Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7fa2ILIFk5ZW6J1Wgc6O_kXCD5M.roa
File:                     7fa2ILIFk5ZW6J1Wgc6O_kXCD5M.roa (raw, json)
Hash identifier:          8MKfgW3cDciLT6tUUTiQ40EWWr57J7u+627WXIoaAME=
Subject key identifier:   ED:F6:B6:20:B2:05:93:96:56:E8:9D:56:81:CE:8E:FE:45:C2:0F:93
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0185F7E96BF2D932FD9A3334851AE21DA448
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7fa2ILIFk5ZW6J1Wgc6O_kXCD5M.roa
Signing time:             Sat 28 Jan 2023 10:25:47 +0000
ROA not before:           Sat 28 Jan 2023 10:25:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203458
IP address blocks:        87.247.148.0/23 maxlen: 24
                          185.255.170.0/23 maxlen: 24
                          91.188.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Feb 2023 06:28:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f7:e9:6b:f2:d9:32:fd:9a:33:34:85:1a:e2:1d:a4:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 28 10:25:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=edf6b620b205939656e89d5681ce8efe45c20f93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:11:a1:01:de:91:77:a5:c6:59:11:73:40:5e:
                    45:d7:5c:ae:50:ba:94:1e:50:da:33:4a:88:1a:c2:
                    58:47:db:2d:04:a7:7e:b4:9e:c2:a9:c6:0f:44:b4:
                    4a:75:4c:a6:f3:55:85:8a:a5:f5:70:e3:26:03:22:
                    ac:49:0e:8a:7c:8c:ca:44:09:91:e0:00:5f:3c:80:
                    6b:7c:87:82:0d:a9:3c:31:46:58:e5:8b:fa:45:07:
                    25:1c:55:08:02:be:33:ec:66:9b:2c:a1:36:99:a7:
                    93:2f:16:35:3f:1b:9e:80:fc:99:2a:19:8e:f1:1b:
                    05:4b:0a:46:bc:9f:a8:d5:0b:9e:e9:33:06:2f:c8:
                    b6:30:b3:38:30:7e:6e:02:8f:51:bd:28:34:98:80:
                    90:93:07:1e:75:ce:55:41:f9:b6:5a:45:f0:1d:e6:
                    9b:b6:33:88:ad:47:59:89:26:8d:7d:e5:8b:9c:e1:
                    43:dd:c0:7d:8c:33:f1:97:18:12:0a:69:42:42:6e:
                    c8:72:f6:97:4f:22:77:fb:3c:8a:21:5f:48:0c:ae:
                    de:92:d8:42:44:00:fd:79:72:58:d9:b7:50:21:82:
                    de:ac:84:80:be:8b:2e:39:b9:4f:39:04:5d:5a:21:
                    df:ac:2f:3e:b7:cc:3d:15:ef:fa:26:72:23:c1:87:
                    d8:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:F6:B6:20:B2:05:93:96:56:E8:9D:56:81:CE:8E:FE:45:C2:0F:93
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7fa2ILIFk5ZW6J1Wgc6O_kXCD5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.247.148.0/23
                  91.188.206.0/24
                  185.255.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:68:45:9a:37:75:f7:6d:f0:aa:1d:27:04:e9:f9:3d:db:df:
         fa:a0:8a:a5:5d:61:ed:e8:53:25:65:2e:03:c4:d7:53:f9:cb:
         7e:7d:61:b2:82:81:08:c1:19:10:b6:f3:8c:00:4a:e1:e8:d3:
         26:94:42:e6:16:ad:f2:34:82:e8:79:67:90:ef:ea:95:7d:c1:
         a9:5c:ca:94:29:5d:b4:fd:d0:b6:e3:d2:06:8e:18:5f:15:ad:
         53:cf:cc:46:79:b2:80:06:b9:d4:87:3d:95:12:bc:6c:50:cb:
         9c:40:b0:52:57:85:bb:86:97:5c:98:60:b9:df:f4:25:72:1a:
         a2:80:b0:b4:72:9f:13:b5:2d:61:a6:e3:2a:88:a3:f6:c7:43:
         46:6a:87:c1:e5:a4:10:d2:a5:15:cb:b1:44:a8:12:9b:28:43:
         f7:ae:c2:71:6f:28:22:3e:8e:98:aa:0f:b2:84:1d:df:1e:e0:
         4d:ee:f5:c2:4c:44:27:72:dc:d8:9e:7d:53:5d:3d:25:d9:45:
         f9:4c:2e:cf:de:34:39:53:7d:7d:c9:16:e0:21:c4:34:5e:b7:
         78:6b:63:5f:8c:21:7a:94:74:f5:59:d3:1d:4a:25:15:6e:e0:
         1f:5d:e8:5a:93:db:34:14:9b:91:da:bf:69:10:5e:ad:7e:29:
         8f:d3:3d:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYX36Wvy2TL9mjM0hRriHaRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI4MTAyNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGY2YjYyMGIyMDU5Mzk2NTZlODlkNTY4MWNlOGVmZTQ1YzIwZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxGhAd6Rd6XGWRFzQF5F11yuULqU
HlDaM0qIGsJYR9stBKd+tJ7CqcYPRLRKdUym81WFiqX1cOMmAyKsSQ6KfIzKRAmR
4ABfPIBrfIeCDak8MUZY5Yv6RQclHFUIAr4z7GabLKE2maeTLxY1PxuegPyZKhmO
8RsFSwpGvJ+o1Que6TMGL8i2MLM4MH5uAo9RvSg0mICQkwcedc5VQfm2WkXwHeab
tjOIrUdZiSaNfeWLnOFD3cB9jDPxlxgSCmlCQm7IcvaXTyJ3+zyKIV9IDK7ekthC
RAD9eXJY2bdQIYLerISAvosuOblPOQRdWiHfrC8+t8w9Fe/6JnIjwYfYNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO32tiCyBZOWVuidVoHOjv5Fwg+TMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvN2ZhMklMSUZrNVpXNkoxV2djNk9fa1hDRDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV/eUAwQA
W7zOAwQBuf+qMA0GCSqGSIb3DQEBCwUAA4IBAQAhaEWaN3X3bfCqHScE6fk929/6
oIqlXWHt6FMlZS4DxNdT+ct+fWGygoEIwRkQtvOMAErh6NMmlELmFq3yNILoeWeQ
7+qVfcGpXMqUKV20/dC249IGjhhfFa1Tz8xGebKABrnUhz2VErxsUMucQLBSV4W7
hpdcmGC53/QlchqigLC0cp8TtS1hpuMqiKP2x0NGaofB5aQQ0qUVy7FEqBKbKEP3
rsJxbygiPo6Yqg+yhB3fHuBN7vXCTEQnctzYnn1TXT0l2UX5TC7P3jQ5U319yRbg
IcQ0Xrd4a2NfjCF6lHT1WdMdSiUVbuAfXehak9s0FJuR2r9pEF6tfimP0z04
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org