Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e5dfe6-18bb-48a5-8622-59207d8420d0/1/jfZI3OyMnzYPxBFmJJKyeA3-RkQ.roa
File:                     jfZI3OyMnzYPxBFmJJKyeA3-RkQ.roa (raw, json)
Hash identifier:          WTnyOTzDyF9EETDPgi+Nd7b7aMCmPgQQrpeba3dk6MY=
Subject key identifier:   8D:F6:48:DC:EC:8C:9F:36:0F:C4:11:66:24:92:B2:78:0D:FE:46:44
Certificate issuer:       /CN=6f3c9c76e2afc73ccedbc9e0292ffb99f65e7352
Certificate serial:       0189D3ED68F82D769F0907FD1C1DCF93F2D6
Authority key identifier: 6F:3C:9C:76:E2:AF:C7:3C:CE:DB:C9:E0:29:2F:FB:99:F6:5E:73:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bzycduKvxzzO28ngKS_7mfZec1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e5dfe6-18bb-48a5-8622-59207d8420d0/1/jfZI3OyMnzYPxBFmJJKyeA3-RkQ.roa
Signing time:             Tue 08 Aug 2023 06:54:58 +0000
ROA not before:           Tue 08 Aug 2023 06:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203730
IP address blocks:        185.106.116.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d3:ed:68:f8:2d:76:9f:09:07:fd:1c:1d:cf:93:f2:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f3c9c76e2afc73ccedbc9e0292ffb99f65e7352
        Validity
            Not Before: Aug  8 06:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8df648dcec8c9f360fc411662492b2780dfe4644
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:fa:f5:68:3d:0f:dc:c0:28:14:0e:1d:b6:29:
                    ee:84:0b:e3:64:1c:98:cb:fb:27:fd:8b:8a:57:43:
                    8d:cf:f0:39:d0:bf:0a:c6:96:31:eb:16:bd:95:93:
                    c3:15:e1:4f:db:ee:2a:bf:cc:9a:40:51:76:58:e0:
                    98:3a:07:dc:62:d3:9b:aa:f4:82:f1:4b:22:99:e5:
                    b6:ba:26:01:40:32:93:61:fe:38:ac:ef:e9:ef:74:
                    0d:8e:9e:e8:00:61:3c:d3:08:d9:6c:fd:63:a5:35:
                    48:d0:1b:61:b8:03:0e:15:34:6b:78:42:cd:c7:1c:
                    43:27:c7:ad:a6:63:88:cb:b2:42:a9:66:50:d0:f3:
                    80:7c:15:9f:9e:bc:66:e9:b0:73:d2:ed:ba:7c:b7:
                    ac:10:54:46:70:7a:a0:31:78:b2:03:be:a7:da:3a:
                    8f:0a:ab:6c:c4:50:b1:c2:3d:dd:0b:bc:90:b8:9d:
                    b7:19:59:d8:1b:12:9e:10:98:1e:dd:2b:e3:fe:08:
                    e9:97:8c:4e:3c:2d:b7:f4:33:a9:a0:8e:65:9f:0a:
                    0e:cc:fd:36:7e:73:34:b0:5c:6a:45:0a:81:13:8b:
                    c3:f4:af:8b:17:44:60:80:bc:35:3b:2e:2f:7e:98:
                    00:dc:43:bc:bf:4e:70:ea:8c:f6:71:3f:cd:95:b1:
                    ab:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:F6:48:DC:EC:8C:9F:36:0F:C4:11:66:24:92:B2:78:0D:FE:46:44
            X509v3 Authority Key Identifier:
                keyid:6F:3C:9C:76:E2:AF:C7:3C:CE:DB:C9:E0:29:2F:FB:99:F6:5E:73:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzycduKvxzzO28ngKS_7mfZec1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e5dfe6-18bb-48a5-8622-59207d8420d0/1/jfZI3OyMnzYPxBFmJJKyeA3-RkQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e5dfe6-18bb-48a5-8622-59207d8420d0/1/bzycduKvxzzO28ngKS_7mfZec1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.106.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7e:da:f5:80:2e:f9:4d:eb:6e:6b:c9:c9:3d:da:1d:b9:cb:5a:
         54:08:6f:a0:c1:82:90:f0:f8:c1:ff:1a:15:c3:af:b4:c1:93:
         05:61:ae:8d:9a:b9:a0:14:27:58:42:39:6a:dc:7d:1f:70:53:
         2c:00:89:83:06:fc:a5:5f:4f:28:55:d9:c1:71:6f:4c:65:07:
         6d:8c:44:99:71:27:66:5a:c6:02:69:cb:f4:18:e4:df:dd:a9:
         5f:bd:e7:d9:57:82:0c:85:c4:83:76:54:9a:08:1b:fd:91:dc:
         73:d3:86:1c:4e:cf:e0:c7:e1:30:88:69:f3:b3:56:e6:cc:51:
         c5:16:92:65:04:d6:7b:7b:06:c1:16:f2:08:99:34:7f:19:d1:
         aa:16:a1:23:f2:a9:45:a5:66:5e:56:8a:66:01:86:83:d7:d4:
         26:19:3d:44:38:da:41:43:af:a4:85:3f:4d:cf:a9:58:1c:99:
         5e:63:e8:15:7c:69:10:92:9b:d8:60:be:2e:4b:8f:41:3b:c6:
         6c:b3:f0:1c:1b:e4:e2:e3:65:8f:46:41:d5:43:3c:3d:bf:8a:
         fe:73:ac:fa:00:01:34:34:cf:96:d5:64:7b:a7:b4:3a:c4:77:
         09:76:9b:af:40:61:d2:db:2c:e8:81:87:39:64:4d:c3:21:79:
         be:3e:51:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnT7Wj4LXafCQf9HB3Pk/LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmM2M5Yzc2ZTJhZmM3M2NjZWRiYzllMDI5MmZmYjk5ZjY1
ZTczNTIwHhcNMjMwODA4MDY1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY2NDhkY2VjOGM5ZjM2MGZjNDExNjYyNDkyYjI3ODBkZmU0NjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/r1aD0P3MAoFA4dtinuhAvjZByY
y/sn/YuKV0ONz/A50L8KxpYx6xa9lZPDFeFP2+4qv8yaQFF2WOCYOgfcYtObqvSC
8UsimeW2uiYBQDKTYf44rO/p73QNjp7oAGE80wjZbP1jpTVI0BthuAMOFTRreELN
xxxDJ8etpmOIy7JCqWZQ0POAfBWfnrxm6bBz0u26fLesEFRGcHqgMXiyA76n2jqP
CqtsxFCxwj3dC7yQuJ23GVnYGxKeEJge3Svj/gjpl4xOPC239DOpoI5lnwoOzP02
fnM0sFxqRQqBE4vD9K+LF0RggLw1Oy4vfpgA3EO8v05w6oz2cT/NlbGrEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI32SNzsjJ82D8QRZiSSsngN/kZEMB8GA1UdIwQY
MBaAFG88nHbir8c8ztvJ4Ckv+5n2XnNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnp5Y2R1S3Z4enpPMjhuZ0tTXzdtZlplYzFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNWRmZTYtMThiYi00OGE1LTg2MjIt
NTkyMDdkODQyMGQwLzEvamZaSTNPeU1uellQeEJGbUpKS3llQTMtUmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNWRmZTYtMThiYi00OGE1LTg2MjItNTkyMDdkODQyMGQw
LzEvYnp5Y2R1S3Z4enpPMjhuZ0tTXzdtZlplYzFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWp0MA0G
CSqGSIb3DQEBCwUAA4IBAQB+2vWALvlN625ryck92h25y1pUCG+gwYKQ8PjB/xoV
w6+0wZMFYa6NmrmgFCdYQjlq3H0fcFMsAImDBvylX08oVdnBcW9MZQdtjESZcSdm
WsYCacv0GOTf3alfvefZV4IMhcSDdlSaCBv9kdxz04YcTs/gx+EwiGnzs1bmzFHF
FpJlBNZ7ewbBFvIImTR/GdGqFqEj8qlFpWZeVopmAYaD19QmGT1EONpBQ6+khT9N
z6lYHJleY+gVfGkQkpvYYL4uS49BO8Zss/AcG+Ti42WPRkHVQzw9v4r+c6z6AAE0
NM+W1WR7p7Q6xHcJdpuvQGHS2yzogYc5ZE3DIXm+PlEJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:56 2024 by rpki-client on console-fra.rpki-client.org