Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1vfr_TuykbLGgu0C62__Dps6UNc.roa
File:                     1vfr_TuykbLGgu0C62__Dps6UNc.roa (raw, json)
Hash identifier:          RsKcXmCzO4BTTGKdVz5RRSrMeVNF2udM/PKjSaWvwB4=
Subject key identifier:   D6:F7:EB:FD:3B:B2:91:B2:C6:82:ED:02:EB:6F:FF:0E:9B:3A:50:D7
Certificate issuer:       /CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Certificate serial:       018E3D81434E6D8EB3BD620C4DB29F73AC87
Authority key identifier: D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1vfr_TuykbLGgu0C62__Dps6UNc.roa
Signing time:             Thu 14 Mar 2024 15:07:45 +0000
ROA not before:           Thu 14 Mar 2024 15:07:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12480
IP address blocks:        185.149.156.0/22 maxlen: 24
                          194.45.22.0/24 maxlen: 24
                          212.86.192.0/19 maxlen: 24
                          2a00:1970::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 03 Sep 2024 09:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:3d:81:43:4e:6d:8e:b3:bd:62:0c:4d:b2:9f:73:ac:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
        Validity
            Not Before: Mar 14 15:07:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d6f7ebfd3bb291b2c682ed02eb6fff0e9b3a50d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e6:4c:a6:e6:2a:fe:87:7d:e6:45:e0:51:6e:
                    fb:f9:c1:68:2d:08:2b:ad:08:ca:f2:fb:81:38:d4:
                    7d:ba:05:37:f1:83:bd:53:dd:52:3e:4a:27:0d:54:
                    2e:9f:fc:c4:be:9e:9a:e3:3c:50:9f:d6:4a:9e:ef:
                    92:27:2d:ba:7b:4d:b0:ce:d4:c3:1a:7a:b1:24:a4:
                    9d:9c:9c:2f:ba:65:6e:ec:03:4f:7e:15:45:6a:c9:
                    79:bd:6a:c1:ae:ab:d0:49:e9:76:86:d4:67:ee:9a:
                    48:36:e4:36:4a:0e:de:1c:ca:9d:6e:96:5c:26:4e:
                    92:0c:7e:86:c0:96:4b:08:75:52:10:6c:47:3f:77:
                    6f:e9:a2:51:45:bb:8f:4f:e7:c4:66:b3:6f:86:1b:
                    b6:de:9c:93:29:44:a2:50:fd:38:bd:16:c9:17:8e:
                    8d:2d:92:23:63:be:51:06:ae:e4:f9:39:31:22:19:
                    e6:6f:b2:cf:a1:86:b0:f9:c0:64:1a:a2:b0:a2:3c:
                    97:4c:8c:89:a1:5e:5b:39:aa:4d:df:4f:e2:49:c8:
                    a0:1e:20:b4:e2:a6:64:dc:ec:61:09:6b:6d:18:02:
                    9a:f3:91:66:f5:19:c2:45:69:46:fc:28:a5:dc:4f:
                    63:37:46:f6:e3:85:8c:38:4e:82:79:8b:c2:99:eb:
                    a6:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:F7:EB:FD:3B:B2:91:B2:C6:82:ED:02:EB:6F:FF:0E:9B:3A:50:D7
            X509v3 Authority Key Identifier:
                keyid:D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1vfr_TuykbLGgu0C62__Dps6UNc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.149.156.0/22
                  194.45.22.0/24
                  212.86.192.0/19
                IPv6:
                  2a00:1970::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:53:f7:7f:74:7d:7c:bb:72:0c:c3:62:0f:6b:34:0f:2b:9d:
         4f:c8:75:78:b2:5a:ff:2b:f3:96:24:f7:8d:1f:1c:ec:f5:31:
         35:b5:59:e8:5e:9a:2e:ba:47:25:81:51:4b:8f:32:8b:f1:38:
         0f:55:78:e9:36:95:9c:d2:b3:e4:d9:05:98:65:39:bd:ab:da:
         43:f8:be:3a:60:36:c5:f8:4d:c1:be:f3:b8:da:48:05:1c:c7:
         d2:f9:2f:e7:4f:9c:ad:56:60:3d:de:5b:a1:d0:5a:e1:1f:d2:
         c7:d1:f3:d2:62:d7:e3:ca:d5:d8:5c:1a:64:51:51:19:77:39:
         a1:62:96:01:2a:b9:d9:54:11:52:9a:4c:c2:c2:c2:d4:3c:41:
         1f:07:9c:bf:b8:2a:d0:07:88:df:b8:76:fb:d4:6c:e2:f9:21:
         85:c4:b8:84:a0:f9:82:58:c9:32:55:8e:40:ee:fe:76:0f:b0:
         90:2a:28:71:ea:d5:b7:9c:84:91:07:3a:fc:64:3b:46:9e:40:
         39:ce:05:70:b1:88:93:13:ee:07:29:dc:90:d8:a9:af:c5:3b:
         18:5d:60:37:6b:f6:a3:21:66:6b:54:fb:6a:3a:7d:f0:09:fc:
         93:47:38:38:3a:f1:4f:7d:c6:46:71:bf:3e:48:fe:b2:be:e4:
         59:c7:55:f2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY49gUNObY6zvWIMTbKfc6yHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzI2OWY5ZTkzYjBmYjhiYzRiMWM5NDdhYmM1YjIxZjIx
ZjIzMDUwHhcNMjQwMzE0MTUwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmY3ZWJmZDNiYjI5MWIyYzY4MmVkMDJlYjZmZmYwZTliM2E1MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOZMpuYq/od95kXgUW77+cFoLQgr
rQjK8vuBONR9ugU38YO9U91SPkonDVQun/zEvp6a4zxQn9ZKnu+SJy26e02wztTD
GnqxJKSdnJwvumVu7ANPfhVFasl5vWrBrqvQSel2htRn7ppINuQ2Sg7eHMqdbpZc
Jk6SDH6GwJZLCHVSEGxHP3dv6aJRRbuPT+fEZrNvhhu23pyTKUSiUP04vRbJF46N
LZIjY75RBq7k+TkxIhnmb7LPoYaw+cBkGqKwojyXTIyJoV5bOapN30/iScigHiC0
4qZk3OxhCWttGAKa85Fm9RnCRWlG/Cil3E9jN0b244WMOE6CeYvCmeumCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNb36/07spGyxoLtAutv/w6bOlDXMB8GA1UdIwQY
MBaAFNbCafnpOw+4vEsclHq8WyHyHyMFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNKcC1lazdEN2k4U3h5VWVyeGJJZklmSXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jMjUzZTMtNDEzMy00YTE2LTkwNjEt
Yjc5Y2ZjMjRkM2I3LzEvMXZmcl9UdXlrYkxHZ3UwQzYyX19EcHM2VU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jMjUzZTMtNDEzMy00YTE2LTkwNjEtYjc5Y2ZjMjRkM2I3
LzEvMXNKcC1lazdEN2k4U3h5VWVyeGJJZklmSXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuZWcAwQA
wi0WAwQF1FbAMA0EAgACMAcDBQAqABlwMA0GCSqGSIb3DQEBCwUAA4IBAQBoU/d/
dH18u3IMw2IPazQPK51PyHV4slr/K/OWJPeNHxzs9TE1tVnoXpouukclgVFLjzKL
8TgPVXjpNpWc0rPk2QWYZTm9q9pD+L46YDbF+E3BvvO42kgFHMfS+S/nT5ytVmA9
3luh0FrhH9LH0fPSYtfjytXYXBpkUVEZdzmhYpYBKrnZVBFSmkzCwsLUPEEfB5y/
uCrQB4jfuHb71Gzi+SGFxLiEoPmCWMkyVY5A7v52D7CQKihx6tW3nISRBzr8ZDtG
nkA5zgVwsYiTE+4HKdyQ2KmvxTsYXWA3a/ajIWZrVPtqOn3wCfyTRzg4OvFPfcZG
cb8+SP6yvuRZx1Xy
-----END CERTIFICATE-----
Generated at Tue Sep 3 11:37:23 2024 by rpki-client on console-fra.rpki-client.org