Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/FMkBrbRfVWw0kvoaR7m419Ch7bs.roa
File:                     FMkBrbRfVWw0kvoaR7m419Ch7bs.roa (raw, json)
Hash identifier:          yHear+x6NNQT5VnBoiTybLLx6ryjCMYyZAl/UREASDE=
Subject key identifier:   14:C9:01:AD:B4:5F:55:6C:34:92:FA:1A:47:B9:B8:D7:D0:A1:ED:BB
Certificate issuer:       /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial:       018C3500D011D076AAD6311967346F7A21CA
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/FMkBrbRfVWw0kvoaR7m419Ch7bs.roa
Signing time:             Mon 04 Dec 2023 13:24:54 +0000
ROA not before:           Mon 04 Dec 2023 13:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47726
IP address blocks:        185.65.203.0/24 maxlen: 24
                          185.65.202.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Dec 2023 14:07:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:35:00:d0:11:d0:76:aa:d6:31:19:67:34:6f:7a:21:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
        Validity
            Not Before: Dec  4 13:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=14c901adb45f556c3492fa1a47b9b8d7d0a1edbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ee:2b:1a:b0:da:75:ec:fb:be:4d:fd:ec:1d:
                    cb:24:95:5f:b1:17:86:59:cc:85:e8:19:c5:cb:d0:
                    54:69:b3:b0:63:fe:ca:6b:a7:f7:c8:1c:06:4c:6e:
                    7b:e8:aa:d7:6e:78:9c:c3:dd:8c:cc:6c:57:39:b7:
                    13:56:27:60:d5:27:33:94:d3:91:c8:c4:98:31:62:
                    69:92:e1:61:6a:d0:5b:3c:f2:e8:71:c9:26:21:2e:
                    b4:43:32:9c:d8:84:ab:26:f7:fc:c7:a9:b6:0e:4d:
                    92:2a:ff:06:24:10:98:de:2b:86:5c:65:70:a4:cc:
                    2f:14:f5:4e:d3:84:ca:e2:38:9e:35:69:b8:8a:3e:
                    d8:cb:25:d6:8a:a8:de:76:fc:7f:4f:d0:00:02:fe:
                    4b:74:d9:23:83:e2:61:59:22:0a:ce:c0:8b:23:20:
                    50:b9:41:b6:f7:b2:b1:a4:dd:ba:5e:42:69:fc:d8:
                    66:4d:ad:eb:44:b7:77:4e:d3:91:5d:be:5d:cb:55:
                    54:48:9a:97:0e:fa:c2:6f:85:a8:c6:1c:9f:8a:94:
                    05:68:11:38:73:26:c5:d7:5f:88:7c:3c:a1:b8:d6:
                    ff:4d:23:84:6e:24:f3:f8:ab:2c:65:80:0e:05:26:
                    e0:f0:ef:05:04:f5:59:2c:1e:1a:cb:2e:10:d3:0b:
                    a2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:C9:01:AD:B4:5F:55:6C:34:92:FA:1A:47:B9:B8:D7:D0:A1:ED:BB
            X509v3 Authority Key Identifier:
                keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/FMkBrbRfVWw0kvoaR7m419Ch7bs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.65.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:3e:12:5f:af:74:43:b6:d0:37:e3:67:25:1e:39:61:92:81:
         80:55:70:e3:d3:15:b3:7e:5c:73:76:50:a2:72:0a:b1:c6:d0:
         81:d0:d5:46:df:9f:26:c7:1d:71:3b:3f:fc:d9:89:61:7d:ea:
         67:8d:cc:7c:09:d7:58:83:7f:fe:7a:d9:27:b5:dd:53:7b:a1:
         ed:21:df:e6:98:0c:7c:2b:4b:db:61:20:5e:42:23:9a:45:55:
         08:ec:70:f8:68:c7:4b:95:97:ac:c8:66:9d:5d:c5:94:ec:49:
         80:32:dd:7c:9a:c1:76:c7:d2:48:8a:7e:47:03:4c:5c:a8:b2:
         17:6e:5d:8e:5f:74:21:2d:3c:aa:6a:39:f9:3a:84:d5:3d:b6:
         28:b8:96:1c:f2:78:28:91:22:64:49:cd:19:c5:2a:1b:8e:ea:
         31:3f:a6:44:86:82:5a:83:d1:36:2a:be:af:12:51:8a:80:b0:
         1f:f6:b4:1a:10:7e:b8:a7:54:c8:ef:45:df:9e:96:bf:73:eb:
         ca:f0:b2:f7:cf:86:d3:4b:0d:c8:5d:87:db:af:03:9a:6c:21:
         8f:d4:46:b1:78:43:bf:90:26:0c:40:b3:cd:eb:17:e3:43:a2:
         b0:68:36:ad:76:91:7f:7c:61:88:58:4d:bd:22:4b:ba:1b:95:
         5d:ce:1c:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw1ANAR0Haq1jEZZzRveiHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMxMjA0MTMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGM5MDFhZGI0NWY1NTZjMzQ5MmZhMWE0N2I5YjhkN2QwYTFlZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve4rGrDadez7vk397B3LJJVfsReG
WcyF6BnFy9BUabOwY/7Ka6f3yBwGTG576KrXbnicw92MzGxXObcTVidg1SczlNOR
yMSYMWJpkuFhatBbPPLocckmIS60QzKc2ISrJvf8x6m2Dk2SKv8GJBCY3iuGXGVw
pMwvFPVO04TK4jieNWm4ij7YyyXWiqjedvx/T9AAAv5LdNkjg+JhWSIKzsCLIyBQ
uUG297KxpN26XkJp/NhmTa3rRLd3TtORXb5dy1VUSJqXDvrCb4WoxhyfipQFaBE4
cybF11+IfDyhuNb/TSOEbiTz+KssZYAOBSbg8O8FBPVZLB4ayy4Q0wuibwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTJAa20X1VsNJL6Gke5uNfQoe27MB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvRk1rQnJiUmZWV3cwa3ZvYVI3bTQxOUNoN2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUHKMA0G
CSqGSIb3DQEBCwUAA4IBAQBNPhJfr3RDttA342clHjlhkoGAVXDj0xWzflxzdlCi
cgqxxtCB0NVG358mxx1xOz/82Ylhfepnjcx8CddYg3/+etkntd1Te6HtId/mmAx8
K0vbYSBeQiOaRVUI7HD4aMdLlZesyGadXcWU7EmAMt18msF2x9JIin5HA0xcqLIX
bl2OX3QhLTyqajn5OoTVPbYouJYc8ngokSJkSc0ZxSobjuoxP6ZEhoJag9E2Kr6v
ElGKgLAf9rQaEH64p1TI70Xfnpa/c+vK8LL3z4bTSw3IXYfbrwOabCGP1EaxeEO/
kCYMQLPN6xfjQ6KwaDatdpF/fGGIWE29Iku6G5VdzhxY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:35 2024 by rpki-client on console-fra.rpki-client.org