0f:ee:4f:4b:96:39:
                    c7:b0:e9:45:09:36:b2:74:26:5a:3c:d0:b7:d1:de:
                    95:4e:0b:db:e8:d6:cc:44:7d:eb:2f:02:ad:01:b0:
                    f3:86:91:79:a9:ea:70:ab:76:e8:28:af:08:a3:96:
                    c1:13:56:9e:20:56:0d:1a:26:ab:70:d2:df:fe:c4:
                    d2:c6:1a:19:35:6e:48:47:1f:93:98:19:42:80:71:
                    a9:d9:34:06:e3:8f:82:c3:e9:20:64:f7:0f:c8:c7:
                    b8:c8:09:d1:44:e8:e0:29:60:33:96:61:77:52:7e:
                    18:9a:70:12:b1:4e:c0:8b:1b:65:59:fb:22:c4:ef:
                    99:92:e1:bf:2a:2c:4e:80:d7:58:c6:e3:5a:b6:43:
                    97:dd:c9:4b:d8:97:a7:bd:7e:22:d6:6b:98:4f:f7:
                    0d:52:a2:25:7c:cd:5a:64:fa:e6:80:0f:17:b0:da:
                    8d:99:57:4c:a8:33:ab:69:e5:89:cd:38:a6:41:e4:
                    be:54:4b:16:80:b4:07:56:34:0d:cb:db:8e:df:c7:
                    4f:ac:7a:d6:a0:02:85:78:39:4d:04:38:ea:8c:a0:
                    2f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:A3:F6:5E:FA:6C:10:15:38:25:C8:23:E5:C4:C6:E5:98:4A:1B:85
            X509v3 Authority Key Identifier:
                keyid:DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/faP2XvpsEBU4Jcgj5cTG5ZhKG4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.46.88.0/22
                  185.18.198.0/23
                  185.45.73.0-185.45.75.255
                  185.68.108.0/22
                  185.92.244.0/22
                  185.177.152.0/22
                  212.63.108.0/22
                  217.148.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:06:ae:bc:2f:dd:d2:1c:a2:c8:f7:99:10:0d:bf:20:15:e0:
         d5:ea:eb:b7:a6:f7:43:a0:fb:15:95:a8:0d:04:64:05:c1:f2:
         d1:2f:29:b3:35:71:f8:d7:d7:66:00:71:bb:3f:7e:9a:a1:7b:
         74:97:38:22:6b:74:83:67:d3:91:43:20:6a:97:87:58:1d:98:
         a1:77:ba:9f:72:41:f7:19:8e:96:d5:81:14:3e:3a:94:56:c2:
         81:f1:d1:07:73:e7:47:a2:97:6c:37:33:32:95:1c:47:01:7f:
         a1:77:24:51:98:9b:7f:64:d9:d9:71:1a:e9:65:c0:6a:a5:a9:
         93:0d:21:cd:6e:e8:1d:c9:84:05:6b:8d:92:e1:c6:23:e7:d1:
         6b:f8:47:98:f0:b3:2b:0d:04:f7:46:6d:45:4c:cb:d5:21:6b:
         ab:9a:88:d5:5f:2b:6c:85:bd:c6:ff:d8:5a:4a:d8:72:a5:48:
         54:69:51:20:71:76:b1:ab:a1:f1:83:2e:9c:90:da:fe:eb:53:
         42:56:74:f9:33:30:56:94:a7:c1:e6:11:8b:05:f1:ea:f9:f9:
         8b:23:f0:a3:af:d1:b8:90:da:05:cb:c6:b7:73:5b:bc:3b:2f:
         de:a1:39:ff:de:7a:51:9f:f0:0d:74:42:8c:0c:65:fe:77:c8:
         c7:59:fa:74
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVvFKBKuvLqa+79/yx8MpGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2NiMjBjNWNhN2M0ZWQ4ZTQyMDc4YjFhNjcyODdhMGQ5
OTFjZWMwHhcNMjMwMTAxMjA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGEzZjY1ZWZhNmMxMDE1MzgyNWM4MjNlNWM0YzZlNTk4NGExYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzZrOO2FB+FlCNsCikdP+GBF30Ec
n5GrZujaGlWnDEvxf/GHEqUP7k9LljnHsOlFCTaydCZaPNC30d6VTgvb6NbMRH3r
LwKtAbDzhpF5qepwq3boKK8Io5bBE1aeIFYNGiarcNLf/sTSxhoZNW5IRx+TmBlC
gHGp2TQG44+Cw+kgZPcPyMe4yAnRROjgKWAzlmF3Un4YmnASsU7AixtlWfsixO+Z
kuG/KixOgNdYxuNatkOX3clL2JenvX4i1muYT/cNUqIlfM1aZPrmgA8XsNqNmVdM
qDOraeWJzTimQeS+VEsWgLQHVjQNy9uO38dPrHrWoAKFeDlNBDjqjKAv8wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFH2j9l76bBAVOCXII+XExuWYShuFMB8GA1UdIwQY
MBaAFNw8sgxcp8TtjkIHixpnKHoNmRzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0R5eURGeW54TzJPUWdlTEdtY29lZzJaSE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hODVmM2QtNjVhMi00ZjZjLTljYjkt
ODI2NjBlZTRlYWM0LzEvZmFQMlh2cHNFQlU0SmNnajVjVEc1WmhLRzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hODVmM2QtNjVhMi00ZjZjLTljYjktODI2NjBlZTRlYWM0
LzEvM0R5eURGeW54TzJPUWdlTEdtY29lZzJaSE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCWS5YAwQB
uRLGMAwDBAC5LUkDBAK5LUgDBAK5RGwDBAK5XPQDBAK5sZgDBALUP2wDBAHZlIow
DQYJKoZIhvcNAQELBQADggEBADoGrrwv3dIcosj3mRANvyAV4NXq67em90Og+xWV
qA0EZAXB8tEvKbM1cfjX12YAcbs/fpqhe3SXOCJrdINn05FDIGqXh1gdmKF3up9y
QfcZjpbVgRQ+OpRWwoHx0Qdz50eil2w3MzKVHEcBf6F3JFGYm39k2dlxGullwGql
qZMNIc1u6B3JhAVrjZLhxiPn0Wv4R5jwsysNBPdGbUVMy9Uha6uaiNVfK2yFvcb/
2FpK2HKlSFRpUSBxdrGrofGDLpyQ2v7rU0JWdPkzMFaUp8HmEYsF8er5+Ysj8KOv
0biQ2gXLxrdzW7w7L96hOf/eelGf8A10QowMZf53yMdZ+nQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:00 2024 by rpki-client on console-ams.rpki-client.org