Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/fnAwY0TZxr8or3GqeOw99_Z-FSM.roa
File:                     fnAwY0TZxr8or3GqeOw99_Z-FSM.roa (raw, json)
Hash identifier:          v8t09AvYFbDJgq1vr+FmU0muRFN2nWeca4LwUR0CWlU=
Subject key identifier:   7E:70:30:63:44:D9:C6:BF:28:AF:71:AA:78:EC:3D:F7:F6:7E:15:23
Certificate issuer:       /CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Certificate serial:       018CC64B31055DE985BF18C140FEEFC19105
Authority key identifier: FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/fnAwY0TZxr8or3GqeOw99_Z-FSM.roa
Signing time:             Mon 01 Jan 2024 18:31:05 +0000
ROA not before:           Mon 01 Jan 2024 18:31:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8245
IP address blocks:        195.26.192.0/19 maxlen: 19
                          212.236.0.0/18 maxlen: 18
                          212.236.0.0/16 maxlen: 16
                          195.26.216.0/22 maxlen: 24
                          195.26.220.0/22 maxlen: 22
                          212.236.160.0/19 maxlen: 19
                          212.236.192.0/18 maxlen: 18
                          2a02:2750::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 18:16:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:31:05:5d:e9:85:bf:18:c1:40:fe:ef:c1:91:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
        Validity
            Not Before: Jan  1 18:31:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7e70306344d9c6bf28af71aa78ec3df7f67e1523
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f7:1d:70:54:c8:48:56:66:7f:c0:d4:e3:e1:
                    89:01:8c:e5:c6:0d:c2:7c:12:79:ee:be:0a:35:45:
                    8c:21:78:92:d3:30:8d:2f:49:94:2e:60:f0:f9:65:
                    78:22:0f:ba:0a:61:d1:b2:34:a6:58:d1:ce:6a:4c:
                    51:2b:da:e5:1b:51:d8:d5:b5:88:16:5c:c0:68:87:
                    d4:86:82:6f:01:75:d7:8e:8e:17:95:86:4b:e7:ed:
                    36:2c:26:ce:9c:82:31:0a:b4:e4:4f:f1:0b:ad:a6:
                    19:54:2a:38:54:65:4b:49:99:8e:79:20:32:52:fc:
                    32:88:5a:be:e5:c0:d1:89:a4:15:04:d7:1e:22:09:
                    6a:30:0a:91:9a:2e:e5:8e:46:1c:45:13:d3:73:b4:
                    d3:1f:5d:b3:6f:39:6a:f1:a2:06:e3:5a:4f:ba:f7:
                    80:3c:b8:d7:fa:8b:c0:37:00:ef:13:95:dc:7c:72:
                    4e:b9:25:87:02:51:71:54:4c:e6:8f:95:c3:4c:64:
                    a9:ce:9a:9a:39:e7:61:c9:41:ae:d3:c5:a3:60:f5:
                    7b:c2:38:2a:98:c5:71:02:fb:f9:03:ab:54:71:f2:
                    6b:e1:9c:bf:a4:15:ee:40:d6:ed:37:d7:15:1c:5f:
                    38:2c:1f:77:52:ce:da:33:91:8d:59:9c:12:89:b6:
                    45:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:70:30:63:44:D9:C6:BF:28:AF:71:AA:78:EC:3D:F7:F6:7E:15:23
            X509v3 Authority Key Identifier:
                keyid:FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/fnAwY0TZxr8or3GqeOw99_Z-FSM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/_JgxNwQvyMSSFwfU622l9sSnmls.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.26.192.0/19
                  212.236.0.0/16
                IPv6:
                  2a02:2750::/32

    Signature Algorithm: sha256WithRSAEncryption
         bd:a7:8c:5b:7d:d9:5e:00:ca:56:ae:c6:d5:a1:00:3d:45:82:
         18:9a:3c:e5:99:0d:fd:03:bf:73:c2:97:37:5f:d3:63:42:84:
         1f:4c:c8:4f:88:1c:63:8a:be:f3:cb:07:08:9f:8f:b1:66:3f:
         72:84:73:6a:56:99:6c:29:f1:c5:c2:57:c1:85:ef:2f:ef:60:
         cb:c6:c0:a6:06:06:a2:e0:15:e0:45:90:ff:58:eb:20:b0:d1:
         ac:4a:98:b9:e6:98:0b:ad:17:bf:8d:1a:15:f0:e7:05:a9:bf:
         74:ea:d4:71:bb:19:65:69:5d:3f:5d:20:55:ff:68:0a:8d:16:
         b7:74:38:a9:f6:c6:f1:df:87:8f:72:2a:77:a1:1c:ce:ec:e5:
         79:e7:27:48:16:71:1b:1e:41:07:db:9f:ac:b0:fc:e2:40:38:
         06:04:f1:5b:12:e7:ce:9b:9a:95:08:ef:ec:a7:fe:91:01:62:
         84:2f:13:81:18:2a:90:8f:f5:11:3b:6a:69:21:d0:e0:b6:e6:
         b3:4d:8e:14:c1:8b:b4:f0:48:8c:75:f5:2a:45:dc:2a:7e:2a:
         e3:9e:1d:32:b0:60:99:77:55:c2:ef:b9:af:34:f1:3d:52:fd:
         c9:62:16:05:f1:02:8f:47:bb:5f:61:f5:6c:db:99:ad:1a:b1:
         46:11:3c:03
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGSzEFXemFvxjBQP7vwZEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTgzMTM3MDQyZmM4YzQ5MjE3MDdkNGViNmRhNWY2YzRh
NzlhNWIwHhcNMjQwMTAxMTgzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTcwMzA2MzQ0ZDljNmJmMjhhZjcxYWE3OGVjM2RmN2Y2N2UxNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfcdcFTISFZmf8DU4+GJAYzlxg3C
fBJ57r4KNUWMIXiS0zCNL0mULmDw+WV4Ig+6CmHRsjSmWNHOakxRK9rlG1HY1bWI
FlzAaIfUhoJvAXXXjo4XlYZL5+02LCbOnIIxCrTkT/ELraYZVCo4VGVLSZmOeSAy
UvwyiFq+5cDRiaQVBNceIglqMAqRmi7ljkYcRRPTc7TTH12zbzlq8aIG41pPuveA
PLjX+ovANwDvE5XcfHJOuSWHAlFxVEzmj5XDTGSpzpqaOedhyUGu08WjYPV7wjgq
mMVxAvv5A6tUcfJr4Zy/pBXuQNbtN9cVHF84LB93Us7aM5GNWZwSibZFHwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH5wMGNE2ca/KK9xqnjsPff2fhUjMB8GA1UdIwQY
MBaAFPyYMTcEL8jEkhcH1OttpfbEp5pbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMt
MjI0ZjEwYTk4MWZlLzEvZm5Bd1kwVFp4cjhvcjNHcWVPdzk5X1otRlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMtMjI0ZjEwYTk4MWZl
LzEvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwQFwxrAAwMA
1OwwDQQCAAIwBwMFACoCJ1AwDQYJKoZIhvcNAQELBQADggEBAL2njFt92V4Aylau
xtWhAD1FghiaPOWZDf0Dv3PClzdf02NChB9MyE+IHGOKvvPLBwifj7FmP3KEc2pW
mWwp8cXCV8GF7y/vYMvGwKYGBqLgFeBFkP9Y6yCw0axKmLnmmAutF7+NGhXw5wWp
v3Tq1HG7GWVpXT9dIFX/aAqNFrd0OKn2xvHfh49yKnehHM7s5XnnJ0gWcRseQQfb
n6yw/OJAOAYE8VsS586bmpUI7+yn/pEBYoQvE4EYKpCP9RE7amkh0OC25rNNjhTB
i7TwSIx19SpF3Cp+KuOeHTKwYJl3VcLvua808T1S/cliFgXxAo9Hu19h9Wzbma0a
sUYRPAM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:34 2024 by rpki-client on console-ams.rpki-client.org