Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/v7mZGHLSME0YFdQax3VCz4Gdha0.roa
File:                     v7mZGHLSME0YFdQax3VCz4Gdha0.roa (raw, json)
Hash identifier:          EifobxGwUL3e6R58PMHD6Zk/jL40C+6IYXOSVVmfkbU=
Subject key identifier:   BF:B9:99:18:72:D2:30:4D:18:15:D4:1A:C7:75:42:CF:81:9D:85:AD
Certificate issuer:       /CN=f19655b59a864cad73cc295f4f78ff83cae86aac
Certificate serial:       018570674C49EA6B49F76264EB847DE7C25A
Authority key identifier: F1:96:55:B5:9A:86:4C:AD:73:CC:29:5F:4F:78:FF:83:CA:E8:6A:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8ZZVtZqGTK1zzClfT3j_g8roaqw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/v7mZGHLSME0YFdQax3VCz4Gdha0.roa
Signing time:             Mon 02 Jan 2023 02:54:55 +0000
ROA not before:           Mon 02 Jan 2023 02:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47777
IP address blocks:        46.19.56.0/21 maxlen: 24
                          94.125.24.0/21 maxlen: 24
                          185.15.180.0/22 maxlen: 22
                          185.15.183.0/24 maxlen: 24
                          2a00:1b40::/32 maxlen: 64

Validation:               Failed, certificate revoked on Tue 18 Apr 2023 16:15:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:4c:49:ea:6b:49:f7:62:64:eb:84:7d:e7:c2:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f19655b59a864cad73cc295f4f78ff83cae86aac
        Validity
            Not Before: Jan  2 02:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bfb9991872d2304d1815d41ac77542cf819d85ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:61:bd:ad:d5:4a:65:d9:df:e7:a7:37:18:38:
                    bb:da:d8:e2:90:de:aa:75:f3:07:a5:86:d0:12:7e:
                    df:84:2d:c4:91:68:de:ef:c7:77:cd:96:5d:43:29:
                    da:a4:ae:77:65:27:28:9f:8d:57:98:0c:9a:88:98:
                    a4:c9:74:26:79:81:34:10:82:af:da:4e:0d:9e:09:
                    71:3d:62:bf:0d:98:aa:e8:d9:69:0c:ec:03:b9:65:
                    fc:cd:9c:c2:a5:6e:01:54:3f:70:ab:8b:00:1e:6b:
                    65:a7:47:7c:74:00:92:d7:07:9e:cc:b6:6c:06:df:
                    c5:ee:02:96:b4:cc:1e:0a:e4:83:6d:44:26:9f:de:
                    9c:bb:68:e1:5c:4c:ff:bc:fe:54:75:49:55:c2:2f:
                    98:13:6f:a9:d0:70:4e:f0:7d:a0:a6:70:db:00:2f:
                    b4:0c:61:60:74:6f:4f:3c:99:76:ea:96:52:79:4d:
                    ba:a5:10:8d:c0:6a:4b:5a:cc:76:ac:a4:6f:9f:db:
                    49:48:45:f1:70:71:73:f9:5c:e6:b9:2e:8b:69:5c:
                    76:c8:b4:0f:32:22:8f:c6:ab:d4:42:8a:9e:25:c2:
                    d0:cd:ff:eb:3c:9b:7f:40:bc:79:79:42:b9:81:82:
                    f7:f3:4b:12:d8:ce:03:43:b3:66:53:44:98:d6:ca:
                    56:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:B9:99:18:72:D2:30:4D:18:15:D4:1A:C7:75:42:CF:81:9D:85:AD
            X509v3 Authority Key Identifier:
                keyid:F1:96:55:B5:9A:86:4C:AD:73:CC:29:5F:4F:78:FF:83:CA:E8:6A:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ZZVtZqGTK1zzClfT3j_g8roaqw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/v7mZGHLSME0YFdQax3VCz4Gdha0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/2bd1dc-ade1-46c9-b9c0-339ee700af6f/1/8ZZVtZqGTK1zzClfT3j_g8roaqw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.19.56.0/21
                  94.125.24.0/21
                  185.15.180.0/22
                IPv6:
                  2a00:1b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         b1:e6:65:3f:22:74:d7:7a:da:c8:2b:5e:83:c4:d5:b2:e7:1e:
         4f:c2:55:56:eb:1f:be:2c:b1:e7:92:40:b0:a8:d5:60:90:1b:
         a2:c0:08:db:c9:72:47:56:2b:a9:c7:1c:49:04:49:ce:5b:22:
         80:4d:4c:00:d7:91:27:63:23:7b:ed:5b:41:2a:64:b3:d2:0a:
         42:2b:95:b5:8e:b9:4b:dd:f8:a5:cc:05:cb:1d:7c:c3:30:6a:
         62:83:96:79:0e:95:96:a7:2e:b5:5f:77:6c:44:78:be:1e:ec:
         7f:4a:21:06:5d:f4:32:a1:2c:79:bc:a4:85:06:82:8e:dc:28:
         0b:1b:73:d8:92:f0:1b:a6:ad:6d:f9:e0:be:af:6c:54:40:73:
         e9:e0:14:64:1d:a1:37:40:1c:53:3f:56:66:91:20:86:bf:55:
         50:69:06:7b:7c:b2:e9:67:c7:a1:e8:89:64:90:99:80:75:9b:
         54:64:8c:d6:50:12:7a:5d:da:74:f0:98:fa:d9:2e:fb:a6:2a:
         61:ee:d2:38:4b:d6:33:d6:77:34:f2:97:c0:e1:5b:0c:72:b0:
         01:74:96:7a:44:0a:42:66:5b:18:25:c5:93:c2:c8:79:24:a2:
         7b:76:79:7b:ad:7c:dc:b8:e7:60:43:69:57:c8:1c:2a:72:5e:
         d8:3c:76:a9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwZ0xJ6mtJ92Jk64R958JaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxOTY1NWI1OWE4NjRjYWQ3M2NjMjk1ZjRmNzhmZjgzY2Fl
ODZhYWMwHhcNMjMwMTAyMDI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmI5OTkxODcyZDIzMDRkMTgxNWQ0MWFjNzc1NDJjZjgxOWQ4NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGG9rdVKZdnf56c3GDi72tjikN6q
dfMHpYbQEn7fhC3EkWje78d3zZZdQynapK53ZScon41XmAyaiJikyXQmeYE0EIKv
2k4NnglxPWK/DZiq6NlpDOwDuWX8zZzCpW4BVD9wq4sAHmtlp0d8dACS1weezLZs
Bt/F7gKWtMweCuSDbUQmn96cu2jhXEz/vP5UdUlVwi+YE2+p0HBO8H2gpnDbAC+0
DGFgdG9PPJl26pZSeU26pRCNwGpLWsx2rKRvn9tJSEXxcHFz+VzmuS6LaVx2yLQP
MiKPxqvUQoqeJcLQzf/rPJt/QLx5eUK5gYL380sS2M4DQ7NmU0SY1spWfQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL+5mRhy0jBNGBXUGsd1Qs+BnYWtMB8GA1UdIwQY
MBaAFPGWVbWahkytc8wpX094/4PK6GqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFpaVnRacUdUSzF6ekNsZlQzal9nOHJvYXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yYmQxZGMtYWRlMS00NmM5LWI5YzAt
MzM5ZWU3MDBhZjZmLzEvdjdtWkdITFNNRTBZRmRRYXgzVkN6NEdkaGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yYmQxZGMtYWRlMS00NmM5LWI5YzAtMzM5ZWU3MDBhZjZm
LzEvOFpaVnRacUdUSzF6ekNsZlQzal9nOHJvYXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLhM4AwQD
Xn0YAwQCuQ+0MA0EAgACMAcDBQAqABtAMA0GCSqGSIb3DQEBCwUAA4IBAQCx5mU/
InTXetrIK16DxNWy5x5PwlVW6x++LLHnkkCwqNVgkBuiwAjbyXJHViupxxxJBEnO
WyKATUwA15EnYyN77VtBKmSz0gpCK5W1jrlL3filzAXLHXzDMGpig5Z5DpWWpy61
X3dsRHi+Hux/SiEGXfQyoSx5vKSFBoKO3CgLG3PYkvAbpq1t+eC+r2xUQHPp4BRk
HaE3QBxTP1ZmkSCGv1VQaQZ7fLLpZ8eh6IlkkJmAdZtUZIzWUBJ6Xdp08Jj62S77
piph7tI4S9Yz1nc08pfA4VsMcrABdJZ6RApCZlsYJcWTwsh5JKJ7dnl7rXzcuOdg
Q2lXyBwqcl7YPHap
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:09 2024 by rpki-client on console-fra.rpki-client.org