Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/fSQqw8DS2jok8AD7NelVHaa4LLM.roa
File:                     fSQqw8DS2jok8AD7NelVHaa4LLM.roa (raw, json)
Hash identifier:          1kZgOFpblrmzdsZR/MUEmE7sBYKgHpi+xZMFMUB5NsY=
Subject key identifier:   7D:24:2A:C3:C0:D2:DA:3A:24:F0:00:FB:35:E9:55:1D:A6:B8:2C:B3
Certificate issuer:       /CN=b4c41e59834da612d83ca24194f02ca6d7602448
Certificate serial:       0191F9B75BC0388231033267A8A99ABDA401
Authority key identifier: B4:C4:1E:59:83:4D:A6:12:D8:3C:A2:41:94:F0:2C:A6:D7:60:24:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/fSQqw8DS2jok8AD7NelVHaa4LLM.roa
Signing time:             Mon 16 Sep 2024 07:23:48 +0000
ROA not before:           Mon 16 Sep 2024 07:23:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214666
IP address blocks:        185.133.160.0/22 maxlen: 22
                          185.133.160.0/23 maxlen: 23
                          185.133.162.0/23 maxlen: 23
                          2a12:ff40::/32 maxlen: 32
                          2a12:ff40::/33 maxlen: 33
                          2a12:ff40:8000::/33 maxlen: 33

Validation:               Failed, certificate revoked on Thu 17 Oct 2024 12:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:b7:5b:c0:38:82:31:03:32:67:a8:a9:9a:bd:a4:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4c41e59834da612d83ca24194f02ca6d7602448
        Validity
            Not Before: Sep 16 07:23:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d242ac3c0d2da3a24f000fb35e9551da6b82cb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:bd:1a:d3:a0:72:ab:06:33:ee:0e:c3:c4:65:
                    ff:5b:ca:0d:bb:2c:89:2c:74:f4:bf:8b:df:07:5c:
                    02:50:e8:bf:6e:2b:b1:be:4f:0d:bc:3f:0f:c7:7f:
                    ff:86:60:1d:7a:7b:26:f5:39:a0:80:de:8a:6f:bf:
                    65:7e:d6:29:39:1f:bc:a9:ec:7b:d6:73:c1:bc:f7:
                    73:f6:a6:bb:4c:70:ea:7e:37:62:31:c9:35:db:77:
                    e1:5b:47:82:55:d8:29:36:0c:1f:76:1e:cd:71:58:
                    90:74:98:5f:20:d5:ce:19:4d:32:2a:80:92:bf:69:
                    7c:29:a1:fe:e6:93:92:8d:af:f1:2a:9c:4e:12:10:
                    b7:97:1b:00:71:33:bb:d8:e2:bc:ff:39:18:0a:81:
                    06:44:fc:05:42:03:64:71:5f:e9:8a:11:f4:75:16:
                    25:29:82:59:2b:c2:9e:8d:a2:aa:21:89:1a:9d:7f:
                    06:74:26:b8:16:f2:b8:2a:8f:eb:5d:86:2f:f3:f9:
                    3e:0d:6e:d5:78:d5:fd:f1:5d:ad:f7:12:cf:68:39:
                    31:c0:2a:9a:c8:99:6a:c1:41:cb:4f:c8:e4:ca:73:
                    d3:79:62:d0:0f:33:41:b0:f1:d9:7a:c0:66:2d:f4:
                    1f:ef:16:cb:5a:18:57:fe:ba:c4:11:b7:7f:07:8f:
                    9b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:24:2A:C3:C0:D2:DA:3A:24:F0:00:FB:35:E9:55:1D:A6:B8:2C:B3
            X509v3 Authority Key Identifier:
                keyid:B4:C4:1E:59:83:4D:A6:12:D8:3C:A2:41:94:F0:2C:A6:D7:60:24:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/fSQqw8DS2jok8AD7NelVHaa4LLM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/tMQeWYNNphLYPKJBlPAsptdgJEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.133.160.0/22
                IPv6:
                  2a12:ff40::/32

    Signature Algorithm: sha256WithRSAEncryption
         67:42:f5:8b:25:8b:24:08:c8:c6:a6:b1:91:84:7d:cb:9d:3b:
         2d:a1:55:df:a6:f5:1c:76:3b:1b:11:39:c0:6b:3c:c9:5f:7e:
         5d:62:9b:50:03:85:3e:3a:b3:60:8f:76:d4:35:f4:2a:42:e0:
         64:1e:53:74:b6:a9:39:b1:4d:ab:53:c8:28:c9:e4:3e:81:94:
         26:c7:59:3e:1f:80:2d:24:04:fb:c7:64:da:20:3a:0b:6a:c1:
         2e:b8:15:90:9f:81:bf:61:4f:f3:9a:4d:e4:09:b5:a1:0e:e2:
         d4:f6:aa:50:52:d2:3a:90:c2:86:91:67:24:6b:43:ba:e9:f4:
         38:5d:63:8c:6b:e8:40:16:d9:36:45:e5:fe:ce:0f:27:74:f9:
         6f:a4:5d:99:51:5e:50:be:05:4d:5a:3e:fd:a8:62:36:35:77:
         65:2f:35:ff:10:0c:4a:52:a8:c1:5c:6b:2f:91:81:3e:c3:3d:
         c0:4d:66:ae:82:30:5d:7c:bd:ee:22:53:5a:e3:e3:ef:6f:47:
         85:e3:18:e2:42:c2:bb:7b:23:fe:7d:2e:7d:a4:6d:f1:b7:17:
         da:2b:6b:68:7c:d0:87:ac:ce:7a:b6:61:da:5f:1b:76:fd:d5:
         94:ea:9c:43:ba:64:e9:80:8c:f5:ba:3c:01:1d:5b:2c:0b:2b:
         e7:1d:76:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZH5t1vAOIIxAzJnqKmavaQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YzQxZTU5ODM0ZGE2MTJkODNjYTI0MTk0ZjAyY2E2ZDc2
MDI0NDgwHhcNMjQwOTE2MDcyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI0MmFjM2MwZDJkYTNhMjRmMDAwZmIzNWU5NTUxZGE2YjgyY2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub0a06ByqwYz7g7DxGX/W8oNuyyJ
LHT0v4vfB1wCUOi/biuxvk8NvD8Px3//hmAdensm9TmggN6Kb79lftYpOR+8qex7
1nPBvPdz9qa7THDqfjdiMck123fhW0eCVdgpNgwfdh7NcViQdJhfINXOGU0yKoCS
v2l8KaH+5pOSja/xKpxOEhC3lxsAcTO72OK8/zkYCoEGRPwFQgNkcV/pihH0dRYl
KYJZK8KejaKqIYkanX8GdCa4FvK4Ko/rXYYv8/k+DW7VeNX98V2t9xLPaDkxwCqa
yJlqwUHLT8jkynPTeWLQDzNBsPHZesBmLfQf7xbLWhhX/rrEEbd/B4+bswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH0kKsPA0to6JPAA+zXpVR2muCyzMB8GA1UdIwQY
MBaAFLTEHlmDTaYS2DyiQZTwLKbXYCRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE1RZVdZTk5waExZUEtKQmxQQXNwdGRnSkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hM2JhY2EtNDM3ZC00NjA3LTljMWEt
NTU3YTRjMzFlMDJlLzEvZlNRcXc4RFMyam9rOEFEN05lbFZIYWE0TExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hM2JhY2EtNDM3ZC00NjA3LTljMWEtNTU3YTRjMzFlMDJl
LzEvdE1RZVdZTk5waExZUEtKQmxQQXNwdGRnSkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYWgMA0E
AgACMAcDBQAqEv9AMA0GCSqGSIb3DQEBCwUAA4IBAQBnQvWLJYskCMjGprGRhH3L
nTstoVXfpvUcdjsbETnAazzJX35dYptQA4U+OrNgj3bUNfQqQuBkHlN0tqk5sU2r
U8goyeQ+gZQmx1k+H4AtJAT7x2TaIDoLasEuuBWQn4G/YU/zmk3kCbWhDuLU9qpQ
UtI6kMKGkWcka0O66fQ4XWOMa+hAFtk2ReX+zg8ndPlvpF2ZUV5QvgVNWj79qGI2
NXdlLzX/EAxKUqjBXGsvkYE+wz3ATWaugjBdfL3uIlNa4+Pvb0eF4xjiQsK7eyP+
fS59pG3xtxfaK2tofNCHrM56tmHaXxt2/dWU6pxDumTpgIz1ujwBHVssCyvnHXay
-----END CERTIFICATE-----
Generated at Thu Oct 17 15:02:37 2024 by rpki-client on console-fra.rpki-client.org