Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8c97fe-3f8c-4db4-ab93-752d81cdda40/1/1iVJWVtgMEWAS1NeA5eVrHdfnHI.roa
File:                     1iVJWVtgMEWAS1NeA5eVrHdfnHI.roa (raw, json)
Hash identifier:          WImS41dLPm2C0h4DXBCVFlUfxuhoLZ5SlBSepsgq2NY=
Subject key identifier:   D6:25:49:59:5B:60:30:45:80:4B:53:5E:03:97:95:AC:77:5F:9C:72
Certificate issuer:       /CN=fbf43fe9fd3af2bcf4ba7a83f111e6559125f3fd
Certificate serial:       018DCB6843E2D80CC8EF57DD4A9C69E0DD5E
Authority key identifier: FB:F4:3F:E9:FD:3A:F2:BC:F4:BA:7A:83:F1:11:E6:55:91:25:F3:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-_Q_6f068rz0unqD8RHmVZEl8_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/8c97fe-3f8c-4db4-ab93-752d81cdda40/1/1iVJWVtgMEWAS1NeA5eVrHdfnHI.roa
Signing time:             Wed 21 Feb 2024 11:23:44 +0000
ROA not before:           Wed 21 Feb 2024 11:23:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215451
IP address blocks:        213.109.150.0/24 maxlen: 24
                          2a12:fdc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 13 May 2024 08:38:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:cb:68:43:e2:d8:0c:c8:ef:57:dd:4a:9c:69:e0:dd:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fbf43fe9fd3af2bcf4ba7a83f111e6559125f3fd
        Validity
            Not Before: Feb 21 11:23:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d62549595b603045804b535e039795ac775f9c72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c8:4f:0e:45:c1:b8:9c:03:07:b3:05:9d:77:
                    2a:35:70:cf:5d:16:03:4e:5e:bc:6e:95:80:82:4d:
                    0c:a0:4e:de:2b:3d:74:2e:ee:43:e0:15:43:be:f5:
                    2e:84:c6:4b:e3:ef:5e:c7:6e:c4:86:f6:88:7b:b4:
                    dc:c3:a2:f0:d1:8e:87:62:53:c2:05:a5:f5:a2:2c:
                    a1:ab:b3:27:ee:ca:a8:bd:2d:3a:f3:30:1c:61:97:
                    7d:c9:45:c4:4b:c5:a9:43:19:6d:54:c0:1b:48:40:
                    a7:93:9d:e2:3c:8d:03:71:1c:2b:29:8c:40:38:63:
                    27:53:34:ec:07:b8:33:a0:f1:3e:1b:73:13:0f:a7:
                    6c:85:f3:74:2d:55:a5:5f:a4:22:ad:15:78:33:05:
                    8d:df:b4:11:8a:8f:3b:7e:39:ac:db:3d:79:ab:2c:
                    32:bf:fc:27:71:6c:6a:8b:b3:0c:1d:43:bb:33:70:
                    c5:7a:6e:6a:ea:52:b0:c3:6a:66:7a:6f:b6:bd:d7:
                    95:d4:87:38:05:c2:fc:ad:4d:59:df:47:f1:2c:8d:
                    dd:f8:53:fe:04:45:1b:5d:a8:7c:7e:c8:93:5f:84:
                    f9:95:bf:36:d0:c0:a6:f0:57:a6:c3:62:93:7c:b1:
                    35:52:7c:c7:56:a4:84:2e:09:48:21:12:80:51:8a:
                    54:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:25:49:59:5B:60:30:45:80:4B:53:5E:03:97:95:AC:77:5F:9C:72
            X509v3 Authority Key Identifier:
                keyid:FB:F4:3F:E9:FD:3A:F2:BC:F4:BA:7A:83:F1:11:E6:55:91:25:F3:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_Q_6f068rz0unqD8RHmVZEl8_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8c97fe-3f8c-4db4-ab93-752d81cdda40/1/1iVJWVtgMEWAS1NeA5eVrHdfnHI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8c97fe-3f8c-4db4-ab93-752d81cdda40/1/1-_Q_6f068rz0unqD8RHmVZEl8_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.109.150.0/24
                IPv6:
                  2a12:fdc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         94:8b:61:aa:c7:4a:7f:82:05:cc:eb:d9:12:36:c8:23:17:71:
         f6:c8:14:e0:35:e1:91:2d:2a:dc:77:99:ae:c0:ef:f5:9f:be:
         dc:b2:ed:fe:0c:a8:7f:85:3b:5b:df:31:f1:5d:70:8a:67:ca:
         61:ce:81:e8:ce:7b:3b:50:42:f0:29:56:15:92:18:07:10:38:
         86:a9:0a:78:6f:54:ba:be:d0:c3:93:77:a6:2c:d4:43:6c:70:
         9a:65:6b:ae:c2:9e:4f:46:df:72:d9:e1:c5:bf:2f:6a:0a:7c:
         2a:b2:99:cc:58:9b:26:4d:e3:19:12:a6:fa:03:ac:f9:e0:ad:
         c2:a6:8a:13:52:c6:0b:10:03:47:50:92:6e:f3:78:35:ec:97:
         bb:a2:01:86:e9:e1:df:5d:67:bb:d0:3d:08:ac:f0:2c:63:d5:
         ce:41:29:69:f3:db:2d:db:2d:12:8d:7e:1e:82:9d:c9:2d:e6:
         9d:15:05:06:c1:9e:cf:39:3f:98:1f:a1:42:f6:c9:83:24:bc:
         0c:18:b8:27:4e:5f:41:18:ab:57:08:fe:4b:f8:af:2a:e4:5e:
         e2:5c:f5:c9:57:ed:d2:96:d0:0d:6d:4c:96:e5:f3:22:5a:74:
         ce:89:ff:4a:e2:ac:fe:0e:8a:7b:b4:72:bb:66:b5:df:5a:1d:
         39:ae:a2:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3LaEPi2AzI71fdSpxp4N1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjQzZmU5ZmQzYWYyYmNmNGJhN2E4M2YxMTFlNjU1OTEy
NWYzZmQwHhcNMjQwMjIxMTEyMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjI1NDk1OTViNjAzMDQ1ODA0YjUzNWUwMzk3OTVhYzc3NWY5YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8hPDkXBuJwDB7MFnXcqNXDPXRYD
Tl68bpWAgk0MoE7eKz10Lu5D4BVDvvUuhMZL4+9ex27EhvaIe7Tcw6Lw0Y6HYlPC
BaX1oiyhq7Mn7sqovS068zAcYZd9yUXES8WpQxltVMAbSECnk53iPI0DcRwrKYxA
OGMnUzTsB7gzoPE+G3MTD6dshfN0LVWlX6QirRV4MwWN37QRio87fjms2z15qywy
v/wncWxqi7MMHUO7M3DFem5q6lKww2pmem+2vdeV1Ic4BcL8rU1Z30fxLI3d+FP+
BEUbXah8fsiTX4T5lb820MCm8Femw2KTfLE1UnzHVqSELglIIRKAUYpUfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNYlSVlbYDBFgEtTXgOXlax3X5xyMB8GA1UdIwQY
MBaAFPv0P+n9OvK89Lp6g/ER5lWRJfP9MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fUV82ZjA2OHJ6MHVucUQ4UkhtVlpFbDhfMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYvOGM5N2ZlLTNmOGMtNGRiNC1hYjkz
LTc1MmQ4MWNkZGE0MC8xLzFpVkpXVnRnTUVXQVMxTmVBNWVWckhkZm5ISS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzYvOGM5N2ZlLTNmOGMtNGRiNC1hYjkzLTc1MmQ4MWNkZGE0
MC8xLzEtX1FfNmYwNjhyejB1bnFEOFJIbVZaRWw4XzAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBADVbZYw
DQQCAAIwBwMFAyoS/cAwDQYJKoZIhvcNAQELBQADggEBAJSLYarHSn+CBczr2RI2
yCMXcfbIFOA14ZEtKtx3ma7A7/Wfvtyy7f4MqH+FO1vfMfFdcIpnymHOgejOeztQ
QvApVhWSGAcQOIapCnhvVLq+0MOTd6Ys1ENscJpla67Cnk9G33LZ4cW/L2oKfCqy
mcxYmyZN4xkSpvoDrPngrcKmihNSxgsQA0dQkm7zeDXsl7uiAYbp4d9dZ7vQPQis
8Cxj1c5BKWnz2y3bLRKNfh6Cnckt5p0VBQbBns85P5gfoUL2yYMkvAwYuCdOX0EY
q1cI/kv4ryrkXuJc9clX7dKW0A1tTJbl8yJadM6J/0rirP4Oinu0crtmtd9aHTmu
oj4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:22 2024 by rpki-client on console-fra.rpki-client.org