Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/ab87BMpkEQ_QyogPotzvVMhp4V0.roa
File:                     ab87BMpkEQ_QyogPotzvVMhp4V0.roa (raw, json)
Hash identifier:          TPFPflT6Cre+0B8+tYHJYX3xSQFJxuTbI4ShJsb207g=
Subject key identifier:   69:BF:3B:04:CA:64:11:0F:D0:CA:88:0F:A2:DC:EF:54:C8:69:E1:5D
Certificate issuer:       /CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Certificate serial:       018571277680B222126E13FF77F2B4299025
Authority key identifier: FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/ab87BMpkEQ_QyogPotzvVMhp4V0.roa
Signing time:             Mon 02 Jan 2023 06:24:49 +0000
ROA not before:           Mon 02 Jan 2023 06:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8245
IP address blocks:        195.26.192.0/19 maxlen: 19
                          212.236.0.0/18 maxlen: 18
                          212.236.0.0/16 maxlen: 16
                          195.26.220.0/22 maxlen: 22
                          212.236.160.0/19 maxlen: 19
                          212.236.192.0/18 maxlen: 18
                          2a02:2750::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 05 Feb 2023 07:11:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:76:80:b2:22:12:6e:13:ff:77:f2:b4:29:90:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
        Validity
            Not Before: Jan  2 06:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69bf3b04ca64110fd0ca880fa2dcef54c869e15d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:75:c0:b1:32:58:7a:16:9f:9d:c2:50:53:57:
                    5d:f0:c9:66:e1:00:06:73:82:17:d7:02:9b:60:e3:
                    a3:85:07:93:c5:a7:fe:a9:20:e1:b7:f4:82:30:ff:
                    89:43:cc:f7:a2:f7:67:5d:b8:45:6c:d1:eb:dd:bc:
                    fd:c2:39:a2:3f:90:0c:8f:96:51:b2:08:f1:2f:d7:
                    3f:f2:76:64:2c:05:9a:90:a3:e3:ad:43:ca:e1:2b:
                    74:ec:a2:0a:36:44:29:7e:ff:1c:74:75:2d:7f:96:
                    c0:2d:23:e6:10:22:61:37:bd:da:67:8f:29:79:23:
                    e2:93:fc:c0:7d:17:02:61:ee:f4:da:7c:df:68:2f:
                    93:07:10:2d:8e:4a:8f:49:de:b4:07:19:a6:67:d0:
                    a2:69:e6:64:54:67:6d:75:8d:e7:6f:a0:db:c6:b9:
                    38:89:61:24:fd:40:a4:e2:07:0e:9b:6b:18:a6:e9:
                    98:6a:e0:6d:f3:aa:ad:f5:88:8b:83:76:26:e1:d2:
                    9f:18:86:f9:16:d1:0b:9a:f6:b0:01:7d:8e:e3:41:
                    0d:dc:bd:14:73:a4:4b:12:74:fe:11:59:17:b0:8e:
                    1a:06:6d:72:57:15:05:a2:64:18:f7:c4:50:c4:ba:
                    23:32:25:57:87:7f:2b:f5:f1:9e:dc:2a:68:09:ec:
                    21:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:BF:3B:04:CA:64:11:0F:D0:CA:88:0F:A2:DC:EF:54:C8:69:E1:5D
            X509v3 Authority Key Identifier:
                keyid:FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/ab87BMpkEQ_QyogPotzvVMhp4V0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/_JgxNwQvyMSSFwfU622l9sSnmls.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.26.192.0/19
                  212.236.0.0/16
                IPv6:
                  2a02:2750::/32

    Signature Algorithm: sha256WithRSAEncryption
         b7:56:f4:c3:97:47:d7:2e:df:01:23:30:ba:22:a1:14:21:47:
         ae:31:8d:ad:ee:8a:aa:1f:c4:a9:70:5c:aa:bf:41:1f:15:26:
         cf:6d:23:76:2a:a5:18:aa:f0:10:01:9c:2c:96:2d:1c:76:77:
         e5:76:7e:03:ca:3a:8a:58:bb:5e:b6:9d:7b:46:48:6e:bf:0f:
         b6:68:37:11:b7:2f:8a:e3:46:07:7e:18:0d:4c:7c:9e:6d:5d:
         7f:4f:b8:59:39:c3:46:43:eb:51:26:71:fc:03:f9:bb:e4:5e:
         66:dc:81:ff:ec:2c:4e:20:ed:10:73:31:0d:a9:cf:05:dd:93:
         a7:5b:de:83:bd:ca:fc:a7:46:96:ab:1b:60:9d:a6:f3:f0:27:
         5b:5b:bd:dc:99:22:23:59:23:6b:cd:f2:17:a6:cf:c1:00:a8:
         c6:d5:a1:ef:5f:1d:f5:f5:c6:8a:36:4e:f0:ce:e6:0c:e9:69:
         88:78:b0:2d:ea:0b:c2:e7:51:77:8b:8a:51:d4:18:d9:8f:3b:
         b1:09:a5:4a:ad:f5:c9:38:79:d1:2e:00:a9:bc:97:92:7b:27:
         5c:fc:1c:76:6d:73:18:46:3c:2d:d6:c7:8c:55:eb:53:dd:12:
         a6:5b:25:c1:e4:ad:22:04:5d:a4:42:fd:d5:e8:9e:26:bf:31:
         c0:3e:ce:ef
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxJ3aAsiISbhP/d/K0KZAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTgzMTM3MDQyZmM4YzQ5MjE3MDdkNGViNmRhNWY2YzRh
NzlhNWIwHhcNMjMwMTAyMDYyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJmM2IwNGNhNjQxMTBmZDBjYTg4MGZhMmRjZWY1NGM4NjllMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXXAsTJYehafncJQU1dd8Mlm4QAG
c4IX1wKbYOOjhQeTxaf+qSDht/SCMP+JQ8z3ovdnXbhFbNHr3bz9wjmiP5AMj5ZR
sgjxL9c/8nZkLAWakKPjrUPK4St07KIKNkQpfv8cdHUtf5bALSPmECJhN73aZ48p
eSPik/zAfRcCYe702nzfaC+TBxAtjkqPSd60BxmmZ9CiaeZkVGdtdY3nb6Dbxrk4
iWEk/UCk4gcOm2sYpumYauBt86qt9YiLg3Ym4dKfGIb5FtELmvawAX2O40EN3L0U
c6RLEnT+EVkXsI4aBm1yVxUFomQY98RQxLojMiVXh38r9fGe3CpoCewhPwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGm/OwTKZBEP0MqID6Lc71TIaeFdMB8GA1UdIwQY
MBaAFPyYMTcEL8jEkhcH1OttpfbEp5pbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMt
MjI0ZjEwYTk4MWZlLzEvYWI4N0JNcGtFUV9ReW9nUG90enZWTWhwNFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMtMjI0ZjEwYTk4MWZl
LzEvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwQFwxrAAwMA
1OwwDQQCAAIwBwMFACoCJ1AwDQYJKoZIhvcNAQELBQADggEBALdW9MOXR9cu3wEj
MLoioRQhR64xja3uiqofxKlwXKq/QR8VJs9tI3YqpRiq8BABnCyWLRx2d+V2fgPK
OopYu162nXtGSG6/D7ZoNxG3L4rjRgd+GA1MfJ5tXX9PuFk5w0ZD61EmcfwD+bvk
Xmbcgf/sLE4g7RBzMQ2pzwXdk6db3oO9yvynRparG2CdpvPwJ1tbvdyZIiNZI2vN
8hemz8EAqMbVoe9fHfX1xoo2TvDO5gzpaYh4sC3qC8LnUXeLilHUGNmPO7EJpUqt
9ck4edEuAKm8l5J7J1z8HHZtcxhGPC3Wx4xV61PdEqZbJcHkrSIEXaRC/dXonia/
McA+zu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:37 2024 by rpki-client on console-fra.rpki-client.org