Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Afu8eqPD-92qKdIO2-GNyYuFJgA.roa
File:                     Afu8eqPD-92qKdIO2-GNyYuFJgA.roa (raw, json)
Hash identifier:          cfnGeKc40EPR4c7ZhPU9U+w1qeCWU30xWIx+8kiEL1E=
Subject key identifier:   01:FB:BC:7A:A3:C3:FB:DD:AA:29:D2:0E:DB:E1:8D:C9:8B:85:26:00
Certificate issuer:       /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial:       0187EA84EB052ADCACDE7092D162F1175F7E
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Afu8eqPD-92qKdIO2-GNyYuFJgA.roa
Signing time:             Fri 05 May 2023 06:06:32 +0000
ROA not before:           Fri 05 May 2023 06:06:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     54339
IP address blocks:        85.11.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 20:08:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ea:84:eb:05:2a:dc:ac:de:70:92:d1:62:f1:17:5f:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
        Validity
            Not Before: May  5 06:06:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=01fbbc7aa3c3fbddaa29d20edbe18dc98b852600
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:35:fa:a6:7d:73:ae:a0:8b:a8:ab:a7:f3:05:
                    9f:20:3a:59:15:db:5b:f9:82:0c:98:f6:44:7e:7b:
                    dd:6f:2a:1b:f0:06:dc:ca:4c:df:a7:89:6f:7b:a3:
                    f3:76:e0:9c:af:35:cd:bd:7c:cd:d3:12:43:9d:1d:
                    51:33:2d:44:76:f8:27:83:61:e4:b8:05:6a:51:a3:
                    89:9a:d1:bf:72:83:41:da:cb:c2:2f:35:2d:a6:0e:
                    8b:f7:3e:82:4a:3d:3a:a4:70:ef:ef:c3:1b:0a:3a:
                    6c:0e:27:c2:2a:88:70:a5:fc:11:d9:49:af:11:b4:
                    0f:ed:4e:99:0d:1c:0a:f8:39:81:c9:ac:df:a2:13:
                    fe:2a:eb:06:40:9d:dd:b9:cb:61:87:f1:09:f0:ee:
                    5a:87:ba:8e:05:f0:0e:b2:18:9b:b2:0b:39:33:af:
                    4a:31:ad:b8:82:7f:fc:e4:ab:a4:5a:6d:34:66:5f:
                    c5:a1:25:1e:42:4c:d8:3c:61:bc:3f:27:99:61:de:
                    2a:c3:84:9f:67:e6:2a:5a:c1:cf:c4:80:ef:91:40:
                    65:4b:15:01:3e:b1:44:6c:0b:8e:38:c9:6c:25:e8:
                    5c:39:c1:46:63:11:5e:af:d5:d3:61:fd:e5:f7:90:
                    2c:1c:8e:60:46:03:ae:d2:96:6c:ca:10:8d:27:d6:
                    bc:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:FB:BC:7A:A3:C3:FB:DD:AA:29:D2:0E:DB:E1:8D:C9:8B:85:26:00
            X509v3 Authority Key Identifier:
                keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Afu8eqPD-92qKdIO2-GNyYuFJgA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.11.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:b3:90:20:0d:4a:4a:ce:4b:3c:11:09:83:a0:13:e0:0f:3d:
         61:27:a7:c7:89:ea:39:d2:81:10:a9:1e:a0:d4:a2:31:64:13:
         61:8b:26:c0:f3:5c:13:38:9c:1b:5e:2a:af:f7:97:c9:4f:07:
         f8:6e:78:1d:41:71:1d:f0:cc:82:1a:d6:b5:c2:14:94:0a:1f:
         b8:d7:5e:61:29:3c:c9:47:68:e0:48:72:4d:c6:98:fe:32:94:
         85:68:ce:42:d0:48:e0:16:ce:00:01:d8:2a:f9:de:14:58:4b:
         91:e6:7c:98:41:cc:5f:3b:32:97:2d:04:3c:2d:9e:ae:7d:ab:
         58:56:0f:1e:d4:c6:a7:35:21:11:10:06:0a:31:42:f2:93:74:
         e7:d4:d6:a7:5c:91:43:8e:a6:28:99:e4:ab:8e:05:0f:4a:7e:
         1e:f3:89:34:a8:3b:fe:cd:8b:23:63:0b:cf:5e:ba:04:d1:4f:
         65:84:93:fb:70:03:2b:8d:57:eb:91:3e:bb:20:cd:11:02:23:
         18:77:ed:a7:4b:cb:dd:3f:38:c0:e7:77:6d:f4:3c:8d:39:25:
         41:1a:13:ab:56:0b:c0:38:93:27:88:56:e6:1a:ce:7b:29:ce:
         bb:36:c7:e4:28:76:61:fe:e5:39:26:41:dc:d5:29:a3:76:08:
         2f:09:d7:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfqhOsFKtys3nCS0WLxF19+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjMwNTA1MDYwNjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWZiYmM3YWEzYzNmYmRkYWEyOWQyMGVkYmUxOGRjOThiODUyNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTX6pn1zrqCLqKun8wWfIDpZFdtb
+YIMmPZEfnvdbyob8Abcykzfp4lve6PzduCcrzXNvXzN0xJDnR1RMy1Edvgng2Hk
uAVqUaOJmtG/coNB2svCLzUtpg6L9z6CSj06pHDv78MbCjpsDifCKohwpfwR2Umv
EbQP7U6ZDRwK+DmByazfohP+KusGQJ3ducthh/EJ8O5ah7qOBfAOshibsgs5M69K
Ma24gn/85KukWm00Zl/FoSUeQkzYPGG8PyeZYd4qw4SfZ+YqWsHPxIDvkUBlSxUB
PrFEbAuOOMlsJehcOcFGYxFer9XTYf3l95AsHI5gRgOu0pZsyhCNJ9a8GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAH7vHqjw/vdqinSDtvhjcmLhSYAMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvQWZ1OGVxUEQtOTJxS2RJTzItR055WXVGSmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVQunMA0G
CSqGSIb3DQEBCwUAA4IBAQBSs5AgDUpKzks8EQmDoBPgDz1hJ6fHieo50oEQqR6g
1KIxZBNhiybA81wTOJwbXiqv95fJTwf4bngdQXEd8MyCGta1whSUCh+4115hKTzJ
R2jgSHJNxpj+MpSFaM5C0EjgFs4AAdgq+d4UWEuR5nyYQcxfOzKXLQQ8LZ6ufatY
Vg8e1ManNSEREAYKMULyk3Tn1NanXJFDjqYomeSrjgUPSn4e84k0qDv+zYsjYwvP
XroE0U9lhJP7cAMrjVfrkT67IM0RAiMYd+2nS8vdPzjA53dt9DyNOSVBGhOrVgvA
OJMniFbmGs57Kc67NsfkKHZh/uU5JkHc1SmjdggvCdeQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:27 2024 by rpki-client on console-fra.rpki-client.org