Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/564f3a-52d6-4d09-81e2-efa9391f7d9e/1/s-fqnfSFNTrD6uMmoNGtUbk19Mg.roa
File:                     s-fqnfSFNTrD6uMmoNGtUbk19Mg.roa (raw, json)
Hash identifier:          qi8boUlh+hw+2ZK+c99gbxXRYkv1ihcdmRJWQAgP4to=
Subject key identifier:   B3:E7:EA:9D:F4:85:35:3A:C3:EA:E3:26:A0:D1:AD:51:B9:35:F4:C8
Certificate issuer:       /CN=8bcbdb51eb80226f41477a7bc50e0f961455ed83
Certificate serial:       01856F0B6FD964ED0C37E5C478E7C1D76947
Authority key identifier: 8B:CB:DB:51:EB:80:22:6F:41:47:7A:7B:C5:0E:0F:96:14:55:ED:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i8vbUeuAIm9BR3p7xQ4PlhRV7YM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/564f3a-52d6-4d09-81e2-efa9391f7d9e/1/s-fqnfSFNTrD6uMmoNGtUbk19Mg.roa
Signing time:             Sun 01 Jan 2023 20:34:58 +0000
ROA not before:           Sun 01 Jan 2023 20:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137
IP address blocks:        158.110.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:6f:d9:64:ed:0c:37:e5:c4:78:e7:c1:d7:69:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bcbdb51eb80226f41477a7bc50e0f961455ed83
        Validity
            Not Before: Jan  1 20:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3e7ea9df485353ac3eae326a0d1ad51b935f4c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:db:cc:27:10:93:5a:f3:4a:fa:4b:b2:ab:7f:
                    92:9c:09:e4:90:a0:47:79:d5:da:a6:33:53:3d:72:
                    a8:ae:34:a4:8c:08:16:31:29:bd:e7:03:be:16:4b:
                    51:20:0e:c9:15:b2:11:7b:86:c2:1a:5d:b1:94:f0:
                    9b:6e:8a:6d:ff:5d:95:2e:ac:86:69:4b:a2:4e:6c:
                    80:19:10:0d:dc:43:00:87:89:13:84:a7:7b:b5:2e:
                    64:c3:c5:fd:6c:53:5a:a3:3c:bc:dd:76:85:23:90:
                    13:e0:19:d4:c6:d1:0b:7e:a1:40:2d:b4:7c:b9:79:
                    f4:8a:cc:93:f2:8b:12:a8:d2:43:af:44:7f:bf:41:
                    59:af:cd:43:a0:50:56:d1:e7:72:6c:23:af:2d:a4:
                    41:d7:0e:62:17:7d:eb:8d:59:9b:88:27:bb:96:c3:
                    71:79:3f:bb:ca:f8:f2:41:80:95:4a:91:52:07:b2:
                    aa:73:a7:e9:1c:b3:8b:9a:59:6c:75:69:90:37:e7:
                    ae:82:5e:d3:7d:49:31:70:94:0d:b0:b4:27:15:de:
                    a1:37:38:b5:5f:96:96:11:5e:a7:f7:39:60:95:3f:
                    4c:f5:b7:9e:44:94:8b:6b:fa:39:ed:11:0f:63:88:
                    35:9d:06:86:59:c5:ff:d7:ff:8a:8d:79:30:1b:db:
                    ab:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:E7:EA:9D:F4:85:35:3A:C3:EA:E3:26:A0:D1:AD:51:B9:35:F4:C8
            X509v3 Authority Key Identifier:
                keyid:8B:CB:DB:51:EB:80:22:6F:41:47:7A:7B:C5:0E:0F:96:14:55:ED:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i8vbUeuAIm9BR3p7xQ4PlhRV7YM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/564f3a-52d6-4d09-81e2-efa9391f7d9e/1/s-fqnfSFNTrD6uMmoNGtUbk19Mg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/564f3a-52d6-4d09-81e2-efa9391f7d9e/1/i8vbUeuAIm9BR3p7xQ4PlhRV7YM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.110.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0d:19:7f:a4:1d:bb:79:2a:7d:12:f3:81:46:64:68:99:49:f1:
         78:85:34:c8:a6:97:aa:96:a0:c7:60:90:39:64:ac:de:ca:f5:
         cd:db:b7:88:39:d5:1d:dc:13:1f:a1:fe:25:26:bb:6a:25:1f:
         14:11:9f:e9:8f:c0:b9:02:bc:2b:5e:1c:51:fb:bb:72:3b:da:
         9b:24:19:2d:1f:05:74:98:4f:e9:75:6d:d3:f0:28:00:63:b2:
         a2:88:b3:a1:2a:d0:37:0f:ae:08:9b:72:58:34:6b:8e:0e:f3:
         d1:1c:7c:ef:08:19:64:3d:4b:62:f2:a8:28:30:73:55:35:aa:
         ae:5e:87:1e:80:18:86:09:bb:ce:ce:5d:73:31:13:21:4f:5e:
         51:0a:78:b5:2a:75:b0:d2:01:50:92:7c:90:83:ae:d4:d5:a6:
         51:2e:27:d5:60:25:fa:d7:32:c7:f9:31:b1:4e:41:90:31:50:
         45:df:24:e9:0d:26:4f:38:2f:e5:58:81:b9:0c:8d:1a:93:ba:
         c3:46:15:64:8d:5d:2c:15:aa:1c:3d:23:c4:0b:5b:a6:c3:44:
         71:77:6b:86:4d:01:94:b1:cb:80:b3:39:a1:db:9f:08:8e:ee:
         57:39:27:06:e8:8d:46:64:11:57:f9:c8:4a:54:13:83:0c:d9:
         61:bf:69:b5
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVvC2/ZZO0MN+XEeOfB12lHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiY2JkYjUxZWI4MDIyNmY0MTQ3N2E3YmM1MGUwZjk2MTQ1
NWVkODMwHhcNMjMwMTAxMjAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2U3ZWE5ZGY0ODUzNTNhYzNlYWUzMjZhMGQxYWQ1MWI5MzVmNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdvMJxCTWvNK+kuyq3+SnAnkkKBH
edXapjNTPXKorjSkjAgWMSm95wO+FktRIA7JFbIRe4bCGl2xlPCbbopt/12VLqyG
aUuiTmyAGRAN3EMAh4kThKd7tS5kw8X9bFNaozy83XaFI5AT4BnUxtELfqFALbR8
uXn0isyT8osSqNJDr0R/v0FZr81DoFBW0edybCOvLaRB1w5iF33rjVmbiCe7lsNx
eT+7yvjyQYCVSpFSB7Kqc6fpHLOLmllsdWmQN+eugl7TfUkxcJQNsLQnFd6hNzi1
X5aWEV6n9zlglT9M9beeRJSLa/o57REPY4g1nQaGWcX/1/+KjXkwG9urvwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLPn6p30hTU6w+rjJqDRrVG5NfTIMB8GA1UdIwQY
MBaAFIvL21HrgCJvQUd6e8UOD5YUVe2DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTh2YlVldUFJbTlCUjNwN3hRNFBsaFJWN1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy81NjRmM2EtNTJkNi00ZDA5LTgxZTIt
ZWZhOTM5MWY3ZDllLzEvcy1mcW5mU0ZOVHJENnVNbW9OR3RVYmsxOU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy81NjRmM2EtNTJkNi00ZDA5LTgxZTItZWZhOTM5MWY3ZDll
LzEvaTh2YlVldUFJbTlCUjNwN3hRNFBsaFJWN1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnm4wDQYJ
KoZIhvcNAQELBQADggEBAA0Zf6Qdu3kqfRLzgUZkaJlJ8XiFNMiml6qWoMdgkDlk
rN7K9c3bt4g51R3cEx+h/iUmu2olHxQRn+mPwLkCvCteHFH7u3I72pskGS0fBXSY
T+l1bdPwKABjsqKIs6Eq0DcPrgibclg0a44O89EcfO8IGWQ9S2LyqCgwc1U1qq5e
hx6AGIYJu87OXXMxEyFPXlEKeLUqdbDSAVCSfJCDrtTVplEuJ9VgJfrXMsf5MbFO
QZAxUEXfJOkNJk84L+VYgbkMjRqTusNGFWSNXSwVqhw9I8QLW6bDRHF3a4ZNAZSx
y4CzOaHbnwiO7lc5JwbojUZkEVf5yEpUE4MM2WG/abU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:50 2024 by rpki-client on console-fra.rpki-client.org