Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/f92871-0d3a-4d87-afdc-071b991af01f/1/Ftp1jhxWP8lYnVS0rQU1M4AHZnY.roa
File:                     Ftp1jhxWP8lYnVS0rQU1M4AHZnY.roa (raw, json)
Hash identifier:          IIUAvCgkef5y28A3ZYcza7dtLr03kqjtvaZ8Z6zQKhU=
Subject key identifier:   16:DA:75:8E:1C:56:3F:C9:58:9D:54:B4:AD:05:35:33:80:07:66:76
Certificate issuer:       /CN=4c71b147eb8737abcc335f8020951b25ff2656a6
Certificate serial:       01856FA6E746D222BB8512CA421A196AC71D
Authority key identifier: 4C:71:B1:47:EB:87:37:AB:CC:33:5F:80:20:95:1B:25:FF:26:56:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/THGxR-uHN6vMM1-AIJUbJf8mVqY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/f92871-0d3a-4d87-afdc-071b991af01f/1/Ftp1jhxWP8lYnVS0rQU1M4AHZnY.roa
Signing time:             Sun 01 Jan 2023 23:24:46 +0000
ROA not before:           Sun 01 Jan 2023 23:24:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43766
IP address blocks:        82.197.52.0/27 maxlen: 27
                          82.197.52.32/27 maxlen: 27
                          82.197.52.128/27 maxlen: 27

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a6:e7:46:d2:22:bb:85:12:ca:42:1a:19:6a:c7:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c71b147eb8737abcc335f8020951b25ff2656a6
        Validity
            Not Before: Jan  1 23:24:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16da758e1c563fc9589d54b4ad05353380076676
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:6b:72:46:6d:af:8f:3e:8d:85:60:3a:85:cf:
                    5c:29:63:3c:52:71:e4:94:f2:64:0d:50:78:b6:dd:
                    2e:b2:9e:c9:64:23:03:50:58:12:c8:aa:a1:87:e3:
                    2b:f5:81:d9:42:0b:55:dd:1b:d0:28:77:9d:d9:66:
                    33:1d:e3:92:19:d7:5a:53:fd:86:26:bb:fe:89:a4:
                    59:ea:90:d4:03:25:e8:81:4f:76:41:fe:d2:57:ed:
                    be:8b:54:a4:27:0a:59:52:2a:b6:a1:d0:3e:41:85:
                    6d:c8:75:1a:92:78:c5:ec:eb:b0:d5:ea:60:e9:d2:
                    7e:16:7b:17:95:b8:c0:a3:06:ff:90:70:92:3c:bf:
                    75:ac:04:94:f9:5c:36:fc:bb:83:22:d4:15:59:22:
                    98:43:78:e7:09:63:6a:80:e5:ab:b0:31:6f:40:c4:
                    20:5d:38:66:3e:66:ad:6c:7d:7e:51:94:cf:aa:f7:
                    3c:56:e3:b1:4e:f2:cf:cc:d1:53:0f:45:85:96:e6:
                    f9:e8:7c:cb:dd:7d:5b:4d:f9:be:ed:e2:bd:50:ff:
                    de:e3:6a:95:55:81:d9:29:1b:45:d6:92:d3:48:50:
                    21:2f:0a:79:b0:73:f0:4c:37:a0:08:75:dd:75:8e:
                    3b:58:a7:15:6f:02:cc:70:08:46:a8:4d:f1:dd:13:
                    9c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:DA:75:8E:1C:56:3F:C9:58:9D:54:B4:AD:05:35:33:80:07:66:76
            X509v3 Authority Key Identifier:
                keyid:4C:71:B1:47:EB:87:37:AB:CC:33:5F:80:20:95:1B:25:FF:26:56:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THGxR-uHN6vMM1-AIJUbJf8mVqY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f92871-0d3a-4d87-afdc-071b991af01f/1/Ftp1jhxWP8lYnVS0rQU1M4AHZnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f92871-0d3a-4d87-afdc-071b991af01f/1/THGxR-uHN6vMM1-AIJUbJf8mVqY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.197.52.0/26
                  82.197.52.128/27

    Signature Algorithm: sha256WithRSAEncryption
         36:60:2a:ff:30:7f:6e:62:98:dc:c3:4f:f9:94:84:28:66:ed:
         f3:45:2f:eb:b0:ac:09:59:18:f4:d9:92:58:0d:2c:04:3d:24:
         af:1f:df:5e:69:16:13:5a:fd:87:27:ea:3d:ed:a2:3e:99:e1:
         cd:73:60:27:58:ef:62:2d:8c:a1:b7:e5:27:25:3c:d0:20:4b:
         4a:24:f5:cb:2f:58:94:02:9f:20:96:50:6d:55:81:6e:f8:a6:
         ab:d8:7f:a6:e5:6f:42:56:d6:84:f4:32:ed:70:ba:e5:63:25:
         4d:39:c9:1c:c8:ba:12:a0:6c:0e:37:1d:8c:6a:8a:4f:ad:4c:
         ca:f9:dc:6f:e5:2f:8b:79:10:2a:c4:e6:6b:56:24:eb:c5:b5:
         18:f6:66:3c:9d:b7:7d:ca:05:5b:c4:ef:2e:07:c3:aa:7c:97:
         54:4a:6f:80:30:78:e8:24:12:ab:37:0e:33:53:b0:4b:c8:86:
         91:46:d0:43:38:18:49:99:f0:16:fb:8b:61:c1:3e:d7:3f:77:
         6c:30:e2:fb:0b:04:ba:c5:d4:5f:c0:ac:83:9e:60:6e:ca:30:
         5a:3e:9f:b0:86:fc:77:3e:11:03:78:e0:41:92:bc:00:7c:70:
         2b:e9:e7:6b:fd:30:f8:7d:50:7a:49:64:fa:38:ae:f8:1c:8b:
         f9:45:0c:b6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvpudG0iK7hRLKQhoZascdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzFiMTQ3ZWI4NzM3YWJjYzMzNWY4MDIwOTUxYjI1ZmYy
NjU2YTYwHhcNMjMwMTAxMjMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmRhNzU4ZTFjNTYzZmM5NTg5ZDU0YjRhZDA1MzUzMzgwMDc2Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWtyRm2vjz6NhWA6hc9cKWM8UnHk
lPJkDVB4tt0usp7JZCMDUFgSyKqhh+Mr9YHZQgtV3RvQKHed2WYzHeOSGddaU/2G
Jrv+iaRZ6pDUAyXogU92Qf7SV+2+i1SkJwpZUiq2odA+QYVtyHUaknjF7Ouw1epg
6dJ+FnsXlbjAowb/kHCSPL91rASU+Vw2/LuDItQVWSKYQ3jnCWNqgOWrsDFvQMQg
XThmPmatbH1+UZTPqvc8VuOxTvLPzNFTD0WFlub56HzL3X1bTfm+7eK9UP/e42qV
VYHZKRtF1pLTSFAhLwp5sHPwTDegCHXddY47WKcVbwLMcAhGqE3x3ROcGwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBbadY4cVj/JWJ1UtK0FNTOAB2Z2MB8GA1UdIwQY
MBaAFExxsUfrhzerzDNfgCCVGyX/JlamMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhHeFItdUhONnZNTTEtQUlKVWJKZjhtVnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mOTI4NzEtMGQzYS00ZDg3LWFmZGMt
MDcxYjk5MWFmMDFmLzEvRnRwMWpoeFdQOGxZblZTMHJRVTFNNEFIWm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mOTI4NzEtMGQzYS00ZDg3LWFmZGMtMDcxYjk5MWFmMDFm
LzEvVEhHeFItdUhONnZNTTEtQUlKVWJKZjhtVnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUGUsU0AAMF
BVLFNIAwDQYJKoZIhvcNAQELBQADggEBADZgKv8wf25imNzDT/mUhChm7fNFL+uw
rAlZGPTZklgNLAQ9JK8f315pFhNa/Ycn6j3toj6Z4c1zYCdY72ItjKG35SclPNAg
S0ok9csvWJQCnyCWUG1VgW74pqvYf6blb0JW1oT0Mu1wuuVjJU05yRzIuhKgbA43
HYxqik+tTMr53G/lL4t5ECrE5mtWJOvFtRj2Zjydt33KBVvE7y4Hw6p8l1RKb4Aw
eOgkEqs3DjNTsEvIhpFG0EM4GEmZ8Bb7i2HBPtc/d2ww4vsLBLrF1F/ArIOeYG7K
MFo+n7CG/Hc+EQN44EGSvAB8cCvp52v9MPh9UHpJZPo4rvgci/lFDLY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:59 2024 by rpki-client on console-ams.rpki-client.org