Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/f-fFiDZqWfrRb7aWgkh6CRhRJPI.roa
File:                     f-fFiDZqWfrRb7aWgkh6CRhRJPI.roa (raw, json)
Hash identifier:          3b5kFNNwxoVTCItlDPz/v6MMeojqR2+OCHH9NHeqXQk=
Subject key identifier:   7F:E7:C5:88:36:6A:59:FA:D1:6F:B6:96:82:48:7A:09:18:51:24:F2
Certificate issuer:       /CN=9ae07c94a8a6af7a5d18f4eaaea79e26df932214
Certificate serial:       018572B40E6434297B9533A6273114497E85
Authority key identifier: 9A:E0:7C:94:A8:A6:AF:7A:5D:18:F4:EA:AE:A7:9E:26:DF:93:22:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/muB8lKimr3pdGPTqrqeeJt-TIhQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/f-fFiDZqWfrRb7aWgkh6CRhRJPI.roa
Signing time:             Mon 02 Jan 2023 13:38:00 +0000
ROA not before:           Mon 02 Jan 2023 13:38:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8462
IP address blocks:        193.218.98.0/24 maxlen: 24
                          77.110.160.0/19 maxlen: 19
                          195.128.232.0/23 maxlen: 23
                          77.110.128.0/19 maxlen: 19
                          185.187.248.0/22 maxlen: 22
                          185.166.136.0/22 maxlen: 22
                          95.168.64.0/19 maxlen: 19
                          185.195.52.0/22 maxlen: 22
                          193.151.116.0/22 maxlen: 22
                          91.146.128.0/18 maxlen: 18
                          185.235.112.0/22 maxlen: 22
                          212.16.128.0/19 maxlen: 19
                          95.168.32.0/19 maxlen: 19
                          185.166.132.0/22 maxlen: 22
                          185.170.84.0/22 maxlen: 22
                          46.249.128.0/19 maxlen: 19
                          194.37.88.0/22 maxlen: 22
                          77.111.128.0/18 maxlen: 18
                          185.172.44.0/22 maxlen: 22
                          185.165.108.0/22 maxlen: 22
                          193.227.196.0/22 maxlen: 22
                          79.121.104.0/21 maxlen: 21
                          185.3.136.0/22 maxlen: 22
                          79.121.112.0/21 maxlen: 21
                          2a01:5d0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:34:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:b4:0e:64:34:29:7b:95:33:a6:27:31:14:49:7e:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ae07c94a8a6af7a5d18f4eaaea79e26df932214
        Validity
            Not Before: Jan  2 13:38:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7fe7c588366a59fad16fb69682487a09185124f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:3d:9a:13:89:3d:76:4c:e5:0b:52:d0:47:03:
                    9a:02:8f:c5:69:d8:d1:0f:8e:be:86:50:5d:e5:be:
                    62:49:86:0d:f4:02:11:a7:3d:b1:54:c6:20:65:f0:
                    45:d9:cc:77:48:4e:1e:04:63:b9:48:18:26:9b:97:
                    bd:97:e1:23:d4:7e:6e:1b:5e:d1:57:e0:a3:22:60:
                    46:4a:bf:7d:b3:29:c0:49:ca:60:d4:a4:36:d9:ab:
                    93:fd:93:3a:f5:92:61:8a:2b:f5:de:24:04:76:f8:
                    9d:ed:71:6c:f3:12:c5:be:52:af:96:25:40:d0:ad:
                    67:c5:1b:d2:d8:d7:bc:4a:50:45:f3:85:a7:a9:78:
                    a5:e3:43:b2:b5:ce:a3:12:bb:93:e0:f1:7a:51:18:
                    3e:13:4c:8f:aa:1b:53:24:e7:88:e3:d6:d9:ec:21:
                    78:07:bc:08:0b:01:b4:d1:48:2d:20:d5:c1:4e:d7:
                    2c:f6:16:ae:17:52:d0:76:63:55:3d:e3:95:0f:1d:
                    8a:4c:6c:d2:e0:be:90:48:8a:c8:fd:60:ae:c2:c7:
                    ee:af:95:ee:19:a3:55:74:ab:1a:f5:4f:62:7f:2f:
                    63:2b:4a:e5:fd:e3:70:ed:c2:9b:42:73:c1:bb:cd:
                    8b:60:0c:42:24:8a:3e:92:71:9a:07:62:23:ff:7f:
                    1f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:E7:C5:88:36:6A:59:FA:D1:6F:B6:96:82:48:7A:09:18:51:24:F2
            X509v3 Authority Key Identifier:
                keyid:9A:E0:7C:94:A8:A6:AF:7A:5D:18:F4:EA:AE:A7:9E:26:DF:93:22:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/muB8lKimr3pdGPTqrqeeJt-TIhQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/f-fFiDZqWfrRb7aWgkh6CRhRJPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/muB8lKimr3pdGPTqrqeeJt-TIhQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.249.128.0/19
                  77.110.128.0/18
                  77.111.128.0/18
                  79.121.104.0-79.121.119.255
                  91.146.128.0/18
                  95.168.32.0-95.168.95.255
                  185.3.136.0/22
                  185.165.108.0/22
                  185.166.132.0-185.166.139.255
                  185.170.84.0/22
                  185.172.44.0/22
                  185.187.248.0/22
                  185.195.52.0/22
                  185.235.112.0/22
                  193.151.116.0/22
                  193.218.98.0/24
                  193.227.196.0/22
                  194.37.88.0/22
                  195.128.232.0/23
                  212.16.128.0/19
                IPv6:
                  2a01:5d0::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:f4:80:90:94:c7:0a:9b:98:47:39:13:f9:86:2f:59:26:db:
         86:b8:2a:e1:a7:d6:e2:74:f3:02:85:87:c6:73:af:81:d0:d4:
         b1:e5:b6:74:30:3b:9c:ea:4e:07:41:ad:10:66:33:00:b8:0d:
         57:fe:10:7c:39:3a:45:8f:94:b4:c4:f4:89:6b:84:cf:45:87:
         65:14:ae:d8:92:59:1d:a7:a3:c0:d6:ba:27:b9:77:45:08:f0:
         2f:57:1b:18:0a:eb:0f:20:7c:c6:03:fc:34:e4:d3:ce:48:49:
         c8:4a:54:42:94:db:4c:00:25:49:63:3f:89:7d:5c:22:9f:54:
         c1:93:23:ae:73:70:34:61:c6:97:6e:e3:c4:7b:88:23:c9:36:
         ae:a1:8b:db:b0:d1:5d:76:3c:02:3c:9a:d1:98:29:02:d4:7b:
         76:cc:5d:4e:f6:55:f8:80:06:85:ab:c9:10:ec:99:74:a7:c1:
         e9:91:53:32:7d:ca:f5:47:63:ff:05:74:b5:0f:60:91:4f:94:
         34:e1:42:5a:58:94:29:6e:12:ff:d2:b9:fc:9a:e4:83:33:21:
         bb:29:e3:4e:7f:c6:75:4c:9d:0f:57:d9:64:5b:d0:06:50:ce:
         3b:00:fa:28:ac:6e:c3:3e:d3:76:dd:bd:ce:17:88:42:6f:5e:
         a2:48:47:5e
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYVytA5kNCl7lTOmJzEUSX6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZTA3Yzk0YThhNmFmN2E1ZDE4ZjRlYWFlYTc5ZTI2ZGY5
MzIyMTQwHhcNMjMwMTAyMTMzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmU3YzU4ODM2NmE1OWZhZDE2ZmI2OTY4MjQ4N2EwOTE4NTEyNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD2aE4k9dkzlC1LQRwOaAo/FadjR
D46+hlBd5b5iSYYN9AIRpz2xVMYgZfBF2cx3SE4eBGO5SBgmm5e9l+Ej1H5uG17R
V+CjImBGSr99synAScpg1KQ22auT/ZM69ZJhiiv13iQEdvid7XFs8xLFvlKvliVA
0K1nxRvS2Ne8SlBF84WnqXil40Oytc6jEruT4PF6URg+E0yPqhtTJOeI49bZ7CF4
B7wICwG00UgtINXBTtcs9hauF1LQdmNVPeOVDx2KTGzS4L6QSIrI/WCuwsfur5Xu
GaNVdKsa9U9ify9jK0rl/eNw7cKbQnPBu82LYAxCJIo+knGaB2Ij/38fJwIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFH/nxYg2aln60W+2loJIegkYUSTyMB8GA1UdIwQY
MBaAFJrgfJSopq96XRj06q6nnibfkyIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXVCOGxLaW1yM3BkR1BUcXJxZWVKdC1USWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8zYThkZDAtMzg3NS00ZWIyLWI2MzMt
ZTI2NjVkNDQ3ZDMyLzEvZi1mRmlEWnFXZnJSYjdhV2draDZDUmhSSlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8zYThkZDAtMzg3NS00ZWIyLWI2MzMtZTI2NjVkNDQ3ZDMy
LzEvbXVCOGxLaW1yM3BkR1BUcXJxZWVKdC1USWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAUu
+YADBAZNboADBAZNb4AwDAMEA095aAMEA095cAMEBluSgDAMAwQFX6ggAwQFX6hA
AwQCuQOIAwQCuaVsMAwDBAK5poQDBAK5pogDBAK5qlQDBAK5rCwDBAK5u/gDBAK5
wzQDBAK563ADBALBl3QDBADB2mIDBALB48QDBALCJVgDBAHDgOgDBAXUEIAwDQQC
AAIwBwMFACoBBdAwDQYJKoZIhvcNAQELBQADggEBADv0gJCUxwqbmEc5E/mGL1km
24a4KuGn1uJ08wKFh8Zzr4HQ1LHltnQwO5zqTgdBrRBmMwC4DVf+EHw5OkWPlLTE
9IlrhM9Fh2UUrtiSWR2no8DWuie5d0UI8C9XGxgK6w8gfMYD/DTk085ISchKVEKU
20wAJUljP4l9XCKfVMGTI65zcDRhxpdu48R7iCPJNq6hi9uw0V12PAI8mtGYKQLU
e3bMXU72VfiABoWryRDsmXSnwemRUzJ9yvVHY/8FdLUPYJFPlDThQlpYlCluEv/S
ufya5IMzIbsp405/xnVMnQ9X2WRb0AZQzjsA+iisbsM+03bdvc4XiEJvXqJIR14=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:34 2024 by rpki-client on console-fra.rpki-client.org