Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Cr5nLP0A6tC_L4rXFcKfri2I9GU.roa
File:                     Cr5nLP0A6tC_L4rXFcKfri2I9GU.roa (raw, json)
Hash identifier:          7r7C1FVCH+ztu3fSkHW6bgTafJcG0eI5mtYmCid6H4A=
Subject key identifier:   0A:BE:67:2C:FD:00:EA:D0:BF:2F:8A:D7:15:C2:9F:AE:2D:88:F4:65
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       01857030722D6F8EB66BB03011D1E9954292
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Cr5nLP0A6tC_L4rXFcKfri2I9GU.roa
Signing time:             Mon 02 Jan 2023 01:55:01 +0000
ROA not before:           Mon 02 Jan 2023 01:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205285
IP address blocks:        31.46.29.0/24 maxlen: 24
                          78.92.232.0/23 maxlen: 23
                          84.2.63.0/24 maxlen: 24
                          84.1.114.0/24 maxlen: 24
                          84.1.116.0/24 maxlen: 24
                          84.1.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:72:2d:6f:8e:b6:6b:b0:30:11:d1:e9:95:42:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  2 01:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0abe672cfd00ead0bf2f8ad715c29fae2d88f465
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f6:8e:43:de:b8:0a:3c:df:02:89:f2:26:c9:
                    a6:e8:4d:5d:37:42:19:44:0f:9e:51:a6:85:60:0b:
                    28:67:1a:a4:75:cb:3b:1a:14:91:02:e5:2b:42:23:
                    25:2a:0d:b9:49:1a:f8:09:7f:ff:3d:e9:ca:7f:9d:
                    68:0f:e4:91:c6:46:60:6a:b7:ee:65:67:15:9d:7a:
                    bb:15:0b:50:88:d5:a6:2c:81:ca:99:c7:b1:d0:ed:
                    f8:0d:8c:12:a9:79:42:4b:88:85:4f:b1:b4:59:84:
                    48:ec:63:b7:da:ef:43:fe:51:1d:33:fa:15:33:0e:
                    b4:1c:66:a9:6a:5c:77:78:f3:f8:37:30:4a:43:ef:
                    d9:60:5f:0d:41:5a:9c:ce:bb:29:c3:89:56:92:ff:
                    a7:ea:c4:e7:45:ac:45:03:2a:4a:02:52:88:45:44:
                    c2:3c:aa:dc:3c:13:47:3f:1d:c8:d4:54:9c:fa:66:
                    60:03:75:c4:74:aa:4d:77:69:5b:a8:92:f0:2c:a1:
                    d9:42:80:75:20:de:69:d7:2b:95:ad:d1:8b:cb:5d:
                    40:ae:15:1c:9d:2b:c2:ca:74:a7:56:96:5c:ff:3f:
                    da:85:73:36:d7:aa:49:8c:e6:ab:3d:10:d5:5b:f5:
                    8e:7c:fa:f5:f5:a3:42:49:d3:96:16:64:f8:a9:b6:
                    47:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:BE:67:2C:FD:00:EA:D0:BF:2F:8A:D7:15:C2:9F:AE:2D:88:F4:65
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Cr5nLP0A6tC_L4rXFcKfri2I9GU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.46.29.0/24
                  78.92.232.0/23
                  84.1.114.0-84.1.116.255
                  84.2.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:57:17:e4:88:7e:a9:b5:1c:df:a5:67:33:cc:b5:f6:c0:4d:
         ed:ea:dc:d2:c7:0b:72:c8:40:4b:2a:ca:dc:a3:c8:f5:27:62:
         4b:21:2c:97:cb:a7:54:0e:81:e1:a2:40:a0:74:b3:02:ce:93:
         f2:a7:90:7d:be:4c:97:49:6d:3f:b7:7f:9c:1e:df:27:58:bc:
         d8:5e:95:5b:de:4a:e3:7d:05:14:31:93:71:85:3e:99:b0:e1:
         84:bd:af:1f:13:02:c3:8b:ff:75:61:b7:80:f2:ec:d3:d1:da:
         d2:0d:a9:10:e2:dc:35:40:ce:74:a1:04:b2:4b:72:80:5b:1d:
         56:a2:5d:cd:30:5f:47:ef:1b:76:89:fb:07:21:9c:31:71:4e:
         57:4c:04:6b:ca:8a:26:1c:f2:7b:1b:08:88:40:68:10:72:59:
         40:e6:8a:68:3a:f0:d7:7b:d0:b8:13:ef:2d:70:9f:23:c5:92:
         af:b5:28:a1:dd:34:ed:10:ac:56:de:fb:5e:15:3c:6f:d1:24:
         df:24:ff:04:52:d5:a5:10:9f:11:23:e8:57:06:8d:85:b1:d2:
         53:24:1b:18:c2:8b:54:87:79:6d:b9:d7:0f:5b:24:ae:cc:f2:
         de:7e:d7:17:74:e2:92:d9:17:a7:60:51:96:de:f8:b2:fd:dc:
         fc:09:0e:2e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwMHItb462a7AwEdHplUKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJlNjcyY2ZkMDBlYWQwYmYyZjhhZDcxNWMyOWZhZTJkODhmNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPaOQ964CjzfAonyJsmm6E1dN0IZ
RA+eUaaFYAsoZxqkdcs7GhSRAuUrQiMlKg25SRr4CX//PenKf51oD+SRxkZgarfu
ZWcVnXq7FQtQiNWmLIHKmcex0O34DYwSqXlCS4iFT7G0WYRI7GO32u9D/lEdM/oV
Mw60HGapalx3ePP4NzBKQ+/ZYF8NQVqczrspw4lWkv+n6sTnRaxFAypKAlKIRUTC
PKrcPBNHPx3I1FSc+mZgA3XEdKpNd2lbqJLwLKHZQoB1IN5p1yuVrdGLy11ArhUc
nSvCynSnVpZc/z/ahXM216pJjOarPRDVW/WOfPr19aNCSdOWFmT4qbZHewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAq+Zyz9AOrQvy+K1xXCn64tiPRlMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvQ3I1bkxQMEE2dENfTDRyWEZjS2ZyaTJJOUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHy4dAwQB
TlzoMAwDBAFUAXIDBABUAXQDBABUAj8wDQYJKoZIhvcNAQELBQADggEBAFFXF+SI
fqm1HN+lZzPMtfbATe3q3NLHC3LIQEsqytyjyPUnYkshLJfLp1QOgeGiQKB0swLO
k/KnkH2+TJdJbT+3f5we3ydYvNhelVveSuN9BRQxk3GFPpmw4YS9rx8TAsOL/3Vh
t4Dy7NPR2tINqRDi3DVAznShBLJLcoBbHVaiXc0wX0fvG3aJ+wchnDFxTldMBGvK
iiYc8nsbCIhAaBByWUDmimg68Nd70LgT7y1wnyPFkq+1KKHdNO0QrFbe+14VPG/R
JN8k/wRS1aUQnxEj6FcGjYWx0lMkGxjCi1SHeW251w9bJK7M8t5+1xd04pLZF6dg
UZbe+LL93PwJDi4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org