Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/3d370c-3295-4306-98dc-f698b05ba971/1/L749Gq7pVPidKk4dHe_i7KMWp0c.roa
File:                     L749Gq7pVPidKk4dHe_i7KMWp0c.roa (raw, json)
Hash identifier:          sr5vEvD2NXb5RdBkSocy0gk+JT7QLL9PXBSctNmRHGk=
Subject key identifier:   2F:BE:3D:1A:AE:E9:54:F8:9D:2A:4E:1D:1D:EF:E2:EC:A3:16:A7:47
Certificate issuer:       /CN=fd818d93e68571f95c45ebc281598c7c98f32577
Certificate serial:       018571A7B72B84F430FD5BD0F393F9210390
Authority key identifier: FD:81:8D:93:E6:85:71:F9:5C:45:EB:C2:81:59:8C:7C:98:F3:25:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_YGNk-aFcflcRevCgVmMfJjzJXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/3d370c-3295-4306-98dc-f698b05ba971/1/L749Gq7pVPidKk4dHe_i7KMWp0c.roa
Signing time:             Mon 02 Jan 2023 08:44:54 +0000
ROA not before:           Mon 02 Jan 2023 08:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5602
IP address blocks:        194.28.116.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 21:59:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:b7:2b:84:f4:30:fd:5b:d0:f3:93:f9:21:03:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd818d93e68571f95c45ebc281598c7c98f32577
        Validity
            Not Before: Jan  2 08:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2fbe3d1aaee954f89d2a4e1d1defe2eca316a747
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:15:d7:9d:49:8d:0c:ff:f6:db:dd:01:77:f6:
                    03:3f:e2:a7:15:2b:4a:85:b8:60:3d:12:f4:f2:d9:
                    21:7a:d3:52:cd:dd:92:e9:74:e2:a6:0a:05:87:5d:
                    af:90:01:7f:83:67:bf:09:58:e3:d1:ec:57:01:c6:
                    a8:cc:ae:c9:6e:a9:4a:07:7d:13:87:a6:e1:ad:14:
                    c9:fd:72:ab:5d:54:3a:a2:d4:48:73:70:a0:9c:4e:
                    f3:c5:ca:c2:8a:f6:5b:3e:c9:3c:d5:17:73:f0:82:
                    c6:a0:39:93:c9:77:28:3f:90:b0:6d:30:60:07:fc:
                    cd:e5:71:d0:a9:a5:6d:9c:04:10:58:44:87:65:ca:
                    15:ae:e7:e8:10:e9:3a:ff:5e:29:da:2b:9a:2a:c4:
                    cf:b9:5f:12:a6:80:74:14:33:90:34:cb:fe:25:8e:
                    a9:5f:c3:fe:a0:71:32:47:8f:93:8c:93:67:87:b7:
                    83:9f:43:d0:85:c8:fb:f8:b5:03:f5:aa:5f:c3:52:
                    42:bc:60:b6:8c:4d:1e:10:98:e5:1f:da:9e:15:5c:
                    53:44:6e:6a:d8:a4:43:fb:54:e4:2a:48:b1:50:02:
                    c4:f8:38:39:26:c5:f0:53:03:00:ba:15:79:ce:39:
                    c6:44:ec:98:cc:bd:9a:59:69:ca:87:20:7f:e5:86:
                    db:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:BE:3D:1A:AE:E9:54:F8:9D:2A:4E:1D:1D:EF:E2:EC:A3:16:A7:47
            X509v3 Authority Key Identifier:
                keyid:FD:81:8D:93:E6:85:71:F9:5C:45:EB:C2:81:59:8C:7C:98:F3:25:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_YGNk-aFcflcRevCgVmMfJjzJXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3d370c-3295-4306-98dc-f698b05ba971/1/L749Gq7pVPidKk4dHe_i7KMWp0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3d370c-3295-4306-98dc-f698b05ba971/1/_YGNk-aFcflcRevCgVmMfJjzJXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.28.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:c7:30:bf:7f:42:41:24:8c:09:ef:c5:c3:6a:eb:27:4d:fa:
         1e:b2:10:13:93:28:e9:dd:f2:7f:29:2f:00:03:02:ff:a3:3b:
         41:9a:ab:07:20:76:ec:28:fd:6d:af:37:3c:07:f8:41:f4:84:
         52:8d:4e:8f:d8:89:fc:ea:47:7e:c0:a3:f5:4b:00:7d:86:da:
         7c:e4:12:e3:27:d2:df:02:b0:01:0e:55:1c:8f:c0:c0:7b:ea:
         a5:2f:63:f9:fe:1f:cb:12:f8:65:80:31:4d:8c:07:b7:0c:3f:
         84:7e:d2:34:86:67:97:a0:13:60:73:c9:39:1f:5b:6f:73:a2:
         a6:f0:a6:dc:4d:a5:ee:13:f4:12:ec:34:93:52:21:2d:77:0e:
         f2:bc:79:b6:7b:1d:01:c7:16:09:9d:35:c3:21:98:b4:e3:7a:
         f6:50:be:bf:da:7e:ea:50:2a:c9:b7:c5:f0:da:02:53:a7:a6:
         65:4d:92:d7:df:9d:18:a4:00:fa:fa:04:44:76:49:1c:b5:2b:
         31:b3:b6:e6:29:a1:80:13:e9:d2:e7:ed:b1:cd:e0:d0:6d:22:
         71:c3:b0:54:70:42:1c:dc:11:fb:4a:3c:1c:a4:6f:63:01:d0:
         7c:0a:6b:d2:80:b8:b5:29:d2:f4:8b:d3:39:3c:bb:1a:51:3c:
         24:f6:68:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7crhPQw/VvQ85P5IQOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkODE4ZDkzZTY4NTcxZjk1YzQ1ZWJjMjgxNTk4YzdjOThm
MzI1NzcwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmJlM2QxYWFlZTk1NGY4OWQyYTRlMWQxZGVmZTJlY2EzMTZhNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhXXnUmNDP/2290Bd/YDP+KnFStK
hbhgPRL08tkhetNSzd2S6XTipgoFh12vkAF/g2e/CVjj0exXAcaozK7JbqlKB30T
h6bhrRTJ/XKrXVQ6otRIc3CgnE7zxcrCivZbPsk81Rdz8ILGoDmTyXcoP5CwbTBg
B/zN5XHQqaVtnAQQWESHZcoVrufoEOk6/14p2iuaKsTPuV8SpoB0FDOQNMv+JY6p
X8P+oHEyR4+TjJNnh7eDn0PQhcj7+LUD9apfw1JCvGC2jE0eEJjlH9qeFVxTRG5q
2KRD+1TkKkixUALE+Dg5JsXwUwMAuhV5zjnGROyYzL2aWWnKhyB/5Ybb7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC++PRqu6VT4nSpOHR3v4uyjFqdHMB8GA1UdIwQY
MBaAFP2BjZPmhXH5XEXrwoFZjHyY8yV3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1lHTmstYUZjZmxjUmV2Q2dWbU1mSmp6SlhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8zZDM3MGMtMzI5NS00MzA2LTk4ZGMt
ZjY5OGIwNWJhOTcxLzEvTDc0OUdxN3BWUGlkS2s0ZEhlX2k3S01XcDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8zZDM3MGMtMzI5NS00MzA2LTk4ZGMtZjY5OGIwNWJhOTcx
LzEvX1lHTmstYUZjZmxjUmV2Q2dWbU1mSmp6SlhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwhx0MA0G
CSqGSIb3DQEBCwUAA4IBAQAjxzC/f0JBJIwJ78XDausnTfoeshATkyjp3fJ/KS8A
AwL/oztBmqsHIHbsKP1trzc8B/hB9IRSjU6P2In86kd+wKP1SwB9htp85BLjJ9Lf
ArABDlUcj8DAe+qlL2P5/h/LEvhlgDFNjAe3DD+EftI0hmeXoBNgc8k5H1tvc6Km
8KbcTaXuE/QS7DSTUiEtdw7yvHm2ex0BxxYJnTXDIZi043r2UL6/2n7qUCrJt8Xw
2gJTp6ZlTZLX350YpAD6+gREdkkctSsxs7bmKaGAE+nS5+2xzeDQbSJxw7BUcEIc
3BH7SjwcpG9jAdB8CmvSgLi1KdL0i9M5PLsaUTwk9mj8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:13 2024 by rpki-client on console-fra.rpki-client.org