Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/Fc2Be9OcNM6rxeyanxJHkx1euqQ.roa
File:                     Fc2Be9OcNM6rxeyanxJHkx1euqQ.roa (raw, json)
Hash identifier:          YpsafOLwkuHQTFTFcmWw81EZ6NNoHI3DSKfnR6I07lo=
Subject key identifier:   15:CD:81:7B:D3:9C:34:CE:AB:C5:EC:9A:9F:12:47:93:1D:5E:BA:A4
Certificate issuer:       /CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Certificate serial:       01856F8B8E9A1E3153CA52DC51C3EE3E79FB
Authority key identifier: CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/Fc2Be9OcNM6rxeyanxJHkx1euqQ.roa
Signing time:             Sun 01 Jan 2023 22:54:55 +0000
ROA not before:           Sun 01 Jan 2023 22:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209838
IP address blocks:        213.170.200.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:8e:9a:1e:31:53:ca:52:dc:51:c3:ee:3e:79:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
        Validity
            Not Before: Jan  1 22:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=15cd817bd39c34ceabc5ec9a9f1247931d5ebaa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:5d:a6:0f:18:ec:a3:33:d2:81:57:5a:0f:70:
                    bc:75:aa:ad:1d:b5:ae:d1:63:43:26:2a:d8:cb:5f:
                    45:bc:ee:07:28:a1:6a:0f:3d:03:cb:aa:72:0a:be:
                    ee:ee:bd:e2:6e:84:85:75:e9:08:5d:94:ba:28:68:
                    fc:5c:0e:d5:46:34:e0:b0:58:2b:e1:85:54:b9:af:
                    5a:49:cd:62:0e:c9:75:b5:cc:26:77:5f:31:2a:14:
                    7b:fc:a9:a8:f0:d7:6f:ea:6e:90:20:28:ac:64:56:
                    ea:7e:3a:52:e6:94:f7:30:93:b8:55:52:80:0c:0e:
                    b2:08:82:a5:20:1f:3c:2f:85:dc:1f:90:45:15:44:
                    59:50:c2:65:48:4d:3c:61:95:c2:b9:32:c7:66:4e:
                    a0:6c:37:cd:10:35:a0:a6:e0:93:60:20:dc:fb:cc:
                    f0:a0:7d:43:58:74:73:fa:8a:d1:92:1c:75:4a:87:
                    e6:1f:01:ab:b4:e6:e4:30:02:d1:1e:df:73:6d:a2:
                    2d:75:c8:67:79:0a:1f:3c:2b:b4:11:77:ba:3f:58:
                    4b:47:33:dd:ea:24:d6:ed:f8:d6:db:b4:35:b4:30:
                    a0:ff:5b:4c:91:f2:f2:b0:2d:27:87:45:6b:19:32:
                    a5:c2:12:24:22:50:1a:34:55:d3:59:37:a8:34:1d:
                    d5:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:CD:81:7B:D3:9C:34:CE:AB:C5:EC:9A:9F:12:47:93:1D:5E:BA:A4
            X509v3 Authority Key Identifier:
                keyid:CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/Fc2Be9OcNM6rxeyanxJHkx1euqQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.170.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:29:36:bd:57:cc:aa:85:0f:6b:4c:3b:82:bd:88:57:b8:71:
         af:76:96:3a:96:d0:80:cb:c5:14:21:1d:8d:90:e0:99:56:94:
         1f:06:c6:c4:d3:af:8a:9d:cb:1b:ee:5c:92:af:47:54:2e:08:
         05:7d:01:6b:2b:7c:fe:2f:ad:43:dd:7a:c2:14:24:a9:6f:bd:
         db:b4:1f:da:19:c6:c1:ac:d7:cb:8c:91:a1:db:be:b6:86:ca:
         e1:83:d0:38:7f:3a:8e:3f:be:2a:9b:05:c2:76:76:1f:1d:7b:
         01:64:68:2b:22:9b:83:3e:2e:b1:49:d4:e6:fa:24:4e:11:c9:
         24:6d:11:01:b0:0d:5a:f8:c6:78:e3:b6:c2:6f:db:14:f9:39:
         5e:3e:2f:49:c7:93:85:26:45:00:cb:4d:36:70:35:a8:ca:89:
         93:1b:00:da:dc:e6:40:27:44:fa:0f:dd:8f:a5:72:66:3e:90:
         59:75:2e:f5:31:b2:cb:d6:b3:cb:71:e4:52:64:3d:17:77:09:
         bf:a7:b9:88:36:f7:5a:cf:6a:19:ae:7f:57:ea:bd:f5:a3:45:
         1f:c0:30:5f:8a:c4:58:18:d5:1e:1b:c6:07:3d:49:6b:be:d6:
         1b:30:48:0f:a0:31:f4:f2:c3:80:94:c8:58:56:7f:03:f5:0f:
         bc:48:f0:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi46aHjFTylLcUcPuPnn7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYmY5NWI0N2FiMmI5OWMyMjJiZmU1NDUyMWVmZDFhYjY3
ZDI2N2YwHhcNMjMwMTAxMjI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWNkODE3YmQzOWMzNGNlYWJjNWVjOWE5ZjEyNDc5MzFkNWViYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF2mDxjsozPSgVdaD3C8daqtHbWu
0WNDJirYy19FvO4HKKFqDz0Dy6pyCr7u7r3iboSFdekIXZS6KGj8XA7VRjTgsFgr
4YVUua9aSc1iDsl1tcwmd18xKhR7/Kmo8Ndv6m6QICisZFbqfjpS5pT3MJO4VVKA
DA6yCIKlIB88L4XcH5BFFURZUMJlSE08YZXCuTLHZk6gbDfNEDWgpuCTYCDc+8zw
oH1DWHRz+orRkhx1SofmHwGrtObkMALRHt9zbaItdchneQofPCu0EXe6P1hLRzPd
6iTW7fjW27Q1tDCg/1tMkfLysC0nh0VrGTKlwhIkIlAaNFXTWTeoNB3V4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBXNgXvTnDTOq8Xsmp8SR5MdXrqkMB8GA1UdIwQY
MBaAFMy/lbR6srmcIiv+VFIe/Rq2fSZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekwtVnRIcXl1WndpS181VVVoNzlHclo5Sm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMjliOTUtY2NiMy00NjdiLWFiN2Et
YWM1YjYxNDkzZTAxLzEvRmMyQmU5T2NOTTZyeGV5YW54SkhreDFldXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMjliOTUtY2NiMy00NjdiLWFiN2EtYWM1YjYxNDkzZTAx
LzEvekwtVnRIcXl1WndpS181VVVoNzlHclo5Sm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1arIMA0G
CSqGSIb3DQEBCwUAA4IBAQCMKTa9V8yqhQ9rTDuCvYhXuHGvdpY6ltCAy8UUIR2N
kOCZVpQfBsbE06+Kncsb7lySr0dULggFfQFrK3z+L61D3XrCFCSpb73btB/aGcbB
rNfLjJGh2762hsrhg9A4fzqOP74qmwXCdnYfHXsBZGgrIpuDPi6xSdTm+iROEckk
bREBsA1a+MZ447bCb9sU+TlePi9Jx5OFJkUAy002cDWoyomTGwDa3OZAJ0T6D92P
pXJmPpBZdS71MbLL1rPLceRSZD0Xdwm/p7mINvdaz2oZrn9X6r31o0UfwDBfisRY
GNUeG8YHPUlrvtYbMEgPoDH08sOAlMhYVn8D9Q+8SPAI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:58 2024 by rpki-client on console-ams.rpki-client.org