Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_MCeTHUVkJK99w2K1N-klHn-QUs.roa
File:                     _MCeTHUVkJK99w2K1N-klHn-QUs.roa (raw, json)
Hash identifier:          0Rd3GAYHhB3bQezkaoM0j5MuQGeKKE34Cd/wIZJwkxM=
Subject key identifier:   FC:C0:9E:4C:75:15:90:92:BD:F7:0D:8A:D4:DF:A4:94:79:FE:41:4B
Certificate issuer:       /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial:       01856ED4CDA84D8F3AC197F8AF632841BE6D
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_MCeTHUVkJK99w2K1N-klHn-QUs.roa
Signing time:             Sun 01 Jan 2023 19:35:18 +0000
ROA not before:           Sun 01 Jan 2023 19:35:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61161
IP address blocks:        185.100.56.0/22 maxlen: 24
                          185.17.72.0/22 maxlen: 24
                          185.102.4.0/22 maxlen: 24
                          2a04:600::/29 maxlen: 48
                          2a0d:3200::/29 maxlen: 48

Validation:               Failed, certificate revoked on Thu 28 Sep 2023 15:11:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:cd:a8:4d:8f:3a:c1:97:f8:af:63:28:41:be:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
        Validity
            Not Before: Jan  1 19:35:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fcc09e4c75159092bdf70d8ad4dfa49479fe414b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:69:bd:5c:10:a3:d2:83:6a:ec:07:fd:65:38:
                    f0:ad:4e:4b:5d:ee:37:f1:e4:ca:b4:84:39:83:4a:
                    27:0a:50:99:ed:00:38:eb:48:3a:d0:14:3a:b2:cc:
                    1e:f6:6b:1a:93:e0:76:74:7f:7b:6b:8c:a7:ef:b6:
                    27:50:33:08:1e:0e:4e:e7:bc:c6:4f:88:62:9b:ba:
                    26:f1:06:55:32:73:bc:f0:e0:34:f4:fb:28:de:ac:
                    a4:07:50:d7:7d:9d:f1:25:e1:81:0b:a6:24:f2:65:
                    98:3b:8f:5b:44:cc:26:55:4d:c6:8c:7d:34:a6:f6:
                    cd:ec:81:a3:6c:f9:a3:4e:26:23:e4:e5:cb:72:be:
                    a5:ac:aa:fd:b5:cf:22:99:21:4d:e9:17:39:49:ed:
                    e0:1c:e5:9b:2d:29:53:80:e1:1c:c5:46:c9:40:8d:
                    4e:87:1d:38:74:f8:12:25:e0:0a:e3:94:aa:b9:72:
                    79:96:d0:0d:54:f6:bd:8c:59:52:61:df:26:79:12:
                    ff:ff:e5:13:4b:30:60:c1:2c:6e:3c:5b:f9:bb:12:
                    70:a9:9e:a0:70:7a:3d:bd:73:49:fc:ec:c7:b4:65:
                    6e:35:d8:14:b0:f2:31:f0:e3:da:c2:eb:17:3d:23:
                    25:64:30:eb:0c:ea:f0:d0:52:38:b1:21:42:99:bc:
                    6a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:C0:9E:4C:75:15:90:92:BD:F7:0D:8A:D4:DF:A4:94:79:FE:41:4B
            X509v3 Authority Key Identifier:
                keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_MCeTHUVkJK99w2K1N-klHn-QUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.17.72.0/22
                  185.100.56.0/22
                  185.102.4.0/22
                IPv6:
                  2a04:600::/29
                  2a0d:3200::/29

    Signature Algorithm: sha256WithRSAEncryption
         07:e0:89:c1:5f:e4:8b:5e:97:02:9c:5b:ae:99:14:59:92:dc:
         9d:a4:97:d5:52:1a:da:99:42:a7:01:57:b9:cd:9f:60:12:b7:
         4d:f4:3e:d0:09:43:ef:15:1f:a9:36:f3:b5:65:57:a9:a6:c4:
         1a:68:7d:85:92:51:b4:fd:fd:12:7a:db:49:43:ee:c0:35:e2:
         0f:1e:78:ee:42:33:67:8b:49:02:8f:c6:f4:b3:ec:25:da:63:
         2f:cc:85:af:32:91:60:80:3d:f5:f4:e3:11:3f:50:2c:92:c9:
         23:db:be:db:d6:29:98:fa:81:c6:73:33:06:e9:90:b0:12:b5:
         4e:a1:11:00:00:69:89:a3:fd:5a:d7:59:36:10:e4:24:0b:9c:
         f8:ac:62:b7:5f:b5:b0:2a:8a:6c:c0:37:c5:26:c5:47:e5:60:
         ca:c2:84:3b:10:b7:d4:2c:86:3d:f6:bf:2b:43:2f:80:99:5e:
         e8:23:b9:ea:f5:04:8f:3f:b3:5c:e2:be:15:56:95:77:43:0f:
         90:c3:44:78:8f:9b:1f:b7:98:df:95:76:9b:b5:e5:e4:99:65:
         07:9a:cb:82:79:78:ae:3d:a4:13:91:0d:cf:fc:f7:21:68:de:
         dd:08:dc:40:71:a0:e7:06:38:a9:29:e2:16:67:0c:28:de:8f:
         fb:d6:57:3d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVu1M2oTY86wZf4r2MoQb5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMwMTAxMTkzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2MwOWU0Yzc1MTU5MDkyYmRmNzBkOGFkNGRmYTQ5NDc5ZmU0MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2m9XBCj0oNq7Af9ZTjwrU5LXe43
8eTKtIQ5g0onClCZ7QA460g60BQ6sswe9msak+B2dH97a4yn77YnUDMIHg5O57zG
T4him7om8QZVMnO88OA09Pso3qykB1DXfZ3xJeGBC6Yk8mWYO49bRMwmVU3GjH00
pvbN7IGjbPmjTiYj5OXLcr6lrKr9tc8imSFN6Rc5Se3gHOWbLSlTgOEcxUbJQI1O
hx04dPgSJeAK45SquXJ5ltANVPa9jFlSYd8meRL//+UTSzBgwSxuPFv5uxJwqZ6g
cHo9vXNJ/OzHtGVuNdgUsPIx8OPawusXPSMlZDDrDOrw0FI4sSFCmbxqVQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPzAnkx1FZCSvfcNitTfpJR5/kFLMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvX01DZVRIVVZrSks5OXcySzFOLWtsSG4tUVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuRFIAwQC
uWQ4AwQCuWYEMBQEAgACMA4DBQMqBAYAAwUDKg0yADANBgkqhkiG9w0BAQsFAAOC
AQEAB+CJwV/ki16XApxbrpkUWZLcnaSX1VIa2plCpwFXuc2fYBK3TfQ+0AlD7xUf
qTbztWVXqabEGmh9hZJRtP39EnrbSUPuwDXiDx547kIzZ4tJAo/G9LPsJdpjL8yF
rzKRYIA99fTjET9QLJLJI9u+29YpmPqBxnMzBumQsBK1TqERAABpiaP9WtdZNhDk
JAuc+Kxit1+1sCqKbMA3xSbFR+VgysKEOxC31CyGPfa/K0MvgJle6CO56vUEjz+z
XOK+FVaVd0MPkMNEeI+bH7eY35V2m7Xl5JllB5rLgnl4rj2kE5ENz/z3IWje3Qjc
QHGg5wY4qSniFmcMKN6P+9ZXPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org