Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/FxUbtoBHHJFHh1rjxlWefJqQzd4.roa
File:                     FxUbtoBHHJFHh1rjxlWefJqQzd4.roa (raw, json)
Hash identifier:          oou3zVQHUOxJX3ve8cBSBLzJOCd68/v5Grbr0NCv7dw=
Subject key identifier:   17:15:1B:B6:80:47:1C:91:47:87:5A:E3:C6:55:9E:7C:9A:90:CD:DE
Certificate issuer:       /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial:       018CC26D01BE2B1C26981FC04D282A575B6C
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/FxUbtoBHHJFHh1rjxlWefJqQzd4.roa
Signing time:             Mon 01 Jan 2024 00:29:32 +0000
ROA not before:           Mon 01 Jan 2024 00:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210906
IP address blocks:        209.35.99.0/24 maxlen: 24
                          193.36.76.0/24 maxlen: 24
                          194.29.67.0/24 maxlen: 24
                          194.29.70.0/24 maxlen: 24
                          194.29.80.0/24 maxlen: 24
                          193.200.96.0/23 maxlen: 23
                          89.32.204.0/24 maxlen: 24
                          89.47.34.0/24 maxlen: 24
                          86.104.215.0/24 maxlen: 24
                          89.33.83.0/24 maxlen: 24
                          194.26.149.0/24 maxlen: 24
                          86.104.227.0/24 maxlen: 24
                          162.218.158.0/24 maxlen: 24
                          162.218.157.0/24 maxlen: 24
                          212.102.116.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 May 2024 06:43:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:01:be:2b:1c:26:98:1f:c0:4d:28:2a:57:5b:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
        Validity
            Not Before: Jan  1 00:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=17151bb680471c9147875ae3c6559e7c9a90cdde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:dd:26:c3:c4:20:df:34:f1:c2:95:f3:fc:08:
                    69:9e:94:f5:69:0f:1e:6c:00:d5:50:72:65:68:12:
                    df:ef:03:40:b0:a5:8c:07:ea:60:35:34:30:c7:0e:
                    78:62:fb:02:3a:77:27:cc:9f:7d:a4:8e:27:a3:e3:
                    7d:14:17:02:80:df:d3:aa:94:67:89:35:81:5b:c7:
                    c3:c3:da:f9:f0:c6:5c:09:db:e2:ac:32:02:17:4a:
                    e0:5f:13:8a:cc:62:92:66:18:73:9c:93:93:e1:f8:
                    ef:f5:a6:c6:d2:74:fa:2d:de:ea:6a:3e:b9:23:d5:
                    d7:bd:df:ae:d5:4d:42:e3:4a:a3:81:60:f1:43:60:
                    96:65:86:34:ee:43:f6:1a:03:2d:2b:8f:2c:b2:96:
                    b5:52:78:77:54:45:fd:7c:8d:f4:02:bd:3d:55:56:
                    fa:0d:ae:0f:a2:6c:2a:5b:04:18:65:67:a6:2a:d3:
                    30:ac:80:79:79:7a:a4:62:55:db:89:99:bc:93:1f:
                    70:66:2e:e4:80:19:71:01:61:f5:c1:e7:b2:55:68:
                    a3:2e:f6:49:1c:df:10:ca:80:96:39:98:1f:70:b9:
                    ba:22:4b:61:12:cd:f7:25:d3:1b:65:17:70:23:fd:
                    af:3c:b0:ac:94:bd:a3:48:5a:14:e3:ba:05:a2:f0:
                    14:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:15:1B:B6:80:47:1C:91:47:87:5A:E3:C6:55:9E:7C:9A:90:CD:DE
            X509v3 Authority Key Identifier:
                keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/FxUbtoBHHJFHh1rjxlWefJqQzd4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.104.215.0/24
                  86.104.227.0/24
                  89.32.204.0/24
                  89.33.83.0/24
                  89.47.34.0/24
                  162.218.157.0-162.218.158.255
                  193.36.76.0/24
                  193.200.96.0/23
                  194.26.149.0/24
                  194.29.67.0/24
                  194.29.70.0/24
                  194.29.80.0/24
                  209.35.99.0/24
                  212.102.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:05:5f:49:c1:01:c4:76:3c:4b:1e:7a:9f:f6:25:37:08:cc:
         2d:eb:3a:d0:8b:80:cf:49:27:e5:ba:a8:c8:a6:a9:0f:75:7d:
         4c:da:7a:f0:bd:3f:af:c6:1f:24:4c:d9:3f:ac:c7:97:c8:88:
         4a:dc:b3:2b:72:42:95:e1:d4:47:01:1e:00:93:96:02:5d:a1:
         07:2f:28:6b:43:a8:f6:51:5d:08:6e:04:24:23:66:94:d8:b5:
         8a:e8:25:ed:1e:4d:f9:c4:c1:46:05:69:81:71:33:35:aa:14:
         8e:5b:47:98:61:e9:3a:99:73:17:24:57:57:3b:58:90:b9:70:
         74:4e:be:01:9e:06:07:1d:d8:ac:fd:af:db:a4:7a:b9:72:1b:
         5d:3d:c1:1f:c3:e1:41:a1:66:e3:9d:a9:f1:bb:90:1a:55:5b:
         7b:e3:17:22:0b:c5:52:68:a5:af:8d:ff:fa:f2:e2:bd:2d:09:
         05:2c:ad:d6:de:4a:34:fc:da:ad:0e:16:88:10:b4:49:f3:d8:
         b9:1a:ac:3c:d1:30:4e:7a:2b:20:30:20:33:ea:ec:5f:fc:43:
         3f:d3:3a:10:4e:2a:d1:5f:5a:39:24:ca:bc:23:f6:3d:45:9b:
         c9:92:6e:0c:5a:89:87:52:75:81:40:d9:d8:aa:ff:02:7b:fc:
         b3:92:be:78
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYzCbQG+KxwmmB/ATSgqV1tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzE1MWJiNjgwNDcxYzkxNDc4NzVhZTNjNjU1OWU3YzlhOTBjZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA190mw8Qg3zTxwpXz/AhpnpT1aQ8e
bADVUHJlaBLf7wNAsKWMB+pgNTQwxw54YvsCOncnzJ99pI4no+N9FBcCgN/TqpRn
iTWBW8fDw9r58MZcCdvirDICF0rgXxOKzGKSZhhznJOT4fjv9abG0nT6Ld7qaj65
I9XXvd+u1U1C40qjgWDxQ2CWZYY07kP2GgMtK48sspa1Unh3VEX9fI30Ar09VVb6
Da4PomwqWwQYZWemKtMwrIB5eXqkYlXbiZm8kx9wZi7kgBlxAWH1weeyVWijLvZJ
HN8QyoCWOZgfcLm6IkthEs33JdMbZRdwI/2vPLCslL2jSFoU47oFovAUOwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFBcVG7aARxyRR4da48ZVnnyakM3eMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvRnhVYnRvQkhISkZIaDFyanhsV2VmSnFRemQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAVmjXAwQA
VmjjAwQAWSDMAwQAWSFTAwQAWS8iMAwDBACi2p0DBACi2p4DBADBJEwDBAHByGAD
BADCGpUDBADCHUMDBADCHUYDBADCHVADBADRI2MDBADUZnQwDQYJKoZIhvcNAQEL
BQADggEBAJQFX0nBAcR2PEseep/2JTcIzC3rOtCLgM9JJ+W6qMimqQ91fUzaevC9
P6/GHyRM2T+sx5fIiErcsytyQpXh1EcBHgCTlgJdoQcvKGtDqPZRXQhuBCQjZpTY
tYroJe0eTfnEwUYFaYFxMzWqFI5bR5hh6TqZcxckV1c7WJC5cHROvgGeBgcd2Kz9
r9ukerlyG109wR/D4UGhZuOdqfG7kBpVW3vjFyILxVJopa+N//ry4r0tCQUsrdbe
SjT82q0OFogQtEnz2LkarDzRME56KyAwIDPq7F/8Qz/TOhBOKtFfWjkkyrwj9j1F
m8mSbgxaiYdSdYFA2diq/wJ7/LOSvng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:57 2024 by rpki-client on console-fra.rpki-client.org