Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/FeQQpFKWPhHpTrWmX4XTIGWx1SI.roa
File:                     FeQQpFKWPhHpTrWmX4XTIGWx1SI.roa (raw, json)
Hash identifier:          M68W8i+rJFaeWwnfoAb9KDlZtywGQSz2sHJDKon2G/g=
Subject key identifier:   15:E4:10:A4:52:96:3E:11:E9:4E:B5:A6:5F:85:D3:20:65:B1:D5:22
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       018E7F79140CF004053CD661CA0A0660F451
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/FeQQpFKWPhHpTrWmX4XTIGWx1SI.roa
Signing time:             Wed 27 Mar 2024 10:33:45 +0000
ROA not before:           Wed 27 Mar 2024 10:33:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34465
IP address blocks:        185.188.28.0/24 maxlen: 24
                          2a12:8fc6::/32 maxlen: 32
                          2a12:8fc6:a051::/48 maxlen: 48
                          2a12:8fc6:a1c3::/48 maxlen: 48
                          2a12:8fc6:a517::/48 maxlen: 48
                          2a12:8fc6:aa00::/48 maxlen: 48
                          2a12:8fc6:ace1::/48 maxlen: 48
                          2a12:8fc6:ace2::/48 maxlen: 48
                          2a12:8fc6:ace3::/48 maxlen: 48
                          2a12:8fc6:ae00::/48 maxlen: 48
                          2a12:8fc6:ae44::/48 maxlen: 48
                          2a12:8fc6:bab0::/48 maxlen: 48
                          2a12:8fc6:bdee::/48 maxlen: 48
                          2a12:8fc6:be01::/48 maxlen: 48
                          2a12:8fc6:c31a::/48 maxlen: 48
                          2a12:8fc6:c31e::/48 maxlen: 48
                          2a12:8fc6:ca00::/48 maxlen: 48
                          2a12:8fc6:caa0::/48 maxlen: 48
                          2a12:8fc6:cae1::/48 maxlen: 48
                          2a12:8fc6:cc00::/48 maxlen: 48
                          2a12:8fc6:cc21::/48 maxlen: 48
                          2a12:8fc6:cd00::/48 maxlen: 48
                          2a12:8fc6:cd01::/48 maxlen: 48
                          2a12:8fc6:cd02::/48 maxlen: 48
                          2a12:8fc6:cd04::/48 maxlen: 48
                          2a12:8fc6:ce00::/48 maxlen: 48
                          2a12:8fc6:ce01::/48 maxlen: 48
                          2a12:8fc6:daa0::/48 maxlen: 48
                          2a12:8fc6:dae0::/48 maxlen: 48
                          2a12:8fc6:db00::/48 maxlen: 48
                          2a12:8fc6:dbaa::/48 maxlen: 48
                          2a12:8fc6:eaca::/48 maxlen: 48
                          2a12:8fc6:ee01::/48 maxlen: 48
                          2a12:8fc6:efdf::/48 maxlen: 48
                          2a12:8fc6:faa0::/48 maxlen: 48
                          2a12:8fc6:fae0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 12 Apr 2024 23:03:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:7f:79:14:0c:f0:04:05:3c:d6:61:ca:0a:06:60:f4:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Mar 27 10:33:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=15e410a452963e11e94eb5a65f85d32065b1d522
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:8c:08:e7:4d:0c:4a:6a:a5:a3:12:f2:59:93:
                    dc:cd:d4:2c:61:fa:62:31:04:2a:c2:6d:1e:fe:8b:
                    03:86:f1:47:cb:a0:b9:9b:01:8c:dd:42:67:e9:c5:
                    11:60:5c:33:b3:12:a1:a6:71:93:2e:a2:d9:47:f4:
                    b1:6b:c6:d6:a0:d2:82:1b:50:21:b1:90:c4:89:d7:
                    57:63:7a:30:38:59:33:30:10:83:dd:42:57:f3:e2:
                    c8:9d:73:5b:e6:7b:47:ce:c2:f8:45:5f:8d:71:50:
                    94:4c:9a:aa:2c:e5:b1:f4:6e:c2:d4:fe:f1:02:6a:
                    67:a2:18:82:75:72:fc:45:bf:d2:03:92:88:a5:e1:
                    45:e8:3a:a2:32:21:c4:d7:28:ed:47:db:5e:a1:d3:
                    71:34:34:3d:51:5a:c0:ea:97:ff:08:92:93:9c:8b:
                    76:ce:de:99:f4:cb:c5:5f:f4:61:26:eb:5d:e2:92:
                    3b:dd:31:1b:72:a2:10:56:21:da:f0:75:03:e4:47:
                    6e:bd:82:82:f5:2b:9a:2e:4a:2d:e8:96:90:54:34:
                    0a:35:cf:44:ef:5b:2d:43:a1:83:bd:cb:4f:a8:b4:
                    d4:f3:b6:df:fb:43:b7:dd:a4:8d:4a:e1:ab:7e:4f:
                    8f:48:60:cf:92:31:6c:96:4a:11:0f:ed:6d:cd:0f:
                    51:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:E4:10:A4:52:96:3E:11:E9:4E:B5:A6:5F:85:D3:20:65:B1:D5:22
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/FeQQpFKWPhHpTrWmX4XTIGWx1SI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.188.28.0/24
                IPv6:
                  2a12:8fc6::/32

    Signature Algorithm: sha256WithRSAEncryption
         7f:fc:a2:72:c3:f7:8f:bb:7e:b6:5e:a5:e3:ef:44:97:eb:30:
         c7:38:08:3b:95:00:b6:e9:28:09:b3:76:b7:d4:2b:11:b7:bc:
         2c:81:de:e9:d5:c0:14:5d:51:d6:13:2b:40:b8:35:09:a8:95:
         f4:18:d8:b9:57:b6:25:30:8e:5b:96:c5:e6:80:da:07:ef:9b:
         0a:b4:34:c4:f1:52:59:a2:40:14:76:24:6b:19:4a:0e:19:52:
         eb:b1:54:6d:f9:f3:30:c7:53:74:d2:7c:ea:69:a9:85:8e:16:
         a3:1b:04:79:c1:1d:3d:b4:b3:33:43:55:c9:16:e5:74:85:4a:
         85:bc:cf:a9:d1:a1:53:e7:38:e9:72:59:57:6d:b6:8c:51:14:
         13:21:e7:b9:ad:00:ca:88:7d:26:27:e1:2f:64:23:10:71:09:
         0d:a2:82:a8:6b:e4:86:33:e8:3d:6c:b5:30:14:57:c6:0b:dd:
         db:24:b2:bd:50:2d:c0:ed:1f:01:20:9e:fa:36:2b:e7:19:30:
         00:60:52:0e:f4:d7:47:f1:a0:aa:3c:d9:58:48:be:05:ec:e1:
         7c:67:01:19:7b:86:55:58:e0:a3:40:41:35:1e:1a:9d:6b:53:
         12:7b:32:93:fc:90:3e:e1:47:8f:57:5a:1b:0c:15:d2:b4:ad:
         55:93:53:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5/eRQM8AQFPNZhygoGYPRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjQwMzI3MTAzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWU0MTBhNDUyOTYzZTExZTk0ZWI1YTY1Zjg1ZDMyMDY1YjFkNTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiowI500MSmqloxLyWZPczdQsYfpi
MQQqwm0e/osDhvFHy6C5mwGM3UJn6cURYFwzsxKhpnGTLqLZR/Sxa8bWoNKCG1Ah
sZDEiddXY3owOFkzMBCD3UJX8+LInXNb5ntHzsL4RV+NcVCUTJqqLOWx9G7C1P7x
AmpnohiCdXL8Rb/SA5KIpeFF6DqiMiHE1yjtR9teodNxNDQ9UVrA6pf/CJKTnIt2
zt6Z9MvFX/RhJutd4pI73TEbcqIQViHa8HUD5EduvYKC9SuaLkot6JaQVDQKNc9E
71stQ6GDvctPqLTU87bf+0O33aSNSuGrfk+PSGDPkjFslkoRD+1tzQ9RVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBXkEKRSlj4R6U61pl+F0yBlsdUiMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvRmVRUXBGS1dQaEhwVHJXbVg0WFRJR1d4MVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubwcMA0E
AgACMAcDBQAqEo/GMA0GCSqGSIb3DQEBCwUAA4IBAQB//KJyw/ePu362XqXj70SX
6zDHOAg7lQC26SgJs3a31CsRt7wsgd7p1cAUXVHWEytAuDUJqJX0GNi5V7YlMI5b
lsXmgNoH75sKtDTE8VJZokAUdiRrGUoOGVLrsVRt+fMwx1N00nzqaamFjhajGwR5
wR09tLMzQ1XJFuV0hUqFvM+p0aFT5zjpcllXbbaMURQTIee5rQDKiH0mJ+EvZCMQ
cQkNooKoa+SGM+g9bLUwFFfGC93bJLK9UC3A7R8BIJ76NivnGTAAYFIO9NdH8aCq
PNlYSL4F7OF8ZwEZe4ZVWOCjQEE1Hhqda1MSezKT/JA+4UePV1obDBXStK1Vk1N3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:04 2024 by rpki-client on console-ams.rpki-client.org