Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/fRJqPqr5UEH2_0G-27KNxO3GGII.roa
File:                     fRJqPqr5UEH2_0G-27KNxO3GGII.roa (raw, json)
Hash identifier:          tWTF60MlXeFIN9G6oTanJJptnmtT9zdyW/sjzU22kUY=
Subject key identifier:   7D:12:6A:3E:AA:F9:50:41:F6:FF:41:BE:DB:B2:8D:C4:ED:C6:18:82
Certificate issuer:       /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial:       0191FE6308E8D4128084D9822BC61A45BC78
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/fRJqPqr5UEH2_0G-27KNxO3GGII.roa
Signing time:             Tue 17 Sep 2024 05:09:48 +0000
ROA not before:           Tue 17 Sep 2024 05:09:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5511
IP address blocks:        107.150.169.0/24 maxlen: 24
                          107.150.173.0/24 maxlen: 24
                          162.218.177.0/24 maxlen: 24
                          162.218.178.0/24 maxlen: 24
                          167.160.1.0/24 maxlen: 24
                          167.160.2.0/24 maxlen: 24
                          185.192.213.0/24 maxlen: 24
                          185.192.214.0/24 maxlen: 24
                          185.203.149.0/24 maxlen: 24
                          185.203.150.0/24 maxlen: 24
                          185.212.173.0/24 maxlen: 24
                          185.212.174.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 18 Oct 2024 06:15:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fe:63:08:e8:d4:12:80:84:d9:82:2b:c6:1a:45:bc:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
        Validity
            Not Before: Sep 17 05:09:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d126a3eaaf95041f6ff41bedbb28dc4edc61882
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:7e:71:2a:a7:57:90:32:34:29:71:88:8c:93:
                    d3:2d:27:53:6b:06:17:4a:af:15:12:43:5b:91:1b:
                    20:3e:6f:77:9b:78:84:2d:78:fd:0b:61:e8:b9:0d:
                    b3:e2:a3:37:f0:23:5f:5b:8b:85:70:7b:6f:72:7a:
                    d0:6a:bc:a7:f7:2d:9a:3b:f4:29:13:5d:94:56:cf:
                    8d:ae:35:cf:ec:d8:1c:34:13:a1:ab:46:f0:cd:1e:
                    4c:d0:75:e1:e7:0f:19:7b:2c:9c:97:18:15:44:ff:
                    82:18:b6:ac:d7:1f:ea:b6:bd:37:c7:35:64:9c:76:
                    71:d6:39:cb:88:5f:e1:f7:8f:b8:b0:12:1f:b9:11:
                    f8:da:5c:59:4e:9e:4d:51:4f:c8:57:2b:29:1b:fd:
                    71:8b:88:06:f0:15:3e:3c:af:28:b8:ed:bd:9e:98:
                    10:95:c1:27:22:5b:19:24:30:57:55:5c:bc:9a:59:
                    86:34:7a:a0:f6:55:31:4f:74:87:c4:23:24:1d:21:
                    04:ac:c0:5a:ee:60:a5:ab:90:9d:2f:7a:95:53:c1:
                    5e:68:c4:de:8c:d8:10:dd:1b:9f:ea:e3:77:a0:c2:
                    ff:fb:32:6e:7b:37:ea:d1:05:3b:c9:4b:1b:c1:16:
                    eb:e7:02:f8:90:1a:56:f2:d3:b2:d1:71:55:30:90:
                    ef:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:12:6A:3E:AA:F9:50:41:F6:FF:41:BE:DB:B2:8D:C4:ED:C6:18:82
            X509v3 Authority Key Identifier:
                keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/fRJqPqr5UEH2_0G-27KNxO3GGII.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.150.169.0/24
                  107.150.173.0/24
                  162.218.177.0-162.218.178.255
                  167.160.1.0-167.160.2.255
                  185.192.213.0-185.192.214.255
                  185.203.149.0-185.203.150.255
                  185.212.173.0-185.212.174.255

    Signature Algorithm: sha256WithRSAEncryption
         e5:b0:ec:9a:27:26:a4:6e:6a:f3:19:98:02:29:58:d0:02:02:
         71:15:12:8f:08:7e:46:ad:53:97:b1:0f:e3:b4:0a:1a:05:0d:
         a6:5c:c3:00:03:08:64:9a:29:f3:bd:1b:b2:4d:d4:0d:b3:24:
         7f:56:8d:a8:83:cb:91:c2:d0:34:43:e1:ed:b6:8c:2a:a2:94:
         83:43:6f:1a:09:58:5f:fb:bb:d6:67:ca:ba:01:11:45:80:fa:
         c7:8a:1e:45:9b:12:18:3a:58:ee:c6:92:31:a0:94:10:f2:aa:
         99:53:dc:7d:5e:d9:e9:ff:90:3a:ab:77:7e:f5:93:32:0c:cc:
         ea:47:2d:a2:fd:c1:b7:4a:40:01:4e:82:7a:6e:92:1a:35:3e:
         87:fe:3d:b5:fc:93:a9:61:ea:54:14:af:9f:61:3d:84:fe:e0:
         30:d4:0b:73:6a:7f:50:ad:9e:b2:a4:8b:29:1c:50:c7:5c:d4:
         1f:af:53:ec:ec:7e:fa:e4:a8:dc:92:96:4c:ea:96:b8:0f:fc:
         30:58:03:0c:d0:3a:1a:3e:73:19:52:8b:91:41:d3:c6:5a:b9:
         9c:0a:6f:5c:b7:9b:6b:21:3b:d4:2d:74:11:d9:1d:01:6c:e9:
         d3:21:49:3f:ba:46:60:06:3a:79:8f:e0:4d:38:e9:f4:82:ae:
         98:68:a8:99
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZH+Ywjo1BKAhNmCK8YaRbx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwOTE3MDUwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDEyNmEzZWFhZjk1MDQxZjZmZjQxYmVkYmIyOGRjNGVkYzYxODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo35xKqdXkDI0KXGIjJPTLSdTawYX
Sq8VEkNbkRsgPm93m3iELXj9C2HouQ2z4qM38CNfW4uFcHtvcnrQaryn9y2aO/Qp
E12UVs+NrjXP7NgcNBOhq0bwzR5M0HXh5w8ZeyyclxgVRP+CGLas1x/qtr03xzVk
nHZx1jnLiF/h94+4sBIfuRH42lxZTp5NUU/IVyspG/1xi4gG8BU+PK8ouO29npgQ
lcEnIlsZJDBXVVy8mlmGNHqg9lUxT3SHxCMkHSEErMBa7mClq5CdL3qVU8FeaMTe
jNgQ3Ruf6uN3oML/+zJuezfq0QU7yUsbwRbr5wL4kBpW8tOy0XFVMJDv/wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFH0Saj6q+VBB9v9BvtuyjcTtxhiCMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvZlJKcVBxcjVVRUgyXzBHLTI3S054TzNHR0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAa5apAwQA
a5atMAwDBACi2rEDBACi2rIwDAMEAKegAQMEAKegAjAMAwQAucDVAwQAucDWMAwD
BAC5y5UDBAC5y5YwDAMEALnUrQMEALnUrjANBgkqhkiG9w0BAQsFAAOCAQEA5bDs
micmpG5q8xmYAilY0AICcRUSjwh+Rq1Tl7EP47QKGgUNplzDAAMIZJop870bsk3U
DbMkf1aNqIPLkcLQNEPh7baMKqKUg0NvGglYX/u71mfKugERRYD6x4oeRZsSGDpY
7saSMaCUEPKqmVPcfV7Z6f+QOqt3fvWTMgzM6kctov3Bt0pAAU6Cem6SGjU+h/49
tfyTqWHqVBSvn2E9hP7gMNQLc2p/UK2esqSLKRxQx1zUH69T7Ox++uSo3JKWTOqW
uA/8MFgDDNA6Gj5zGVKLkUHTxlq5nApvXLebayE71C10EdkdAWzp0yFJP7pGYAY6
eY/gTTjp9IKumGiomQ==
-----END CERTIFICATE-----
Generated at Fri Oct 18 08:17:09 2024 by rpki-client on console-fra.rpki-client.org