Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/FKKbkjcfQv-zbkF-gAYFMFvUxn4.roa
File:                     FKKbkjcfQv-zbkF-gAYFMFvUxn4.roa (raw, json)
Hash identifier:          wd2h8nH8nUktR5QTUuAXTSbC6pwnKfCP4QR/6qzZ00o=
Subject key identifier:   14:A2:9B:92:37:1F:42:FF:B3:6E:41:7E:80:06:05:30:5B:D4:C6:7E
Certificate issuer:       /CN=c1e8b88f1e30573a0e20e479d5ba00b4e91827b6
Certificate serial:       0185708C9D82342271608040E8057A06D46D
Authority key identifier: C1:E8:B8:8F:1E:30:57:3A:0E:20:E4:79:D5:BA:00:B4:E9:18:27:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/FKKbkjcfQv-zbkF-gAYFMFvUxn4.roa
Signing time:             Mon 02 Jan 2023 03:35:41 +0000
ROA not before:           Mon 02 Jan 2023 03:35:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31317
IP address blocks:        185.170.244.0/22 maxlen: 32
                          2a0a:b900::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:9d:82:34:22:71:60:80:40:e8:05:7a:06:d4:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1e8b88f1e30573a0e20e479d5ba00b4e91827b6
        Validity
            Not Before: Jan  2 03:35:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=14a29b92371f42ffb36e417e800605305bd4c67e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:63:0e:7b:7c:7b:e1:10:e3:86:3f:51:69:5c:
                    66:17:db:56:11:ec:01:b7:c7:29:e8:8a:d6:80:d0:
                    33:82:15:86:9e:ae:49:a4:d1:2a:22:5a:b9:d5:51:
                    e7:ec:f3:55:ee:89:3c:73:aa:61:64:fe:9b:ea:8f:
                    43:3c:1b:20:05:df:af:e1:ae:f8:fd:74:ba:17:60:
                    3b:eb:6e:dd:91:ef:45:0a:2d:f8:62:00:38:3d:12:
                    cc:98:b4:9e:60:92:d6:8f:85:dc:ed:ea:8a:ec:ab:
                    47:e3:66:e2:26:37:5b:ec:62:0e:ef:22:93:e2:a8:
                    3a:73:c3:a7:77:b0:4b:cf:95:35:10:47:2d:8b:b5:
                    15:16:e5:c2:dd:0c:fa:ac:f5:ac:3a:53:e0:8a:70:
                    18:1c:a0:19:6c:d0:1f:6e:ca:e2:fd:0f:c4:ec:f0:
                    8c:2b:8a:73:46:92:4d:b8:21:6a:88:98:10:a1:2d:
                    d5:f4:c0:57:a4:30:a6:bc:26:50:d9:54:35:d1:48:
                    a7:1e:87:48:35:cc:76:29:95:c9:53:3c:b9:48:6f:
                    a3:7e:f8:f6:22:7a:2d:ee:65:c4:c4:bc:bd:01:e9:
                    4a:f3:d8:7d:4e:63:85:82:cb:fb:96:cb:71:c3:91:
                    0a:09:70:79:97:8b:a6:39:16:36:00:3a:b4:0c:d2:
                    66:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:A2:9B:92:37:1F:42:FF:B3:6E:41:7E:80:06:05:30:5B:D4:C6:7E
            X509v3 Authority Key Identifier:
                keyid:C1:E8:B8:8F:1E:30:57:3A:0E:20:E4:79:D5:BA:00:B4:E9:18:27:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/FKKbkjcfQv-zbkF-gAYFMFvUxn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/wei4jx4wVzoOIOR51boAtOkYJ7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.170.244.0/22
                IPv6:
                  2a0a:b900::/29

    Signature Algorithm: sha256WithRSAEncryption
         37:2c:69:d7:93:d4:f7:44:23:af:ea:37:9f:41:bf:fc:41:d6:
         08:50:8a:af:6e:6c:bc:7c:3f:cb:2b:a5:01:c2:94:71:41:4f:
         6b:8c:03:cf:fe:60:b8:57:2f:1b:7e:43:16:d1:14:6e:1c:de:
         60:6d:5c:e1:a0:b1:be:59:85:34:49:72:85:f2:b4:fd:5b:a8:
         5c:95:6f:47:74:20:e9:00:8e:02:dc:fc:21:2c:74:7f:f4:e6:
         2c:ff:c8:41:37:78:45:8a:79:25:3d:a6:3f:e9:41:ba:d9:8f:
         34:c8:85:05:dc:45:6a:1a:7f:78:50:92:c4:48:06:d3:4c:37:
         8e:85:2d:12:60:aa:a6:ee:8f:f1:14:81:a6:df:38:7a:58:b2:
         5f:e6:43:a6:e5:af:69:80:d1:66:d1:89:db:26:f4:59:ca:71:
         51:bc:9d:74:d6:cc:d1:55:39:77:45:74:96:b7:fb:51:8a:dd:
         68:27:2e:a8:e1:d0:af:7b:fc:40:84:04:ed:0f:3d:5e:23:50:
         20:d4:91:80:07:99:e9:5d:45:7b:ae:a4:c7:14:e0:f4:b1:b2:
         c2:8c:98:37:e8:9b:35:16:da:9c:bd:c2:40:33:3a:12:97:e3:
         c5:a1:ec:ac:25:ff:1e:d5:42:6a:60:09:df:bc:de:1f:79:ff:
         d4:74:e9:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjJ2CNCJxYIBA6AV6BtRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZThiODhmMWUzMDU3M2EwZTIwZTQ3OWQ1YmEwMGI0ZTkx
ODI3YjYwHhcNMjMwMTAyMDMzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGEyOWI5MjM3MWY0MmZmYjM2ZTQxN2U4MDA2MDUzMDViZDRjNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomMOe3x74RDjhj9RaVxmF9tWEewB
t8cp6IrWgNAzghWGnq5JpNEqIlq51VHn7PNV7ok8c6phZP6b6o9DPBsgBd+v4a74
/XS6F2A7627dke9FCi34YgA4PRLMmLSeYJLWj4Xc7eqK7KtH42biJjdb7GIO7yKT
4qg6c8Ond7BLz5U1EEcti7UVFuXC3Qz6rPWsOlPginAYHKAZbNAfbsri/Q/E7PCM
K4pzRpJNuCFqiJgQoS3V9MBXpDCmvCZQ2VQ10UinHodINcx2KZXJUzy5SG+jfvj2
Inot7mXExLy9AelK89h9TmOFgsv7lstxw5EKCXB5l4umORY2ADq0DNJm4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBSim5I3H0L/s25BfoAGBTBb1MZ+MB8GA1UdIwQY
MBaAFMHouI8eMFc6DiDkedW6ALTpGCe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VpNGp4NHdWem9PSU9SNTFib0F0T2tZSjdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NTcxOTctYzYyOC00OGIxLTk1NmQt
ZWZmZTk1NWE1ZDY0LzEvRktLYmtqY2ZRdi16YmtGLWdBWUZNRnZVeG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NTcxOTctYzYyOC00OGIxLTk1NmQtZWZmZTk1NWE1ZDY0
LzEvd2VpNGp4NHdWem9PSU9SNTFib0F0T2tZSjdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuar0MA0E
AgACMAcDBQMqCrkAMA0GCSqGSIb3DQEBCwUAA4IBAQA3LGnXk9T3RCOv6jefQb/8
QdYIUIqvbmy8fD/LK6UBwpRxQU9rjAPP/mC4Vy8bfkMW0RRuHN5gbVzhoLG+WYU0
SXKF8rT9W6hclW9HdCDpAI4C3PwhLHR/9OYs/8hBN3hFinklPaY/6UG62Y80yIUF
3EVqGn94UJLESAbTTDeOhS0SYKqm7o/xFIGm3zh6WLJf5kOm5a9pgNFm0YnbJvRZ
ynFRvJ101szRVTl3RXSWt/tRit1oJy6o4dCve/xAhATtDz1eI1Ag1JGAB5npXUV7
rqTHFOD0sbLCjJg36Js1FtqcvcJAMzoSl+PFoeysJf8e1UJqYAnfvN4fef/UdOmp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:42 2024 by rpki-client on console-ams.rpki-client.org