Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/DbBNw6EUlptlwuIAGaoObqmoYJk.roa
File:                     DbBNw6EUlptlwuIAGaoObqmoYJk.roa (raw, json)
Hash identifier:          HgMEgFMQpAZwFCl8bPfj3BWykN7Mw0+tF/bQOnxQ8zM=
Subject key identifier:   0D:B0:4D:C3:A1:14:96:9B:65:C2:E2:00:19:AA:0E:6E:A9:A8:60:99
Certificate issuer:       /CN=fb70de840fd6bf4b0afd1274e44efd1b8665762c
Certificate serial:       018572DF1289866DCA2ABB600290BA850E7C
Authority key identifier: FB:70:DE:84:0F:D6:BF:4B:0A:FD:12:74:E4:4E:FD:1B:86:65:76:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-3DehA_Wv0sK_RJ05E79G4Zldiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/DbBNw6EUlptlwuIAGaoObqmoYJk.roa
Signing time:             Mon 02 Jan 2023 14:24:59 +0000
ROA not before:           Mon 02 Jan 2023 14:24:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199468
IP address blocks:        46.254.111.0/24 maxlen: 24
                          2a11:c900::/29 maxlen: 34

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:df:12:89:86:6d:ca:2a:bb:60:02:90:ba:85:0e:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb70de840fd6bf4b0afd1274e44efd1b8665762c
        Validity
            Not Before: Jan  2 14:24:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0db04dc3a114969b65c2e20019aa0e6ea9a86099
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:1e:77:75:d3:75:a7:0b:f8:02:6c:24:3d:03:
                    f5:9c:94:81:db:7b:21:87:eb:de:ab:4c:18:4d:88:
                    96:f3:ac:9b:3d:cb:44:99:46:40:54:7d:e8:f3:e0:
                    fa:44:e5:5f:7b:43:95:fb:b1:bf:9d:72:dc:80:3d:
                    fe:88:39:9d:1a:89:4c:f9:d4:c1:45:09:83:45:ef:
                    e2:78:86:d1:8e:60:64:23:90:c1:66:6e:84:6d:05:
                    ea:f0:62:88:90:fc:cd:b7:ae:cc:69:e4:50:5b:fa:
                    cf:c3:da:f8:65:78:0a:34:9f:a5:0e:0b:8e:b8:83:
                    3c:d0:65:04:5d:74:d0:fe:c5:0c:97:e7:d0:66:1b:
                    22:64:52:ea:a6:9c:82:44:dd:1f:6f:89:e5:65:94:
                    2a:db:8a:e5:e4:71:14:7a:60:e4:74:fd:66:02:6e:
                    a6:3e:7c:b7:87:09:4a:a1:1a:2a:8d:db:d5:dc:d0:
                    21:74:45:83:04:84:08:93:f1:9b:c9:76:2c:43:8d:
                    08:aa:d2:e5:e4:2d:87:4f:7c:a5:6d:8a:a7:c1:31:
                    79:86:f7:62:01:71:0c:fc:6e:4d:a9:f2:8d:1e:c1:
                    fe:c1:a2:a1:22:df:57:71:85:69:02:a5:c5:07:39:
                    c0:f1:a3:10:30:b6:29:18:03:19:bb:42:7e:55:37:
                    bf:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:B0:4D:C3:A1:14:96:9B:65:C2:E2:00:19:AA:0E:6E:A9:A8:60:99
            X509v3 Authority Key Identifier:
                keyid:FB:70:DE:84:0F:D6:BF:4B:0A:FD:12:74:E4:4E:FD:1B:86:65:76:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3DehA_Wv0sK_RJ05E79G4Zldiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/DbBNw6EUlptlwuIAGaoObqmoYJk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/1-3DehA_Wv0sK_RJ05E79G4Zldiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.254.111.0/24
                IPv6:
                  2a11:c900::/29

    Signature Algorithm: sha256WithRSAEncryption
         83:40:b8:0e:85:23:58:58:73:80:4f:f5:73:3e:0e:5e:21:ae:
         c1:5a:e5:c0:19:ed:be:d3:1c:a1:4d:32:5d:35:0f:70:af:92:
         e4:ca:68:18:25:40:ab:57:8f:39:2d:12:7a:31:29:57:2e:3b:
         9e:30:f9:99:50:9b:c5:18:ef:90:8b:73:88:52:7c:dd:fa:bb:
         49:c3:a6:db:40:e1:bc:91:27:fc:2d:62:81:94:83:2e:bb:b7:
         3b:bd:9c:9d:5d:2c:4b:3a:37:9a:06:9f:66:a5:a2:87:51:86:
         75:ee:3f:c7:ee:c6:17:b0:87:16:e0:91:31:91:4e:f0:d1:c3:
         7a:18:8e:2e:11:3a:6b:c9:e3:25:3e:77:d0:02:6c:29:5e:e7:
         e0:8f:1f:e7:6f:24:9b:5a:88:02:72:80:cf:e2:bf:46:d1:85:
         af:52:e1:37:47:bf:27:7a:86:be:2f:53:c8:54:a5:1e:30:2a:
         a9:28:27:57:cb:4e:9e:7e:fe:5a:cf:4b:9f:65:53:94:1e:14:
         f1:30:35:23:b6:ae:b0:ca:d7:13:61:8e:2b:c3:c2:f3:87:1f:
         1c:9b:ba:c5:cc:99:25:9e:32:b1:d2:4f:b4:8c:5e:6d:46:9f:
         30:01:33:2d:3e:01:b8:c3:bb:5c:9a:5d:5d:a1:4f:27:90:96:
         e0:35:44:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVy3xKJhm3KKrtgApC6hQ58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzBkZTg0MGZkNmJmNGIwYWZkMTI3NGU0NGVmZDFiODY2
NTc2MmMwHhcNMjMwMTAyMTQyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGIwNGRjM2ExMTQ5NjliNjVjMmUyMDAxOWFhMGU2ZWE5YTg2MDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR53ddN1pwv4AmwkPQP1nJSB23sh
h+veq0wYTYiW86ybPctEmUZAVH3o8+D6ROVfe0OV+7G/nXLcgD3+iDmdGolM+dTB
RQmDRe/ieIbRjmBkI5DBZm6EbQXq8GKIkPzNt67MaeRQW/rPw9r4ZXgKNJ+lDguO
uIM80GUEXXTQ/sUMl+fQZhsiZFLqppyCRN0fb4nlZZQq24rl5HEUemDkdP1mAm6m
Pny3hwlKoRoqjdvV3NAhdEWDBIQIk/GbyXYsQ40IqtLl5C2HT3ylbYqnwTF5hvdi
AXEM/G5NqfKNHsH+waKhIt9XcYVpAqXFBznA8aMQMLYpGAMZu0J+VTe/cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA2wTcOhFJabZcLiABmqDm6pqGCZMB8GA1UdIwQY
MBaAFPtw3oQP1r9LCv0SdORO/RuGZXYsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zRGVoQV9XdjBzS19SSjA1RTc5RzRabGRpdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvOWEzZWFjLWY4NjItNDc4OS1hYzIx
LWQ5NDQ0YTNkMGNlMC8xL0RiQk53NkVVbHB0bHd1SUFHYW9PYnFtb1lKay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGEvOWEzZWFjLWY4NjItNDc4OS1hYzIxLWQ5NDQ0YTNkMGNl
MC8xLzEtM0RlaEFfV3Ywc0tfUkowNUU3OUc0WmxkaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAAu/m8w
DQQCAAIwBwMFAyoRyQAwDQYJKoZIhvcNAQELBQADggEBAINAuA6FI1hYc4BP9XM+
Dl4hrsFa5cAZ7b7THKFNMl01D3CvkuTKaBglQKtXjzktEnoxKVcuO54w+ZlQm8UY
75CLc4hSfN36u0nDpttA4byRJ/wtYoGUgy67tzu9nJ1dLEs6N5oGn2aloodRhnXu
P8fuxhewhxbgkTGRTvDRw3oYji4ROmvJ4yU+d9ACbCle5+CPH+dvJJtaiAJygM/i
v0bRha9S4TdHvyd6hr4vU8hUpR4wKqkoJ1fLTp5+/lrPS59lU5QeFPEwNSO2rrDK
1xNhjivDwvOHHxybusXMmSWeMrHST7SMXm1GnzABMy0+AbjDu1yaXV2hTyeQluA1
RIY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:06 2024 by rpki-client on console-ams.rpki-client.org