Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Fkm_Y57U9mIe22Ii1qc2ByEWMtU.roa
File:                     Fkm_Y57U9mIe22Ii1qc2ByEWMtU.roa (raw, json)
Hash identifier:          x3K6p7Fcidih/S1vDfCNm3sPI6rz8OAfQsGHRO/HntA=
Subject key identifier:   16:49:BF:63:9E:D4:F6:62:1E:DB:62:22:D6:A7:36:07:21:16:32:D5
Certificate issuer:       /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial:       018C62B7B5034FF5A2C4D7D09FFF7084452E
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Fkm_Y57U9mIe22Ii1qc2ByEWMtU.roa
Signing time:             Wed 13 Dec 2023 10:27:35 +0000
ROA not before:           Wed 13 Dec 2023 10:27:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34471
IP address blocks:        217.119.141.0/24 maxlen: 24
                          194.104.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:62:b7:b5:03:4f:f5:a2:c4:d7:d0:9f:ff:70:84:45:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
        Validity
            Not Before: Dec 13 10:27:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1649bf639ed4f6621edb6222d6a73607211632d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:92:1c:26:18:fc:2f:81:11:b7:54:98:4d:52:
                    48:06:b2:d8:de:4a:74:8a:77:df:8a:6a:c7:53:e6:
                    cb:1a:de:29:8a:e5:10:23:ac:ad:2b:94:42:19:2b:
                    c7:4a:88:ef:f8:69:23:de:44:fa:74:59:d7:80:e9:
                    23:75:0f:43:43:7d:b3:67:51:3f:0d:a8:1f:82:78:
                    b3:2e:92:e1:06:99:28:99:a3:cb:6b:ce:15:3c:e6:
                    4c:52:81:ca:cb:0b:3d:63:a9:83:5f:27:63:af:ee:
                    e5:31:e0:61:f6:bf:d8:3a:70:8c:0a:8d:1a:8a:de:
                    99:6f:e7:61:dc:a8:48:bc:a3:c2:a5:97:84:32:f2:
                    a6:9f:c9:d8:bd:02:76:b6:82:89:04:0d:c4:85:03:
                    c8:96:00:44:ff:5f:69:fb:83:a7:44:1d:ce:d3:04:
                    d9:c9:90:c8:9c:36:03:7f:71:1f:04:99:0a:a1:22:
                    99:1f:cf:ca:81:ed:75:b4:94:52:24:1d:87:5d:eb:
                    5a:f6:89:cb:d2:3f:52:3f:b8:1d:ce:3a:e4:e2:e1:
                    a6:59:e5:60:df:0a:5e:93:42:e9:9d:7d:ec:67:d7:
                    4e:4f:a3:55:72:47:a7:c9:b1:84:0b:36:f3:f3:c8:
                    33:8c:af:17:f8:ce:9d:92:21:e3:be:96:71:e5:b7:
                    b6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:49:BF:63:9E:D4:F6:62:1E:DB:62:22:D6:A7:36:07:21:16:32:D5
            X509v3 Authority Key Identifier:
                keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/Fkm_Y57U9mIe22Ii1qc2ByEWMtU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.231.0/24
                  217.119.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:af:51:4c:58:65:8b:15:94:50:52:58:8e:2f:e6:46:d7:96:
         35:2c:ff:19:62:a1:c3:e4:84:02:8f:dc:a0:a5:0d:f3:6c:e9:
         35:90:c4:9f:82:0e:15:e6:81:f2:5e:30:ab:97:2b:c2:0a:11:
         d1:74:8b:0d:f8:d1:0e:b4:99:15:40:be:57:95:2d:70:9b:41:
         b4:be:80:5f:40:89:6c:c0:82:a9:f5:4b:ca:16:8d:0d:29:3c:
         37:df:15:7c:4b:fb:d7:22:c8:ce:07:f9:6e:b1:a4:db:ff:f5:
         9f:e3:1a:5e:9f:ab:fb:b6:75:89:bb:55:3b:ce:ea:bc:61:e8:
         f5:be:f7:40:bf:b2:c0:c5:35:49:f3:63:ea:bd:a4:bc:d4:1e:
         60:86:b4:e4:71:0e:bf:e5:96:72:dd:c2:1d:21:08:1a:0e:c6:
         26:3d:c7:a3:d9:0a:7e:bb:42:63:24:91:ef:97:ed:b7:c5:e6:
         ab:2b:45:88:09:79:60:1c:1f:75:b7:ac:8e:9b:d7:68:74:fd:
         db:ca:60:c6:3c:a7:42:fe:31:f8:dd:e5:3e:18:62:18:c3:17:
         71:8d:80:cd:94:20:42:12:55:90:31:cc:7f:36:10:85:50:ff:
         4f:bf:de:c1:e2:28:f4:b2:dc:a4:8c:d8:e2:4e:2e:cd:11:d7:
         6b:6b:40:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxit7UDT/WixNfQn/9whEUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMxMjEzMTAyNzM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjQ5YmY2MzllZDRmNjYyMWVkYjYyMjJkNmE3MzYwNzIxMTYzMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15IcJhj8L4ERt1SYTVJIBrLY3kp0
inffimrHU+bLGt4piuUQI6ytK5RCGSvHSojv+Gkj3kT6dFnXgOkjdQ9DQ32zZ1E/
DagfgnizLpLhBpkomaPLa84VPOZMUoHKyws9Y6mDXydjr+7lMeBh9r/YOnCMCo0a
it6Zb+dh3KhIvKPCpZeEMvKmn8nYvQJ2toKJBA3EhQPIlgBE/19p+4OnRB3O0wTZ
yZDInDYDf3EfBJkKoSKZH8/Kge11tJRSJB2HXeta9onL0j9SP7gdzjrk4uGmWeVg
3wpek0LpnX3sZ9dOT6NVckenybGECzbz88gzjK8X+M6dkiHjvpZx5be2XQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBZJv2Oe1PZiHttiItanNgchFjLVMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvRmttX1k1N1U5bUllMjJJaTFxYzJCeUVXTXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmjnAwQA
2XeNMA0GCSqGSIb3DQEBCwUAA4IBAQAkr1FMWGWLFZRQUliOL+ZG15Y1LP8ZYqHD
5IQCj9ygpQ3zbOk1kMSfgg4V5oHyXjCrlyvCChHRdIsN+NEOtJkVQL5XlS1wm0G0
voBfQIlswIKp9UvKFo0NKTw33xV8S/vXIsjOB/lusaTb//Wf4xpen6v7tnWJu1U7
zuq8Yej1vvdAv7LAxTVJ82PqvaS81B5ghrTkcQ6/5ZZy3cIdIQgaDsYmPcej2Qp+
u0JjJJHvl+23xearK0WICXlgHB91t6yOm9dodP3bymDGPKdC/jH43eU+GGIYwxdx
jYDNlCBCElWQMcx/NhCFUP9Pv97B4ij0stykjNjiTi7NEddra0C2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org