Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Bfq61gUf5kFduxCRcXGlYCbITnQ.roa
File:                     Bfq61gUf5kFduxCRcXGlYCbITnQ.roa (raw, json)
Hash identifier:          wBIS7FxyraeyAw+o/Mp68k7Kj4ZlqV3DSQabyOmozYM=
Subject key identifier:   05:FA:BA:D6:05:1F:E6:41:5D:BB:10:91:71:71:A5:60:26:C8:4E:74
Certificate issuer:       /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial:       018571F0FA9384E8EA906CB8E90B18EA877C
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Bfq61gUf5kFduxCRcXGlYCbITnQ.roa
Signing time:             Mon 02 Jan 2023 10:04:56 +0000
ROA not before:           Mon 02 Jan 2023 10:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60807
IP address blocks:        84.236.250.0/24 maxlen: 24
                          178.156.47.0/24 maxlen: 24
                          84.236.180.0/24 maxlen: 24
                          88.148.96.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f0:fa:93:84:e8:ea:90:6c:b8:e9:0b:18:ea:87:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
        Validity
            Not Before: Jan  2 10:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05fabad6051fe6415dbb10917171a56026c84e74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:a9:08:ea:13:1f:85:a1:da:93:40:ec:e7:ba:
                    cc:21:61:6c:71:67:df:29:0d:11:f2:9b:7b:08:da:
                    b0:cc:59:b5:c6:66:d4:7e:1d:c5:69:37:9b:0f:f1:
                    11:46:16:5f:dc:2e:af:12:1f:29:c7:52:5c:69:ab:
                    39:a8:8d:b1:12:37:56:d4:1f:45:14:e2:23:11:73:
                    f8:68:1a:b0:9e:8a:ad:4a:5a:f0:00:e7:91:c3:7a:
                    f3:74:69:a7:8b:4c:fb:5b:3c:bb:69:e5:35:53:d6:
                    ab:f0:82:92:4f:a3:ef:71:2b:26:9e:8a:4b:d4:c3:
                    5f:73:99:34:a2:e1:76:65:ad:45:8c:5b:a3:90:ff:
                    6e:8b:f9:3c:b1:d6:18:74:45:0d:d4:aa:c8:09:34:
                    d2:cb:cc:f4:42:82:1f:9c:9c:f5:97:7d:0f:52:c1:
                    e7:63:21:44:2a:3a:f0:1d:79:05:18:8e:5f:2d:96:
                    b1:a9:7a:28:c6:21:18:48:7f:87:c1:9c:2d:8d:48:
                    69:f7:55:dd:d8:15:19:66:44:31:ae:94:d3:f1:f2:
                    fc:7e:03:65:5c:fc:dd:31:f4:3a:a6:78:39:8e:72:
                    bf:2d:23:83:a1:be:d2:05:d7:8c:68:d0:42:31:c9:
                    18:ff:6a:be:e8:13:7c:06:8f:47:88:d7:8b:e3:e4:
                    dd:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:FA:BA:D6:05:1F:E6:41:5D:BB:10:91:71:71:A5:60:26:C8:4E:74
            X509v3 Authority Key Identifier:
                keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Bfq61gUf5kFduxCRcXGlYCbITnQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.236.180.0/24
                  84.236.250.0/24
                  88.148.96.0/23
                  178.156.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:23:ba:ed:9c:97:17:64:81:89:d0:f3:c9:8e:df:87:20:86:
         75:fb:e5:a8:6a:7f:dd:17:9f:66:9c:ef:05:95:4b:9e:aa:12:
         ec:b0:31:f5:74:f2:9b:ed:12:6f:e2:7d:9f:8b:94:c6:0e:d0:
         28:07:21:8a:dc:15:8e:f8:2d:c0:05:8f:5f:ed:74:be:eb:af:
         a5:68:fa:0f:87:80:8c:3a:8c:b5:f0:b5:e3:eb:6e:b3:cc:2c:
         02:8f:38:fd:e1:01:38:4b:be:b4:09:bf:14:20:6e:c6:64:f0:
         a6:a9:fa:be:53:9a:c0:6c:da:b4:c1:e0:56:fd:7c:69:9c:89:
         5f:33:93:5e:42:b6:3d:70:37:a7:92:cb:18:ae:16:f6:a1:ef:
         21:85:50:0c:1b:09:f9:92:2c:45:9a:2a:93:29:57:d9:18:e5:
         ee:62:db:ef:3a:b3:8c:96:ec:d7:b3:45:bf:8e:1d:07:e7:72:
         b1:eb:40:6e:a1:0d:4d:a8:7e:bb:f2:e4:44:05:66:a6:64:9e:
         7c:ff:e9:9d:9c:13:85:c2:01:26:c1:2d:02:a8:07:c5:d9:a6:
         b1:98:98:0e:1d:75:2e:f3:1d:bc:ae:c6:87:5c:cc:6b:32:2b:
         65:80:6d:cc:45:42:31:b3:e5:d8:c5:c1:ec:3c:6e:1f:38:b3:
         73:a9:94:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVx8PqThOjqkGy46QsY6od8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZhYmFkNjA1MWZlNjQxNWRiYjEwOTE3MTcxYTU2MDI2Yzg0ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qkI6hMfhaHak0Ds57rMIWFscWff
KQ0R8pt7CNqwzFm1xmbUfh3FaTebD/ERRhZf3C6vEh8px1Jcaas5qI2xEjdW1B9F
FOIjEXP4aBqwnoqtSlrwAOeRw3rzdGmni0z7Wzy7aeU1U9ar8IKST6PvcSsmnopL
1MNfc5k0ouF2Za1FjFujkP9ui/k8sdYYdEUN1KrICTTSy8z0QoIfnJz1l30PUsHn
YyFEKjrwHXkFGI5fLZaxqXooxiEYSH+HwZwtjUhp91Xd2BUZZkQxrpTT8fL8fgNl
XPzdMfQ6png5jnK/LSODob7SBdeMaNBCMckY/2q+6BN8Bo9HiNeL4+TduwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAX6utYFH+ZBXbsQkXFxpWAmyE50MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvQmZxNjFnVWY1a0ZkdXhDUmNYR2xZQ2JJVG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVOy0AwQA
VOz6AwQBWJRgAwQAspwvMA0GCSqGSIb3DQEBCwUAA4IBAQB4I7rtnJcXZIGJ0PPJ
jt+HIIZ1++Woan/dF59mnO8FlUueqhLssDH1dPKb7RJv4n2fi5TGDtAoByGK3BWO
+C3ABY9f7XS+66+laPoPh4CMOoy18LXj626zzCwCjzj94QE4S760Cb8UIG7GZPCm
qfq+U5rAbNq0weBW/XxpnIlfM5NeQrY9cDenkssYrhb2oe8hhVAMGwn5kixFmiqT
KVfZGOXuYtvvOrOMluzXs0W/jh0H53Kx60BuoQ1NqH678uREBWamZJ58/+mdnBOF
wgEmwS0CqAfF2aaxmJgOHXUu8x28rsaHXMxrMitlgG3MRUIxs+XYxcHsPG4fOLNz
qZTp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:33 2024 by rpki-client on console-fra.rpki-client.org