Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/FQaYf070uGczLbpxNOByF_xVKTc.roa
File:                     FQaYf070uGczLbpxNOByF_xVKTc.roa (raw, json)
Hash identifier:          U1Zo0P0W/J+BriI7nc9o7+vIMdRxGcrdVb1ClqTYTrY=
Subject key identifier:   15:06:98:7F:4E:F4:B8:67:33:2D:BA:71:34:E0:72:17:FC:55:29:37
Certificate issuer:       /CN=d34ffee7e762f9a06fe2f47e7a1e52d9eba7fafd
Certificate serial:       018570DE5C6CCEF84AB2FA65D26250EE5461
Authority key identifier: D3:4F:FE:E7:E7:62:F9:A0:6F:E2:F4:7E:7A:1E:52:D9:EB:A7:FA:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/FQaYf070uGczLbpxNOByF_xVKTc.roa
Signing time:             Mon 02 Jan 2023 05:04:58 +0000
ROA not before:           Mon 02 Jan 2023 05:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208704
IP address blocks:        193.56.184.0/24 maxlen: 24
                          45.87.176.0/24 maxlen: 24
                          45.87.179.0/24 maxlen: 24
                          45.87.178.0/24 maxlen: 24
                          45.87.177.0/24 maxlen: 24
                          45.87.176.0/22 maxlen: 22
                          2a02:f2c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:de:5c:6c:ce:f8:4a:b2:fa:65:d2:62:50:ee:54:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d34ffee7e762f9a06fe2f47e7a1e52d9eba7fafd
        Validity
            Not Before: Jan  2 05:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1506987f4ef4b867332dba7134e07217fc552937
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:20:d2:7b:01:ce:31:aa:80:eb:2c:fc:54:e5:
                    5d:c7:e5:91:d7:50:60:23:01:b2:ec:58:02:8d:43:
                    23:13:0f:1f:52:8d:0d:01:ef:f4:33:92:1b:1a:38:
                    9e:e4:20:e5:80:78:d4:ae:00:bc:cf:fa:b2:8a:b5:
                    dd:4d:47:76:c5:87:32:8e:e9:07:eb:1f:58:e0:86:
                    36:b2:57:86:46:37:41:9d:24:38:92:1f:f6:51:a2:
                    91:5a:fb:54:88:02:1c:21:65:c1:87:fe:0d:bd:cc:
                    58:2e:c1:5e:0b:80:2d:ae:15:e9:3f:b7:65:4d:3c:
                    8e:74:a6:99:22:ce:b1:7a:e4:b8:e9:56:76:b3:00:
                    a0:12:c2:59:35:01:49:db:3e:12:e7:5c:04:bf:28:
                    ab:4f:bd:fd:8d:bc:c7:3d:a8:1f:37:d3:29:1b:ab:
                    bd:15:c1:d9:f8:dd:6c:3a:05:b7:96:a3:3e:a2:7d:
                    76:ac:b0:5f:d9:48:f3:c0:1c:7f:7d:58:5d:38:70:
                    e3:8c:05:5d:4f:ee:fd:bf:3b:9f:0f:17:0e:ca:af:
                    02:f6:b7:a5:12:f3:f3:48:91:5b:e8:bf:a8:53:2d:
                    3e:f5:a3:4d:74:fe:89:29:b3:3f:4d:fa:9f:88:a0:
                    1c:16:c7:1b:d6:e9:0b:7c:1c:b6:d3:d7:ad:5b:9a:
                    a6:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:06:98:7F:4E:F4:B8:67:33:2D:BA:71:34:E0:72:17:FC:55:29:37
            X509v3 Authority Key Identifier:
                keyid:D3:4F:FE:E7:E7:62:F9:A0:6F:E2:F4:7E:7A:1E:52:D9:EB:A7:FA:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/FQaYf070uGczLbpxNOByF_xVKTc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/00_-5-di-aBv4vR-eh5S2eun-v0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.87.176.0/22
                  193.56.184.0/24
                IPv6:
                  2a02:f2c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         5b:fc:14:30:d4:a3:e1:67:60:54:ad:77:e6:7b:6c:e3:0f:d8:
         3a:3b:e3:da:97:4a:29:91:20:75:c3:b1:3f:a1:36:5e:ef:e2:
         10:c6:5d:89:f6:e4:db:23:02:7e:14:64:9d:d5:59:0b:ae:80:
         03:76:08:a6:ab:4a:81:2e:be:fb:42:a3:2d:fb:77:41:30:15:
         c2:e8:91:fb:d6:a9:3a:81:44:52:22:d8:dd:22:ff:70:b1:fb:
         f9:c4:cb:41:16:7a:22:4a:0d:e3:6e:8e:e1:b0:ab:88:e8:b7:
         a5:2d:59:8c:43:af:60:a7:01:65:2a:d5:5a:65:17:1b:97:ef:
         21:d0:60:f2:92:83:c1:95:b4:64:0e:49:e6:0a:5e:16:8e:4d:
         43:68:17:32:6f:ab:8f:d9:93:29:3e:fa:15:e1:70:9a:fb:67:
         31:3c:dd:95:96:0c:9a:22:fb:de:df:07:91:b2:df:5e:32:0d:
         3c:d0:d2:15:e7:15:f6:0e:58:34:0c:e7:91:37:50:ee:7f:da:
         5c:dc:32:21:e2:64:4d:e3:94:7b:c9:5e:7a:17:15:02:8a:cc:
         62:a2:2e:10:79:ce:e9:da:bd:a4:85:7a:8e:0c:63:54:87:28:
         cb:20:7b:b8:d7:35:f3:7d:da:48:5d:d7:06:32:16:a0:c9:8a:
         5b:d4:5d:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw3lxszvhKsvpl0mJQ7lRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZmZWU3ZTc2MmY5YTA2ZmUyZjQ3ZTdhMWU1MmQ5ZWJh
N2ZhZmQwHhcNMjMwMTAyMDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA2OTg3ZjRlZjRiODY3MzMyZGJhNzEzNGUwNzIxN2ZjNTUyOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCDSewHOMaqA6yz8VOVdx+WR11Bg
IwGy7FgCjUMjEw8fUo0NAe/0M5IbGjie5CDlgHjUrgC8z/qyirXdTUd2xYcyjukH
6x9Y4IY2sleGRjdBnSQ4kh/2UaKRWvtUiAIcIWXBh/4NvcxYLsFeC4AtrhXpP7dl
TTyOdKaZIs6xeuS46VZ2swCgEsJZNQFJ2z4S51wEvyirT739jbzHPagfN9MpG6u9
FcHZ+N1sOgW3lqM+on12rLBf2UjzwBx/fVhdOHDjjAVdT+79vzufDxcOyq8C9rel
EvPzSJFb6L+oUy0+9aNNdP6JKbM/TfqfiKAcFscb1ukLfBy209etW5qm9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBUGmH9O9LhnMy26cTTgchf8VSk3MB8GA1UdIwQY
MBaAFNNP/ufnYvmgb+L0fnoeUtnrp/r9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBfLTUtZGktYUJ2NHZSLWVoNVMyZXVuLXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYjhkOTItZTE1Ny00MTQxLTgyYzkt
ODdlMWYzODY2MzYyLzEvRlFhWWYwNzB1R2N6TGJweE5PQnlGX3hWS1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8xYjhkOTItZTE1Ny00MTQxLTgyYzktODdlMWYzODY2MzYy
LzEvMDBfLTUtZGktYUJ2NHZSLWVoNVMyZXVuLXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVewAwQA
wTi4MA0EAgACMAcDBQMqAvLAMA0GCSqGSIb3DQEBCwUAA4IBAQBb/BQw1KPhZ2BU
rXfme2zjD9g6O+Pal0opkSB1w7E/oTZe7+IQxl2J9uTbIwJ+FGSd1VkLroADdgim
q0qBLr77QqMt+3dBMBXC6JH71qk6gURSItjdIv9wsfv5xMtBFnoiSg3jbo7hsKuI
6LelLVmMQ69gpwFlKtVaZRcbl+8h0GDykoPBlbRkDknmCl4Wjk1DaBcyb6uP2ZMp
PvoV4XCa+2cxPN2VlgyaIvve3weRst9eMg080NIV5xX2Dlg0DOeRN1Duf9pc3DIh
4mRN45R7yV56FxUCisxioi4Qec7p2r2khXqODGNUhyjLIHu41zXzfdpIXdcGMhag
yYpb1F0E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org