Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/FOLDywaVXmpWd4YoHOy5zM1YDG8.roa
File:                     FOLDywaVXmpWd4YoHOy5zM1YDG8.roa (raw, json)
Hash identifier:          IYlZLOdwVZYgUHbcjwh3KXzsoWorkwiSYmnhFXAUIew=
Subject key identifier:   14:E2:C3:CB:06:95:5E:6A:56:77:86:28:1C:EC:B9:CC:CD:58:0C:6F
Certificate issuer:       /CN=a2510279be138c42cdef62718f0f6afacae1819e
Certificate serial:       0185720C7CBD7E6F1815D32CC36662BDE465
Authority key identifier: A2:51:02:79:BE:13:8C:42:CD:EF:62:71:8F:0F:6A:FA:CA:E1:81:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/olECeb4TjELN72Jxjw9q-srhgZ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/FOLDywaVXmpWd4YoHOy5zM1YDG8.roa
Signing time:             Mon 02 Jan 2023 10:34:59 +0000
ROA not before:           Mon 02 Jan 2023 10:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42700
IP address blocks:        194.110.199.0/24 maxlen: 24
                          2001:678:1ec::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:7c:bd:7e:6f:18:15:d3:2c:c3:66:62:bd:e4:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2510279be138c42cdef62718f0f6afacae1819e
        Validity
            Not Before: Jan  2 10:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=14e2c3cb06955e6a567786281cecb9cccd580c6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:0a:bd:1a:2d:95:83:62:d1:f1:9c:a4:6e:1b:
                    6c:95:50:a2:68:28:a8:bf:35:0b:a4:1c:2f:5d:f2:
                    2a:5c:1a:d4:83:93:70:6f:ac:cb:1d:96:09:a7:f2:
                    fc:4c:95:fa:dc:0f:94:57:28:54:2f:12:0f:bb:79:
                    2c:f1:bd:8a:b1:86:d9:22:ac:12:0b:af:a0:ab:9d:
                    99:f9:79:46:e2:89:40:cd:2f:f2:69:f0:9b:53:d2:
                    1e:27:22:27:97:7a:0d:e6:cd:e4:66:39:c9:83:8e:
                    70:83:fe:76:70:7c:fe:8d:18:10:bb:18:4a:4c:37:
                    f3:9c:7a:e8:c8:aa:68:b3:f3:6b:8a:49:d3:8b:18:
                    c0:44:e8:eb:55:e9:9f:fc:3b:49:f6:48:72:7a:ff:
                    00:bd:9a:23:2c:17:99:6b:79:c8:4e:09:d4:d1:a9:
                    9c:24:57:2c:4c:4f:cf:9d:46:44:be:2a:dc:55:86:
                    46:8f:46:1b:96:48:cb:57:03:5e:dd:1e:f1:6e:5f:
                    94:dc:99:db:fb:ac:64:33:0b:2c:79:1d:3c:16:9e:
                    cc:90:ff:5b:d4:92:72:2b:f3:58:c3:01:30:76:1d:
                    c2:65:dd:8f:24:a0:59:30:d4:3e:1a:5d:5a:52:3b:
                    5f:43:f4:64:1a:ef:b0:d8:43:f6:d2:bf:c9:75:2e:
                    b1:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:E2:C3:CB:06:95:5E:6A:56:77:86:28:1C:EC:B9:CC:CD:58:0C:6F
            X509v3 Authority Key Identifier:
                keyid:A2:51:02:79:BE:13:8C:42:CD:EF:62:71:8F:0F:6A:FA:CA:E1:81:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olECeb4TjELN72Jxjw9q-srhgZ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/FOLDywaVXmpWd4YoHOy5zM1YDG8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/olECeb4TjELN72Jxjw9q-srhgZ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.110.199.0/24
                IPv6:
                  2001:678:1ec::/48

    Signature Algorithm: sha256WithRSAEncryption
         5c:9c:27:25:9b:d8:ee:56:6d:1c:17:8f:a0:18:be:73:cc:b3:
         36:6e:9c:eb:7b:48:f3:c8:ca:60:02:33:91:8b:60:69:9b:08:
         d0:aa:36:19:f3:1d:e8:90:4e:0b:78:d7:13:85:ba:ba:b7:cb:
         2c:fe:23:1f:d4:b1:eb:c3:8b:c5:8c:55:77:6c:a4:6d:e1:2a:
         56:78:12:27:8b:7a:fc:1d:f1:8c:4e:b8:2e:fb:11:db:ce:4a:
         c0:75:89:9b:e3:30:7d:1b:00:f0:0b:cb:04:f7:7c:0b:9d:23:
         47:9b:fe:ea:14:ba:ed:e2:b5:cb:c8:72:58:92:34:7d:51:51:
         72:4a:39:61:40:18:62:07:91:60:8e:58:07:de:72:51:d2:0b:
         2e:3d:19:e6:82:40:9b:22:1b:39:fe:41:dc:23:dc:b9:ba:50:
         1f:40:e0:e5:1b:0d:be:49:fb:15:25:a3:b4:99:13:c8:4b:89:
         bc:5c:95:8b:84:cb:0c:9f:f6:6f:0c:26:ae:3c:6e:7b:11:b1:
         91:22:8d:c6:7d:f0:92:0f:ba:ba:08:69:5c:ee:bf:08:b0:38:
         e2:75:36:cd:05:c0:f6:9d:6d:d6:7e:37:9b:86:12:03:b7:4f:
         0d:74:e2:bd:fe:18:07:4a:8a:5f:c6:73:7a:84:db:0e:90:8c:
         07:22:f4:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyDHy9fm8YFdMsw2ZiveRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTEwMjc5YmUxMzhjNDJjZGVmNjI3MThmMGY2YWZhY2Fl
MTgxOWUwHhcNMjMwMTAyMTAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUyYzNjYjA2OTU1ZTZhNTY3Nzg2MjgxY2VjYjljY2NkNTgwYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwq9Gi2Vg2LR8ZykbhtslVCiaCio
vzULpBwvXfIqXBrUg5Nwb6zLHZYJp/L8TJX63A+UVyhULxIPu3ks8b2KsYbZIqwS
C6+gq52Z+XlG4olAzS/yafCbU9IeJyInl3oN5s3kZjnJg45wg/52cHz+jRgQuxhK
TDfznHroyKpos/NriknTixjAROjrVemf/DtJ9khyev8AvZojLBeZa3nITgnU0amc
JFcsTE/PnUZEvircVYZGj0YblkjLVwNe3R7xbl+U3Jnb+6xkMwsseR08Fp7MkP9b
1JJyK/NYwwEwdh3CZd2PJKBZMNQ+Gl1aUjtfQ/RkGu+w2EP20r/JdS6xQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBTiw8sGlV5qVneGKBzsuczNWAxvMB8GA1UdIwQY
MBaAFKJRAnm+E4xCze9icY8PavrK4YGeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xFQ2ViNFRqRUxONzJKeGp3OXEtc3JoZ1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8yMTQ2Y2EtZTAyNi00MDJjLWE1NmUt
ODZhZjUyZmI0ZWViLzEvRk9MRHl3YVZYbXBXZDRZb0hPeTV6TTFZREc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8yMTQ2Y2EtZTAyNi00MDJjLWE1NmUtODZhZjUyZmI0ZWVi
LzEvb2xFQ2ViNFRqRUxONzJKeGp3OXEtc3JoZ1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwm7HMA8E
AgACMAkDBwAgAQZ4AewwDQYJKoZIhvcNAQELBQADggEBAFycJyWb2O5WbRwXj6AY
vnPMszZunOt7SPPIymACM5GLYGmbCNCqNhnzHeiQTgt41xOFurq3yyz+Ix/UsevD
i8WMVXdspG3hKlZ4EieLevwd8YxOuC77EdvOSsB1iZvjMH0bAPALywT3fAudI0eb
/uoUuu3itcvIcliSNH1RUXJKOWFAGGIHkWCOWAfeclHSCy49GeaCQJsiGzn+Qdwj
3Lm6UB9A4OUbDb5J+xUlo7SZE8hLibxclYuEywyf9m8MJq48bnsRsZEijcZ98JIP
uroIaVzuvwiwOOJ1Ns0FwPadbdZ+N5uGEgO3Tw104r3+GAdKil/Gc3qE2w6QjAci
9OE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:42 2024 by rpki-client on console-ams.rpki-client.org