Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/Fln5NrY3vmd1LH_XU57rSQzVA_c.roa
File:                     Fln5NrY3vmd1LH_XU57rSQzVA_c.roa (raw, json)
Hash identifier:          sJkDqOEg/wed6wkOzso3On8NKAI0m6UVsvCVuTrUkBM=
Subject key identifier:   16:59:F9:36:B6:37:BE:67:75:2C:7F:D7:53:9E:EB:49:0C:D5:03:F7
Certificate issuer:       /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial:       01856DD3E6BAE53E2D175663EE588916D76B
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/Fln5NrY3vmd1LH_XU57rSQzVA_c.roa
Signing time:             Sun 01 Jan 2023 14:54:41 +0000
ROA not before:           Sun 01 Jan 2023 14:54:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206376
IP address blocks:        185.106.240.0/24 maxlen: 24
                          185.106.242.0/24 maxlen: 24
                          2a06:4100::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d3:e6:ba:e5:3e:2d:17:56:63:ee:58:89:16:d7:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
        Validity
            Not Before: Jan  1 14:54:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1659f936b637be67752c7fd7539eeb490cd503f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:74:fa:44:6b:eb:e7:1f:a0:5e:dd:41:c6:f4:
                    c9:3d:6e:42:6d:b4:9c:18:93:8f:37:8e:09:b2:d8:
                    47:77:c6:fb:9a:ab:9f:66:75:d9:ea:05:20:17:2d:
                    d9:4b:0d:7b:4b:8c:88:30:60:58:22:9e:6c:2d:7a:
                    43:1b:ed:b2:24:7b:2c:99:52:48:0b:a9:8e:b7:db:
                    bc:21:ff:61:0a:61:a8:ef:f5:a9:e3:7c:bb:6b:46:
                    94:0f:1a:c7:3f:b2:67:10:db:38:a4:ba:54:43:18:
                    9a:66:51:fa:85:2d:f9:d7:8b:39:bf:0d:a3:5e:29:
                    18:c0:05:79:c9:61:2e:3b:7c:b5:ef:f3:cc:b6:fc:
                    87:45:c2:e2:a0:c2:a7:c3:ea:0e:3d:e3:7b:f7:e4:
                    ea:b6:aa:9a:d4:1a:f5:b4:fc:5e:e6:cf:39:05:57:
                    92:1b:ff:89:29:af:1b:1b:c5:28:57:e4:85:1d:1d:
                    e5:20:14:ce:43:e5:0d:5b:1a:a6:8c:84:56:dc:84:
                    8e:28:d4:58:7b:bf:52:05:e8:b5:3f:8a:74:a2:7f:
                    24:f0:c6:a0:4b:56:75:c5:90:17:0a:81:5b:7b:b9:
                    fb:17:6d:69:96:3b:2a:85:9a:f3:8f:e8:05:d1:62:
                    ba:fc:e0:4b:87:56:bf:b9:d5:80:da:d4:39:30:1f:
                    64:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:59:F9:36:B6:37:BE:67:75:2C:7F:D7:53:9E:EB:49:0C:D5:03:F7
            X509v3 Authority Key Identifier:
                keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/Fln5NrY3vmd1LH_XU57rSQzVA_c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.106.240.0/24
                  185.106.242.0/24
                IPv6:
                  2a06:4100::/32

    Signature Algorithm: sha256WithRSAEncryption
         8a:f2:3a:1d:71:15:17:71:e3:93:dc:31:63:48:fd:0a:1f:65:
         ee:82:e1:be:a6:a5:f4:c4:37:c5:5d:4e:a6:fa:3b:2b:f7:d6:
         f6:ab:76:4d:8a:ca:43:e6:57:95:db:37:77:fd:4a:d7:4f:5e:
         f5:3f:43:0f:85:9d:65:08:85:5b:40:e2:5f:23:ec:c7:9d:3e:
         f6:00:35:b1:64:0a:60:28:88:1b:27:af:cb:59:18:8e:8c:04:
         3b:ac:ce:4f:3d:cd:ca:2f:22:28:ad:13:5e:4b:2f:45:b4:eb:
         d8:54:66:ec:d2:5e:61:cf:5f:a8:d7:8e:43:1b:83:15:be:1a:
         86:06:f7:6c:67:fb:ef:7f:5b:b8:68:f2:b8:0e:ce:5d:a9:9c:
         cc:71:1a:5a:42:1e:76:92:8c:bb:8b:d8:fa:72:e0:c4:46:32:
         82:39:b1:c1:6a:eb:d7:07:65:5c:7c:d0:ba:d3:54:af:12:4b:
         35:6e:9c:7c:42:39:96:41:36:8a:68:1b:10:ab:fa:15:ec:2f:
         1b:27:f8:95:b2:ba:95:c1:65:6c:a2:10:dc:b8:40:d4:8b:01:
         09:ea:bc:76:74:f4:2f:47:10:89:30:45:db:61:7b:c7:82:c4:
         0a:a9:ee:84:2b:0f:08:5b:27:9a:ac:3c:eb:5b:80:e7:e3:20:
         29:6e:6d:d6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVt0+a65T4tF1Zj7liJFtdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjMwMTAxMTQ1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjU5ZjkzNmI2MzdiZTY3NzUyYzdmZDc1MzllZWI0OTBjZDUwM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3T6RGvr5x+gXt1BxvTJPW5CbbSc
GJOPN44JsthHd8b7mqufZnXZ6gUgFy3ZSw17S4yIMGBYIp5sLXpDG+2yJHssmVJI
C6mOt9u8If9hCmGo7/Wp43y7a0aUDxrHP7JnENs4pLpUQxiaZlH6hS3514s5vw2j
XikYwAV5yWEuO3y17/PMtvyHRcLioMKnw+oOPeN79+Tqtqqa1Br1tPxe5s85BVeS
G/+JKa8bG8UoV+SFHR3lIBTOQ+UNWxqmjIRW3ISOKNRYe79SBei1P4p0on8k8Mag
S1Z1xZAXCoFbe7n7F21pljsqhZrzj+gF0WK6/OBLh1a/udWA2tQ5MB9kUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBZZ+Ta2N75ndSx/11Oe60kM1QP3MB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvRmxuNU5yWTN2bWQxTEhfWFU1N3JTUXpWQV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuWrwAwQA
uWryMA0EAgACMAcDBQAqBkEAMA0GCSqGSIb3DQEBCwUAA4IBAQCK8jodcRUXceOT
3DFjSP0KH2XuguG+pqX0xDfFXU6m+jsr99b2q3ZNispD5leV2zd3/UrXT171P0MP
hZ1lCIVbQOJfI+zHnT72ADWxZApgKIgbJ6/LWRiOjAQ7rM5PPc3KLyIorRNeSy9F
tOvYVGbs0l5hz1+o145DG4MVvhqGBvdsZ/vvf1u4aPK4Ds5dqZzMcRpaQh52koy7
i9j6cuDERjKCObHBauvXB2VcfNC601SvEks1bpx8QjmWQTaKaBsQq/oV7C8bJ/iV
srqVwWVsohDcuEDUiwEJ6rx2dPQvRxCJMEXbYXvHgsQKqe6EKw8IWyearDzrW4Dn
4yApbm3W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:24 2024 by rpki-client on console-ams.rpki-client.org