Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/hp8gg0aHswjIxF7iznLC75mgE04.roa
File:                     hp8gg0aHswjIxF7iznLC75mgE04.roa (raw, json)
Hash identifier:          UFh5sGM5SGpO1PRxqv8pSPclCgfn5KoZ5lv/qwkg0h4=
Subject key identifier:   86:9F:20:83:46:87:B3:08:C8:C4:5E:E2:CE:72:C2:EF:99:A0:13:4E
Certificate issuer:       /CN=fc17cbccee36b24ecbd463f7d102abc4fe40e14d
Certificate serial:       01856DD40141F935BDDC8D0BF84760461C35
Authority key identifier: FC:17:CB:CC:EE:36:B2:4E:CB:D4:63:F7:D1:02:AB:C4:FE:40:E1:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_BfLzO42sk7L1GP30QKrxP5A4U0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/hp8gg0aHswjIxF7iznLC75mgE04.roa
Signing time:             Sun 01 Jan 2023 14:54:48 +0000
ROA not before:           Sun 01 Jan 2023 14:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204198
IP address blocks:        185.111.84.0/24 maxlen: 24
                          185.111.85.0/24 maxlen: 24
                          185.111.87.0/24 maxlen: 24
                          185.111.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:01:41:f9:35:bd:dc:8d:0b:f8:47:60:46:1c:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc17cbccee36b24ecbd463f7d102abc4fe40e14d
        Validity
            Not Before: Jan  1 14:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=869f20834687b308c8c45ee2ce72c2ef99a0134e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:4b:40:0d:5c:9b:54:0d:08:b7:ab:55:a0:e1:
                    d3:c9:1a:98:91:ac:10:86:8f:b6:ce:5b:59:d9:5a:
                    d1:71:9b:2a:56:7d:f7:26:92:15:f0:fc:ce:31:08:
                    30:40:c4:77:a9:ca:2a:6d:e1:14:67:16:f9:1d:58:
                    5c:36:1f:5c:99:cc:64:75:b9:3f:6b:29:fa:d0:eb:
                    c4:91:90:0b:03:11:ec:85:ea:ae:7d:73:af:cd:f2:
                    04:70:c7:56:bd:30:1e:1d:31:2f:a1:08:df:9b:2b:
                    aa:bc:8b:63:17:29:56:84:81:cb:2e:7c:ec:85:48:
                    29:25:ec:26:fc:5f:16:1b:af:5c:29:5d:7f:58:db:
                    72:ac:d5:c4:2d:d6:6c:62:17:dd:50:0b:c7:04:0c:
                    6b:ec:e0:53:b7:e0:51:2c:36:f2:fa:4e:af:fc:44:
                    55:3e:cf:16:20:ad:ba:a4:31:cb:3a:2c:64:c0:c0:
                    58:a1:07:a7:cf:5e:6f:fd:2e:48:55:f5:ca:20:83:
                    a3:62:50:bf:90:1d:b7:78:66:f1:47:16:5c:9b:18:
                    a9:0d:f1:21:59:11:86:0a:0e:b0:3c:a0:95:2f:b5:
                    0f:b4:a2:62:18:7b:57:06:f9:bc:41:e3:f1:73:9a:
                    7c:fa:4f:b6:45:c8:d0:cd:cb:83:f2:0b:2b:ae:20:
                    63:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:9F:20:83:46:87:B3:08:C8:C4:5E:E2:CE:72:C2:EF:99:A0:13:4E
            X509v3 Authority Key Identifier:
                keyid:FC:17:CB:CC:EE:36:B2:4E:CB:D4:63:F7:D1:02:AB:C4:FE:40:E1:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BfLzO42sk7L1GP30QKrxP5A4U0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/hp8gg0aHswjIxF7iznLC75mgE04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/_BfLzO42sk7L1GP30QKrxP5A4U0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.111.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:9d:37:a1:c2:2d:00:e9:f2:df:10:2e:53:41:b0:b1:d6:62:
         d6:01:6a:9c:f1:ca:bb:f6:c2:d7:e4:9c:b3:d1:87:29:91:bb:
         f2:70:0a:a0:b0:2d:ad:e7:cc:61:4d:f0:5f:a5:b3:4d:80:19:
         cb:3a:1d:c0:d3:8d:c0:50:af:d8:51:48:df:dc:10:f1:9d:a4:
         dd:ae:6e:05:a4:f2:9b:31:0e:0b:b6:02:1b:f0:3f:6e:96:25:
         b6:a2:21:7b:80:bc:b6:b3:dd:92:05:fc:c1:c1:a2:8b:aa:2e:
         f5:a0:20:e5:47:b7:01:3c:08:d3:d0:f0:6b:86:93:af:7e:24:
         ca:42:74:3e:b6:e4:d7:b5:d5:6a:54:88:1e:e5:e1:05:9a:03:
         39:0e:f4:11:dc:32:5c:b1:b7:33:38:8f:57:3c:0c:45:bb:a9:
         37:94:28:76:07:95:12:a7:aa:a6:20:5c:4b:a5:e1:cb:69:52:
         bb:34:48:2d:57:c2:1c:6a:f2:31:62:63:83:10:51:d1:41:8f:
         8e:e9:4e:4c:26:cc:38:89:4c:b2:b0:b1:4c:c1:54:50:1f:55:
         db:7d:68:4a:8b:92:68:76:8a:6a:1c:20:74:e7:cf:be:b1:31:
         49:db:b3:bc:31:e1:89:8d:68:20:a6:ad:81:49:99:7b:cb:ca:
         21:bc:ec:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1AFB+TW93I0L+EdgRhw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTdjYmNjZWUzNmIyNGVjYmQ0NjNmN2QxMDJhYmM0ZmU0
MGUxNGQwHhcNMjMwMTAxMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlmMjA4MzQ2ODdiMzA4YzhjNDVlZTJjZTcyYzJlZjk5YTAxMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEtADVybVA0It6tVoOHTyRqYkawQ
ho+2zltZ2VrRcZsqVn33JpIV8PzOMQgwQMR3qcoqbeEUZxb5HVhcNh9cmcxkdbk/
ayn60OvEkZALAxHshequfXOvzfIEcMdWvTAeHTEvoQjfmyuqvItjFylWhIHLLnzs
hUgpJewm/F8WG69cKV1/WNtyrNXELdZsYhfdUAvHBAxr7OBTt+BRLDby+k6v/ERV
Ps8WIK26pDHLOixkwMBYoQenz15v/S5IVfXKIIOjYlC/kB23eGbxRxZcmxipDfEh
WRGGCg6wPKCVL7UPtKJiGHtXBvm8QePxc5p8+k+2RcjQzcuD8gsrriBj5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIafIINGh7MIyMRe4s5ywu+ZoBNOMB8GA1UdIwQY
MBaAFPwXy8zuNrJOy9Rj99ECq8T+QOFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JmTHpPNDJzazdMMUdQMzBRS3J4UDVBNFUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83ZmQxMmYtYjA1NC00ZGQyLTlkODct
MTM2NTg3NWM3ZTg1LzEvaHA4Z2cwYUhzd2pJeEY3aXpuTEM3NW1nRTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83ZmQxMmYtYjA1NC00ZGQyLTlkODctMTM2NTg3NWM3ZTg1
LzEvX0JmTHpPNDJzazdMMUdQMzBRS3J4UDVBNFUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW9UMA0G
CSqGSIb3DQEBCwUAA4IBAQBwnTehwi0A6fLfEC5TQbCx1mLWAWqc8cq79sLX5Jyz
0YcpkbvycAqgsC2t58xhTfBfpbNNgBnLOh3A043AUK/YUUjf3BDxnaTdrm4FpPKb
MQ4LtgIb8D9uliW2oiF7gLy2s92SBfzBwaKLqi71oCDlR7cBPAjT0PBrhpOvfiTK
QnQ+tuTXtdVqVIge5eEFmgM5DvQR3DJcsbczOI9XPAxFu6k3lCh2B5USp6qmIFxL
peHLaVK7NEgtV8IcavIxYmODEFHRQY+O6U5MJsw4iUyysLFMwVRQH1XbfWhKi5Jo
dopqHCB058++sTFJ27O8MeGJjWggpq2BSZl7y8ohvOx1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:12 2024 by rpki-client on console-ams.rpki-client.org