Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Fh97VRdeFN5HHW1z4EZq7Q0GqFk.roa
File:                     Fh97VRdeFN5HHW1z4EZq7Q0GqFk.roa (raw, json)
Hash identifier:          yEnkX7Rl+cV/Mr5NYbLcGsO6BwaHlaHxt/yuF/cN7hU=
Subject key identifier:   16:1F:7B:55:17:5E:14:DE:47:1D:6D:73:E0:46:6A:ED:0D:06:A8:59
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       01859A818C3246B516AF9088E53433D947E6
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Fh97VRdeFN5HHW1z4EZq7Q0GqFk.roa
Signing time:             Tue 10 Jan 2023 07:07:39 +0000
ROA not before:           Tue 10 Jan 2023 07:07:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        188.191.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 20 Jan 2023 20:10:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9a:81:8c:32:46:b5:16:af:90:88:e5:34:33:d9:47:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Jan 10 07:07:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=161f7b55175e14de471d6d73e0466aed0d06a859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:f0:21:92:25:21:f3:25:68:3e:11:71:7f:3f:
                    5a:6a:50:b5:2f:82:82:1e:ac:90:15:2e:21:26:fa:
                    dc:ff:24:99:f3:35:ee:27:0d:af:38:2f:51:38:01:
                    64:d9:24:ac:e4:91:05:77:66:18:5e:df:43:4f:6a:
                    23:26:78:be:a2:4b:e5:bd:72:95:82:03:6f:3c:9b:
                    37:29:f2:b3:e8:8e:29:1d:0e:76:c5:cf:07:b8:40:
                    af:84:93:18:6b:bb:eb:73:97:29:45:d6:9e:a6:c0:
                    de:ea:31:12:9b:11:b5:74:4b:ce:bf:e9:94:1e:60:
                    be:8d:d2:cd:e2:eb:73:3f:f4:9f:07:1c:25:1b:ec:
                    d1:51:d9:96:95:71:63:10:89:a9:a9:42:89:91:31:
                    68:a1:da:d1:88:1c:1c:c3:f8:9d:54:d6:c3:ce:33:
                    be:f6:9e:71:4d:b9:6d:12:0e:30:d9:6b:44:26:bf:
                    38:30:4a:32:bc:e4:03:77:62:3f:69:7b:d5:0e:6a:
                    a9:3e:5e:8d:dd:ea:89:9f:55:b4:3f:7b:b8:27:37:
                    db:18:b4:4b:14:0b:95:02:61:e6:b9:1e:dd:c3:80:
                    a9:e1:bb:13:6b:1f:1b:19:de:82:4e:7d:f2:34:d9:
                    e1:71:ca:75:1a:b4:57:cb:a5:66:bb:86:ca:78:a7:
                    e0:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:1F:7B:55:17:5E:14:DE:47:1D:6D:73:E0:46:6A:ED:0D:06:A8:59
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Fh97VRdeFN5HHW1z4EZq7Q0GqFk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:de:2e:0e:4f:96:de:c8:84:50:03:96:63:ed:b6:8d:1c:be:
         c7:60:4b:37:19:84:e5:ec:f6:1a:99:56:25:68:6b:f7:63:f4:
         10:8f:22:f1:52:13:c0:08:60:56:4c:34:8e:14:da:55:67:9e:
         55:5e:e2:20:d5:12:5c:f8:81:8d:2c:be:85:8e:45:c1:d5:61:
         26:96:c9:a0:12:95:a0:59:e1:fd:41:4c:5f:dc:b4:ca:92:8e:
         f9:4e:fc:d9:f2:25:8a:ed:d2:d6:81:fe:1c:6b:b8:b0:a1:cc:
         47:33:be:26:9f:1f:f9:09:7a:3d:60:aa:d8:57:4c:ea:fc:82:
         ad:02:bd:e3:76:2a:c0:7d:b7:4e:53:f5:73:03:a6:d8:32:1b:
         76:2b:4c:8b:a0:ff:38:60:24:a4:ad:36:c2:69:ae:3b:fd:aa:
         55:06:a3:85:f2:d2:b5:e9:79:c0:59:52:88:c0:b1:48:20:7e:
         d4:88:ec:b8:e8:cd:ce:4b:0b:8f:4f:a2:01:a6:de:f0:ff:e5:
         ae:98:d7:26:b2:16:29:78:ee:86:f6:9f:27:37:16:06:65:10:
         c6:3a:9e:56:f3:b8:32:e4:2c:13:c5:f6:06:f9:88:8a:53:5e:
         d2:e2:11:35:1e:dc:58:ef:76:6b:dc:cb:26:64:ac:cf:1e:88:
         82:13:ca:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWagYwyRrUWr5CI5TQz2UfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMTEwMDcwNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjFmN2I1NTE3NWUxNGRlNDcxZDZkNzNlMDQ2NmFlZDBkMDZhODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfAhkiUh8yVoPhFxfz9aalC1L4KC
HqyQFS4hJvrc/ySZ8zXuJw2vOC9ROAFk2SSs5JEFd2YYXt9DT2ojJni+okvlvXKV
ggNvPJs3KfKz6I4pHQ52xc8HuECvhJMYa7vrc5cpRdaepsDe6jESmxG1dEvOv+mU
HmC+jdLN4utzP/SfBxwlG+zRUdmWlXFjEImpqUKJkTFoodrRiBwcw/idVNbDzjO+
9p5xTbltEg4w2WtEJr84MEoyvOQDd2I/aXvVDmqpPl6N3eqJn1W0P3u4JzfbGLRL
FAuVAmHmuR7dw4Cp4bsTax8bGd6CTn3yNNnhccp1GrRXy6Vmu4bKeKfgDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBYfe1UXXhTeRx1tc+BGau0NBqhZMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvRmg5N1ZSZGVGTjVISFcxejRFWnE3UTBHcUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9qMA0G
CSqGSIb3DQEBCwUAA4IBAQAG3i4OT5beyIRQA5Zj7baNHL7HYEs3GYTl7PYamVYl
aGv3Y/QQjyLxUhPACGBWTDSOFNpVZ55VXuIg1RJc+IGNLL6FjkXB1WEmlsmgEpWg
WeH9QUxf3LTKko75TvzZ8iWK7dLWgf4ca7iwocxHM74mnx/5CXo9YKrYV0zq/IKt
Ar3jdirAfbdOU/VzA6bYMht2K0yLoP84YCSkrTbCaa47/apVBqOF8tK16XnAWVKI
wLFIIH7UiOy46M3OSwuPT6IBpt7w/+WumNcmshYpeO6G9p8nNxYGZRDGOp5W87gy
5CwTxfYG+YiKU17S4hE1HtxY73Zr3MsmZKzPHoiCE8os
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org