Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ee71c6-1bae-4858-af3a-bc289dc17d20/1/rfXPLB3Jr4usqg96hmpuTYW_TiM.roa
File:                     rfXPLB3Jr4usqg96hmpuTYW_TiM.roa (raw, json)
Hash identifier:          FZ08VUWHonrA7ERfCUC8iztR+4jIW8IOba+arXhu3ug=
Subject key identifier:   AD:F5:CF:2C:1D:C9:AF:8B:AC:AA:0F:7A:86:6A:6E:4D:85:BF:4E:23
Certificate issuer:       /CN=4c07f69d602b7ebb7f6330d715c9ec3e5aba30fa
Certificate serial:       018A602BE71FDC11490C343F0B1930B66742
Authority key identifier: 4C:07:F6:9D:60:2B:7E:BB:7F:63:30:D7:15:C9:EC:3E:5A:BA:30:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TAf2nWArfrt_YzDXFcnsPlq6MPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/ee71c6-1bae-4858-af3a-bc289dc17d20/1/rfXPLB3Jr4usqg96hmpuTYW_TiM.roa
Signing time:             Mon 04 Sep 2023 12:30:04 +0000
ROA not before:           Mon 04 Sep 2023 12:30:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206423
IP address blocks:        185.156.252.0/22 maxlen: 23
                          2a07:a1c0::/29 maxlen: 48
                          2a13:6dc0::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:60:2b:e7:1f:dc:11:49:0c:34:3f:0b:19:30:b6:67:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c07f69d602b7ebb7f6330d715c9ec3e5aba30fa
        Validity
            Not Before: Sep  4 12:30:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=adf5cf2c1dc9af8bacaa0f7a866a6e4d85bf4e23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6d:41:f6:6e:ad:6f:01:60:67:3e:54:d5:c0:
                    d9:2c:45:3f:8c:7d:5b:c4:0a:63:71:36:6e:8f:34:
                    fa:d2:a4:b5:af:c7:03:7a:7e:32:11:aa:82:3e:b3:
                    8e:69:9e:46:4c:63:7e:8f:11:28:9b:3e:ca:85:8d:
                    ed:28:ed:27:94:87:bc:c2:5b:6d:fc:c9:e8:4d:ee:
                    b0:a0:09:46:c4:f0:e0:0d:d9:f8:e7:6d:a1:04:2e:
                    bf:74:30:b7:10:4a:1c:09:70:e2:29:ab:34:d7:27:
                    68:e7:97:60:29:8e:bc:db:46:78:66:19:d1:41:b6:
                    75:65:a1:69:3a:6a:1c:89:29:b2:fd:db:50:11:90:
                    5e:6b:b0:ff:73:5b:4b:ab:22:2b:13:d4:6f:d5:41:
                    33:05:75:03:d9:7f:98:b6:7f:49:d4:7a:56:e7:ac:
                    d1:eb:44:c2:59:50:e5:f8:9a:c6:c7:a0:9a:27:81:
                    b5:2a:84:5f:46:8a:3d:95:b9:ce:ad:5b:35:db:44:
                    dd:29:db:78:1d:3a:f4:78:95:8f:ab:39:55:1d:c8:
                    a0:ca:b9:f4:1a:75:d3:64:bb:5b:8f:b9:41:4f:a6:
                    4f:11:b6:51:fa:99:65:26:8b:c5:97:8f:df:5d:ab:
                    2b:0c:b1:99:c8:e9:4e:97:ef:9d:79:f2:ea:a0:fb:
                    67:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:F5:CF:2C:1D:C9:AF:8B:AC:AA:0F:7A:86:6A:6E:4D:85:BF:4E:23
            X509v3 Authority Key Identifier:
                keyid:4C:07:F6:9D:60:2B:7E:BB:7F:63:30:D7:15:C9:EC:3E:5A:BA:30:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAf2nWArfrt_YzDXFcnsPlq6MPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ee71c6-1bae-4858-af3a-bc289dc17d20/1/rfXPLB3Jr4usqg96hmpuTYW_TiM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ee71c6-1bae-4858-af3a-bc289dc17d20/1/TAf2nWArfrt_YzDXFcnsPlq6MPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.156.252.0/22
                IPv6:
                  2a07:a1c0::/29
                  2a13:6dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         71:75:0f:ec:f5:8f:f4:3a:a3:b7:66:45:14:ff:f5:f5:36:01:
         98:a9:fc:20:50:0f:23:e4:d6:4e:fb:04:01:cb:2a:1e:91:39:
         40:60:aa:c6:0d:b8:f0:e1:fe:ba:bf:e4:bf:bd:68:c8:e8:ee:
         69:91:11:ea:03:a7:0d:6e:af:80:dd:8d:46:b2:04:0c:e0:1f:
         92:04:0d:ed:86:e9:d1:af:cd:62:47:c3:8c:48:3b:77:7b:5d:
         7c:b9:51:b5:32:55:f3:8f:48:34:87:e0:5a:90:d7:84:20:2b:
         ae:60:d6:ab:1a:f2:77:29:39:3e:e6:e9:e1:24:ba:ff:58:31:
         7e:fa:fc:00:b9:c4:77:6b:c7:be:cd:aa:e8:91:36:57:28:31:
         67:cf:bc:8c:92:e7:ba:34:8e:a1:a0:b2:6c:a8:34:6d:08:fd:
         b9:1c:b8:46:67:82:b1:09:31:8d:8e:77:55:78:06:f9:f6:62:
         d2:b4:40:99:22:d3:5d:5c:83:a3:71:78:b5:07:d3:37:b3:ef:
         31:ca:35:fb:2d:4a:2b:50:6a:ce:70:53:67:3a:66:c0:58:c9:
         0e:57:73:24:f7:88:7a:ae:34:4a:55:1f:03:a5:96:de:95:4f:
         61:61:de:fc:f0:c3:2c:52:a5:b9:8f:98:d7:22:e6:d4:a0:5a:
         cf:0c:a7:0a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYpgK+cf3BFJDDQ/CxkwtmdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDdmNjlkNjAyYjdlYmI3ZjYzMzBkNzE1YzllYzNlNWFi
YTMwZmEwHhcNMjMwOTA0MTIzMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGY1Y2YyYzFkYzlhZjhiYWNhYTBmN2E4NjZhNmU0ZDg1YmY0ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm1B9m6tbwFgZz5U1cDZLEU/jH1b
xApjcTZujzT60qS1r8cDen4yEaqCPrOOaZ5GTGN+jxEomz7KhY3tKO0nlIe8wltt
/MnoTe6woAlGxPDgDdn4522hBC6/dDC3EEocCXDiKas01ydo55dgKY6820Z4ZhnR
QbZ1ZaFpOmociSmy/dtQEZBea7D/c1tLqyIrE9Rv1UEzBXUD2X+Ytn9J1HpW56zR
60TCWVDl+JrGx6CaJ4G1KoRfRoo9lbnOrVs120TdKdt4HTr0eJWPqzlVHcigyrn0
GnXTZLtbj7lBT6ZPEbZR+pllJovFl4/fXasrDLGZyOlOl++defLqoPtnNQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFK31zywdya+LrKoPeoZqbk2Fv04jMB8GA1UdIwQY
MBaAFEwH9p1gK367f2Mw1xXJ7D5aujD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFmMm5XQXJmcnRfWXpEWEZjbnNQbHE2TVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lZTcxYzYtMWJhZS00ODU4LWFmM2Et
YmMyODlkYzE3ZDIwLzEvcmZYUExCM0pyNHVzcWc5NmhtcHVUWVdfVGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lZTcxYzYtMWJhZS00ODU4LWFmM2EtYmMyODlkYzE3ZDIw
LzEvVEFmMm5XQXJmcnRfWXpEWEZjbnNQbHE2TVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuZz8MBQE
AgACMA4DBQMqB6HAAwUDKhNtwDANBgkqhkiG9w0BAQsFAAOCAQEAcXUP7PWP9Dqj
t2ZFFP/19TYBmKn8IFAPI+TWTvsEAcsqHpE5QGCqxg248OH+ur/kv71oyOjuaZER
6gOnDW6vgN2NRrIEDOAfkgQN7Ybp0a/NYkfDjEg7d3tdfLlRtTJV849INIfgWpDX
hCArrmDWqxrydyk5Pubp4SS6/1gxfvr8ALnEd2vHvs2q6JE2VygxZ8+8jJLnujSO
oaCybKg0bQj9uRy4RmeCsQkxjY53VXgG+fZi0rRAmSLTXVyDo3F4tQfTN7PvMco1
+y1KK1BqznBTZzpmwFjJDldzJPeIeq40SlUfA6WW3pVPYWHe/PDDLFKluY+Y1yLm
1KBazwynCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:42 2024 by rpki-client on console-ams.rpki-client.org