Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/SFXyRTKpXbD-LN0PYV5AcDa-ws8.roa
File:                     SFXyRTKpXbD-LN0PYV5AcDa-ws8.roa (raw, json)
Hash identifier:          ojbSbGMWfXHnKTarZ/Wi1cjCYSRJwjQLv+yb0ba36jQ=
Subject key identifier:   48:55:F2:45:32:A9:5D:B0:FE:2C:DD:0F:61:5E:40:70:36:BE:C2:CF
Certificate issuer:       /CN=613d23f2121327d917d708d8fe153382455959a8
Certificate serial:       0188AFC7923F332FBF61C4DCE7AC7A61F71E
Authority key identifier: 61:3D:23:F2:12:13:27:D9:17:D7:08:D8:FE:15:33:82:45:59:59:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YT0j8hITJ9kX1wjY_hUzgkVZWag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/SFXyRTKpXbD-LN0PYV5AcDa-ws8.roa
Signing time:             Mon 12 Jun 2023 13:24:31 +0000
ROA not before:           Mon 12 Jun 2023 13:24:31 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.209.210.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:af:c7:92:3f:33:2f:bf:61:c4:dc:e7:ac:7a:61:f7:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=613d23f2121327d917d708d8fe153382455959a8
        Validity
            Not Before: Jun 12 13:24:31 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4855f24532a95db0fe2cdd0f615e407036bec2cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:29:a2:35:5d:33:6e:ac:de:08:63:ce:81:b9:
                    0a:db:dc:f0:1d:25:59:3d:eb:3a:cb:ae:df:43:ca:
                    1e:43:57:3a:4f:b0:fa:4f:f0:df:b5:f5:5a:75:72:
                    70:8a:f0:93:bd:02:7d:af:c9:9d:21:8b:22:57:cd:
                    2d:c9:dc:60:01:f0:b0:80:00:54:64:62:89:24:87:
                    02:84:db:88:a8:c2:41:d2:be:5f:c5:05:f1:29:ed:
                    08:b2:35:19:b2:25:89:27:6f:0e:90:67:40:47:40:
                    17:5e:3a:2f:d2:8c:d2:65:35:2c:70:63:89:b6:a4:
                    05:f2:ed:b8:46:24:4f:c6:08:00:75:33:85:d2:c9:
                    8f:92:e9:58:1d:3e:79:4e:89:96:6c:f9:af:f0:ba:
                    1d:27:4e:da:a9:ce:dc:4b:0b:53:77:ad:1d:30:04:
                    b8:43:85:1c:62:ae:32:64:9c:69:a8:86:a1:c2:ad:
                    7e:1c:5b:85:95:b1:4f:a1:dc:86:50:61:d4:c3:fb:
                    bc:35:54:48:dc:94:92:15:82:93:f1:2f:e0:3d:2f:
                    96:4c:25:b6:70:f1:c4:6f:1d:57:d3:c1:3b:c6:d9:
                    8a:21:61:6e:e1:20:f7:f8:93:c0:82:c6:5f:c5:a7:
                    b0:57:49:e5:77:46:b1:e3:50:f8:8b:e0:9f:0d:99:
                    fb:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:55:F2:45:32:A9:5D:B0:FE:2C:DD:0F:61:5E:40:70:36:BE:C2:CF
            X509v3 Authority Key Identifier:
                keyid:61:3D:23:F2:12:13:27:D9:17:D7:08:D8:FE:15:33:82:45:59:59:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YT0j8hITJ9kX1wjY_hUzgkVZWag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/SFXyRTKpXbD-LN0PYV5AcDa-ws8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fce6be-0896-4487-aa34-7a605ba40c1e/1/YT0j8hITJ9kX1wjY_hUzgkVZWag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.209.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:be:e8:de:1f:b4:40:d4:ad:3f:73:e9:7b:28:d8:e5:2a:77:
         7e:59:dd:7f:3b:a5:92:4e:bf:dc:a5:a0:0f:e1:9d:a4:5f:fc:
         8a:31:0e:73:10:52:12:59:8a:89:42:72:ab:be:c7:28:6a:3d:
         40:c6:63:d4:52:c4:97:a0:69:44:d0:5e:22:22:ca:3f:f7:0a:
         20:87:12:1c:37:ec:5e:22:70:8d:ce:8b:8b:22:30:48:7a:be:
         10:1d:3e:e6:98:7b:4c:b3:ae:72:e7:37:49:b2:c8:85:0b:14:
         0e:e0:0b:cd:1a:17:8b:e1:42:43:2f:d5:cf:11:03:79:fe:f8:
         b9:06:0a:f5:9d:47:ed:6b:d1:c6:e5:23:80:83:c4:80:ae:29:
         d7:26:a9:b2:34:05:57:84:fc:d3:94:ae:1f:ce:61:76:4d:fa:
         f5:38:19:e9:a3:40:d9:42:d3:65:e0:37:77:f4:30:a8:8c:8d:
         5a:87:fc:0c:1a:d3:db:53:bc:ea:94:09:50:06:ff:8b:f4:ab:
         60:02:7f:4e:79:11:f5:8b:5a:b3:6b:d2:86:7e:b8:8e:25:65:
         db:6b:da:71:85:6a:31:bf:fc:3d:4a:b6:6c:52:2d:36:b3:95:
         84:98:e7:04:a4:be:f7:60:70:77:72:47:f7:ee:c1:3c:60:9a:
         aa:83:b3:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYivx5I/My+/YcTc56x6YfceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxM2QyM2YyMTIxMzI3ZDkxN2Q3MDhkOGZlMTUzMzgyNDU1
OTU5YTgwHhcNMjMwNjEyMTMyNDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODU1ZjI0NTMyYTk1ZGIwZmUyY2RkMGY2MTVlNDA3MDM2YmVjMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCmiNV0zbqzeCGPOgbkK29zwHSVZ
Pes6y67fQ8oeQ1c6T7D6T/DftfVadXJwivCTvQJ9r8mdIYsiV80tydxgAfCwgABU
ZGKJJIcChNuIqMJB0r5fxQXxKe0IsjUZsiWJJ28OkGdAR0AXXjov0ozSZTUscGOJ
tqQF8u24RiRPxggAdTOF0smPkulYHT55TomWbPmv8LodJ07aqc7cSwtTd60dMAS4
Q4UcYq4yZJxpqIahwq1+HFuFlbFPodyGUGHUw/u8NVRI3JSSFYKT8S/gPS+WTCW2
cPHEbx1X08E7xtmKIWFu4SD3+JPAgsZfxaewV0nld0ax41D4i+CfDZn7/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhV8kUyqV2w/izdD2FeQHA2vsLPMB8GA1UdIwQY
MBaAFGE9I/ISEyfZF9cI2P4VM4JFWVmoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVQwajhoSVRKOWtYMXdqWV9oVXpna1ZaV2FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mY2U2YmUtMDg5Ni00NDg3LWFhMzQt
N2E2MDViYTQwYzFlLzEvU0ZYeVJUS3BYYkQtTE4wUFlWNUFjRGEtd3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mY2U2YmUtMDg5Ni00NDg3LWFhMzQtN2E2MDViYTQwYzFl
LzEvWVQwajhoSVRKOWtYMXdqWV9oVXpna1ZaV2FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudHSMA0G
CSqGSIb3DQEBCwUAA4IBAQB2vujeH7RA1K0/c+l7KNjlKnd+Wd1/O6WSTr/cpaAP
4Z2kX/yKMQ5zEFISWYqJQnKrvscoaj1AxmPUUsSXoGlE0F4iIso/9woghxIcN+xe
InCNzouLIjBIer4QHT7mmHtMs65y5zdJssiFCxQO4AvNGheL4UJDL9XPEQN5/vi5
Bgr1nUfta9HG5SOAg8SArinXJqmyNAVXhPzTlK4fzmF2Tfr1OBnpo0DZQtNl4Dd3
9DCojI1ah/wMGtPbU7zqlAlQBv+L9KtgAn9OeRH1i1qza9KGfriOJWXba9pxhWox
v/w9SrZsUi02s5WEmOcEpL73YHB3ckf37sE8YJqqg7N8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org