Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/F3vjtCy9sfRZB3uh_DX0v4voD8Q.roa
File:                     F3vjtCy9sfRZB3uh_DX0v4voD8Q.roa (raw, json)
Hash identifier:          MDkEaULC0tXHpv/YeY8OnVc8hiQeFADc5EEankUIXs0=
Subject key identifier:   17:7B:E3:B4:2C:BD:B1:F4:59:07:7B:A1:FC:35:F4:BF:8B:E8:0F:C4
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       018CC348F4416BCBD7E406EA814013737A28
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/F3vjtCy9sfRZB3uh_DX0v4voD8Q.roa
Signing time:             Mon 01 Jan 2024 04:29:47 +0000
ROA not before:           Mon 01 Jan 2024 04:29:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210542
IP address blocks:        188.64.104.0/22 maxlen: 24
                          185.179.218.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 04 Feb 2024 15:21:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:f4:41:6b:cb:d7:e4:06:ea:81:40:13:73:7a:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 04:29:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=177be3b42cbdb1f459077ba1fc35f4bf8be80fc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d4:d4:51:51:be:79:76:4e:5b:b5:84:9b:3b:
                    07:7c:c2:0d:db:d5:b3:3e:a4:6b:12:c2:0d:e0:a1:
                    5c:f8:2f:e3:30:65:e4:3c:92:40:77:81:b2:ea:e9:
                    e7:16:af:08:60:28:83:a3:3c:64:ec:74:1d:02:45:
                    21:6b:26:99:ae:7d:07:5e:3a:ca:02:1c:16:9d:5e:
                    47:60:76:75:37:45:14:61:51:8e:ac:0e:ad:02:76:
                    7d:cb:c3:5d:41:dd:26:3a:2e:2a:5c:94:bb:27:b1:
                    7f:7a:60:d5:bb:e9:25:43:c3:57:43:12:e0:4f:f5:
                    e9:7a:60:88:d6:56:71:5d:95:bb:72:ab:a6:fa:0c:
                    c7:22:3b:4d:e8:9a:b3:62:da:99:1d:03:f2:28:d4:
                    d4:aa:6f:ed:f7:7a:68:5c:19:12:cf:5e:5a:4d:26:
                    05:2e:ee:1c:0a:25:fa:8d:ae:a8:31:9c:02:b5:4c:
                    c2:a8:4b:60:5f:d5:d9:12:3b:12:a3:8f:62:67:17:
                    2e:ec:e4:8f:1b:14:60:03:51:9b:2e:28:84:dd:f2:
                    8f:e7:69:14:a2:ce:2b:01:9a:ff:d7:2f:1f:5a:fe:
                    ff:56:b8:8d:9a:92:64:48:08:aa:fe:ac:ef:08:24:
                    9c:f0:10:e4:a3:9d:99:01:80:fd:31:2b:ad:1e:14:
                    86:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:7B:E3:B4:2C:BD:B1:F4:59:07:7B:A1:FC:35:F4:BF:8B:E8:0F:C4
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/F3vjtCy9sfRZB3uh_DX0v4voD8Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.179.218.0/23
                  188.64.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:35:bd:d6:ae:b8:af:2f:64:ce:5f:31:2b:c5:e5:31:46:c6:
         e3:5e:85:c5:2d:65:1c:36:d8:a7:63:d1:f4:cb:6e:af:8f:9a:
         1a:41:c4:b7:a4:d8:69:98:90:cd:be:d6:34:71:d1:66:e5:7e:
         18:4d:19:8f:f5:f1:e6:1f:ee:8c:ff:45:82:2b:94:3b:88:8e:
         1f:91:a4:fb:99:a1:ca:da:10:22:39:9d:6d:d2:cf:dd:3d:3a:
         f9:d9:a9:c6:0b:72:d6:13:cc:67:28:f5:4f:06:44:37:fd:b5:
         a4:a8:12:fd:a6:2d:f9:24:6f:9f:a0:a4:89:c3:22:49:b7:59:
         bf:12:91:ad:2a:70:81:d9:5c:2d:7f:83:b1:fb:f7:0b:eb:ab:
         1d:d3:3e:b5:f7:12:38:5f:7c:70:f3:e3:7b:ce:2a:a6:51:7b:
         e3:83:0b:8e:83:02:bc:ed:d3:85:90:8e:55:3c:82:4a:f8:dc:
         fd:30:ac:3d:22:21:ef:36:be:7c:9e:b3:7f:ea:47:ba:14:1c:
         4a:92:e3:d6:2b:ea:06:86:3d:ef:2d:70:2a:4a:2c:e2:32:20:
         11:3c:b0:5e:cb:47:9f:be:59:ff:aa:09:d2:cd:b3:69:0c:f9:
         b2:84:12:15:93:30:59:42:70:dd:4f:1e:6c:ea:a6:f2:42:b4:
         d9:74:ab:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSPRBa8vX5AbqgUATc3ooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzdiZTNiNDJjYmRiMWY0NTkwNzdiYTFmYzM1ZjRiZjhiZTgwZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNTUUVG+eXZOW7WEmzsHfMIN29Wz
PqRrEsIN4KFc+C/jMGXkPJJAd4Gy6unnFq8IYCiDozxk7HQdAkUhayaZrn0HXjrK
AhwWnV5HYHZ1N0UUYVGOrA6tAnZ9y8NdQd0mOi4qXJS7J7F/emDVu+klQ8NXQxLg
T/XpemCI1lZxXZW7cqum+gzHIjtN6JqzYtqZHQPyKNTUqm/t93poXBkSz15aTSYF
Lu4cCiX6ja6oMZwCtUzCqEtgX9XZEjsSo49iZxcu7OSPGxRgA1GbLiiE3fKP52kU
os4rAZr/1y8fWv7/VriNmpJkSAiq/qzvCCSc8BDko52ZAYD9MSutHhSG3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBd747QsvbH0WQd7ofw19L+L6A/EMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvRjN2anRDeTlzZlJaQjN1aF9EWDB2NHZvRDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBubPaAwQC
vEBoMA0GCSqGSIb3DQEBCwUAA4IBAQBxNb3WrrivL2TOXzErxeUxRsbjXoXFLWUc
NtinY9H0y26vj5oaQcS3pNhpmJDNvtY0cdFm5X4YTRmP9fHmH+6M/0WCK5Q7iI4f
kaT7maHK2hAiOZ1t0s/dPTr52anGC3LWE8xnKPVPBkQ3/bWkqBL9pi35JG+foKSJ
wyJJt1m/EpGtKnCB2Vwtf4Ox+/cL66sd0z619xI4X3xw8+N7ziqmUXvjgwuOgwK8
7dOFkI5VPIJK+Nz9MKw9IiHvNr58nrN/6ke6FBxKkuPWK+oGhj3vLXAqSiziMiAR
PLBey0efvln/qgnSzbNpDPmyhBIVkzBZQnDdTx5s6qbyQrTZdKtE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org