Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/bPf3xIBanYkd0sJ9XiTfFcbKkqE.roa
File:                     bPf3xIBanYkd0sJ9XiTfFcbKkqE.roa (raw, json)
Hash identifier:          u4uFybjIlRPL7zpAU7IVe7hlfzymfY9wn9tEXs+Lyt8=
Subject key identifier:   6C:F7:F7:C4:80:5A:9D:89:1D:D2:C2:7D:5E:24:DF:15:C6:CA:92:A1
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       0186E933BC5435CD51C0B151EC8525A8E9BA
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/bPf3xIBanYkd0sJ9XiTfFcbKkqE.roa
Signing time:             Thu 16 Mar 2023 06:55:27 +0000
ROA not before:           Thu 16 Mar 2023 06:55:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:202::/32 maxlen: 32
                          2a09:4e01:3000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c7:3000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Thu 16 Mar 2023 07:14:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e9:33:bc:54:35:cd:51:c0:b1:51:ec:85:25:a8:e9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Mar 16 06:55:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6cf7f7c4805a9d891dd2c27d5e24df15c6ca92a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:8d:80:c3:f0:91:ae:cf:a2:73:ee:e1:1b:e9:
                    4d:74:f5:e6:54:af:d4:a8:25:1a:58:df:1a:4b:fd:
                    28:b6:a1:06:c0:22:c0:31:9c:85:78:b7:36:fa:86:
                    f6:35:19:f0:2e:c5:0d:fc:5b:1e:fb:f2:41:1c:4e:
                    68:24:47:cc:9c:94:b8:6a:3d:7f:b8:db:8b:90:7f:
                    6f:f3:b0:2c:0a:41:81:c7:4d:32:be:9f:53:b1:98:
                    b6:29:df:ff:0b:a3:1a:a5:ea:55:50:0c:07:a6:cf:
                    9d:d8:5c:b9:d8:da:14:71:c4:a6:96:38:bb:fb:d8:
                    c5:0c:82:6e:01:07:79:74:8e:65:4f:13:86:02:b2:
                    cf:cb:57:42:dc:ad:35:d9:67:67:10:8b:9d:d1:9c:
                    0c:c7:81:b1:ff:53:5b:e6:ab:3f:15:06:54:b3:a3:
                    40:97:ad:5c:c0:9d:0e:aa:1b:82:56:85:cf:9f:1b:
                    54:be:0d:d6:4e:40:dd:11:3e:c2:58:01:31:10:c5:
                    f7:b2:7d:48:26:f9:2c:d9:9d:94:f0:c2:6c:af:4b:
                    27:2f:63:8a:c3:e8:05:0d:ac:76:8f:1d:b9:73:bf:
                    c1:6b:92:1a:1c:90:2e:20:2c:eb:f8:33:25:8e:4f:
                    f1:42:8d:16:5b:da:03:b6:d4:47:bc:02:b0:18:33:
                    44:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:F7:F7:C4:80:5A:9D:89:1D:D2:C2:7D:5E:24:DF:15:C6:CA:92:A1
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/bPf3xIBanYkd0sJ9XiTfFcbKkqE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.171.240.0/22
                  84.54.36.0/24
                  194.113.105.0/24
                IPv6:
                  2a09:4e01:3000::/36
                  2a10:c0c0::/29
                  2a11:200::/36
                  2a11:200:4000::/36
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         a5:ac:9a:1a:60:36:ab:7f:90:88:ee:3a:79:d8:27:80:6b:47:
         cf:af:99:2a:6d:60:3a:4d:de:61:3d:b5:5d:10:0d:90:eb:8d:
         9f:51:7c:df:7c:22:3b:53:db:cc:79:13:54:e2:26:ba:60:43:
         ab:f9:d5:65:c2:aa:01:2a:f0:72:12:05:5d:2d:6c:11:19:1c:
         30:b7:77:31:02:29:62:4e:be:13:1f:79:fd:6a:e5:0b:98:06:
         6c:6c:47:27:13:5e:e7:bd:77:bc:49:6d:58:0d:eb:bd:32:ca:
         4b:c1:c9:c8:c7:5e:3a:97:f6:0b:b5:fa:7f:0e:49:1f:af:9e:
         68:59:b7:24:33:db:cb:02:c7:eb:8e:d8:8d:f4:be:37:0a:40:
         6a:a4:40:15:82:57:47:0a:0a:99:19:07:eb:8a:f4:e5:8e:34:
         cc:03:fe:8b:66:5d:19:5e:84:26:9d:aa:da:d4:cc:70:e8:5a:
         58:01:30:a0:41:51:90:80:e8:dc:66:dd:9f:87:7c:ae:06:1d:
         5c:07:b9:53:81:b5:4b:40:e8:c9:94:d1:cc:33:b0:fe:74:7c:
         9f:34:79:32:e0:f5:e3:b3:1e:fa:ef:ab:46:24:6b:1d:dd:1c:
         49:54:0e:ca:2d:80:53:68:b0:b8:21:18:d5:17:ba:cc:18:6d:
         4b:11:00:4f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYbpM7xUNc1RwLFR7IUlqOm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMzE2MDY1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y3ZjdjNDgwNWE5ZDg5MWRkMmMyN2Q1ZTI0ZGYxNWM2Y2E5MmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI2Aw/CRrs+ic+7hG+lNdPXmVK/U
qCUaWN8aS/0otqEGwCLAMZyFeLc2+ob2NRnwLsUN/Fse+/JBHE5oJEfMnJS4aj1/
uNuLkH9v87AsCkGBx00yvp9TsZi2Kd//C6MapepVUAwHps+d2Fy52NoUccSmlji7
+9jFDIJuAQd5dI5lTxOGArLPy1dC3K012WdnEIud0ZwMx4Gx/1Nb5qs/FQZUs6NA
l61cwJ0OqhuCVoXPnxtUvg3WTkDdET7CWAExEMX3sn1IJvks2Z2U8MJsr0snL2OK
w+gFDax2jx25c7/Ba5IaHJAuICzr+DMljk/xQo0WW9oDttRHvAKwGDNEjwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFGz398SAWp2JHdLCfV4k3xXGypKhMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvYlBmM3hJQmFuWWtkMHNKOVhpVGZGY2JLa3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAYBAIAATASAwQCU6vwAwQA
VDYkAwQAwnFpMDUEAgACMC8DBgQqCU4BMAMFAyoQwMADBgQqEQIAAAMGBCoRAgBA
MA4DBQAqEQIBAwUAKhECAjANBgkqhkiG9w0BAQsFAAOCAQEApayaGmA2q3+QiO46
edgngGtHz6+ZKm1gOk3eYT21XRANkOuNn1F833wiO1PbzHkTVOImumBDq/nVZcKq
ASrwchIFXS1sERkcMLd3MQIpYk6+Ex95/WrlC5gGbGxHJxNe5713vEltWA3rvTLK
S8HJyMdeOpf2C7X6fw5JH6+eaFm3JDPbywLH647YjfS+NwpAaqRAFYJXRwoKmRkH
64r05Y40zAP+i2ZdGV6EJp2q2tTMcOhaWAEwoEFRkIDo3Gbdn4d8rgYdXAe5U4G1
S0DoyZTRzDOw/nR8nzR5MuD147Me+u+rRiRrHd0cSVQOyi2AU2iwuCEY1Re6zBht
SxEATw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org