Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FnV0VL3pRW1OVkgZfBMJL2imy98.roa
File:                     FnV0VL3pRW1OVkgZfBMJL2imy98.roa (raw, json)
Hash identifier:          O0DnMlOIYtp+TjBZbVDTHK5aZg+FiWMyjznEFji6vPU=
Subject key identifier:   16:75:74:54:BD:E9:45:6D:4E:56:48:19:7C:13:09:2F:68:A6:CB:DF
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C23FACBE7BF84BEE5150370B3FA5C
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FnV0VL3pRW1OVkgZfBMJL2imy98.roa
Signing time:             Mon 02 Jan 2023 05:54:59 +0000
ROA not before:           Mon 02 Jan 2023 05:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50916
IP address blocks:        185.172.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 24 Sep 2023 09:42:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:23:fa:cb:e7:bf:84:be:e5:15:03:70:b3:fa:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16757454bde9456d4e5648197c13092f68a6cbdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ce:a3:6f:10:65:ec:60:35:ab:c4:82:73:a4:
                    e2:57:00:e6:4a:b5:37:ba:1a:4f:c8:57:e7:6d:2a:
                    28:f6:b5:75:34:09:28:24:1a:c4:a5:d5:0c:3a:b5:
                    e2:92:21:bf:a6:1d:96:a3:70:09:3d:83:22:b2:07:
                    0b:ff:38:ad:10:33:ff:3e:f4:bd:16:9e:c6:64:38:
                    6f:3f:04:9a:f8:3f:53:02:8d:02:2c:44:64:7a:b8:
                    77:ad:3c:6c:03:ec:17:ad:69:2b:a8:6b:ae:80:c7:
                    e6:77:30:e4:41:f3:a1:97:5d:cb:47:8b:07:63:47:
                    bb:ba:08:50:06:b1:83:58:ad:0b:aa:ef:cf:26:1b:
                    57:a4:bb:c4:21:65:08:61:42:00:08:bc:d2:f8:3d:
                    b9:10:75:17:05:a8:c5:c3:5c:47:53:62:cc:33:e6:
                    0e:2d:79:35:69:b1:b2:68:02:4f:21:ba:fa:bb:10:
                    fb:29:7f:d4:01:c7:44:33:ec:09:e4:10:ad:10:ca:
                    95:6b:fd:f4:30:93:21:16:83:85:85:1f:12:3c:40:
                    2a:60:a0:5f:88:5b:29:6c:82:18:d9:a9:60:8a:67:
                    46:f1:92:c6:e0:e6:4a:33:73:50:ae:75:ee:c3:5b:
                    39:45:b2:5c:05:8c:c0:e1:1d:a6:37:7f:37:e0:9a:
                    2a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:75:74:54:BD:E9:45:6D:4E:56:48:19:7C:13:09:2F:68:A6:CB:DF
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FnV0VL3pRW1OVkgZfBMJL2imy98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:c7:83:a0:84:2e:05:19:7d:c2:bc:66:f9:a4:af:9b:c8:dc:
         f8:11:55:6a:11:23:40:ac:2c:c9:28:91:6e:bf:ef:f1:77:d0:
         eb:72:4c:5e:23:49:fc:16:5b:ea:ad:03:be:65:1a:47:db:91:
         cb:38:1f:aa:59:69:10:5b:91:97:3c:92:ea:79:fd:8d:5f:b8:
         6f:c7:e5:fa:58:39:0c:a3:0c:dd:16:ed:62:7e:69:90:65:f2:
         5a:7f:23:2f:6b:db:40:b5:35:1a:ad:f0:af:14:fc:27:da:5a:
         e4:c9:a1:35:55:93:5d:86:a5:16:d5:d1:4c:6e:aa:53:a6:ea:
         41:c5:f4:38:3d:ea:42:d5:41:8e:a2:3a:84:dd:7c:c2:4d:cc:
         6a:5b:3e:0c:4f:18:48:36:2b:b6:ab:73:b6:88:1b:30:a1:04:
         63:0b:0b:a1:b4:db:23:d6:4f:b2:16:a9:d0:9a:72:94:58:91:
         00:dd:ec:00:a5:fe:61:79:6c:d0:b5:35:11:67:31:fb:ac:f4:
         b5:37:93:bc:a0:aa:18:c9:81:aa:58:13:4c:aa:1e:be:57:cc:
         54:6e:5b:ef:aa:bb:d5:c2:e9:3a:73:4b:22:fd:be:ab:1f:83:
         84:8c:85:e8:c5:b8:d4:1d:4a:66:4e:4c:fd:d0:d6:56:2f:17:
         27:e3:80:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDCP6y+e/hL7lFQNws/pcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjc1NzQ1NGJkZTk0NTZkNGU1NjQ4MTk3YzEzMDkyZjY4YTZjYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1c6jbxBl7GA1q8SCc6TiVwDmSrU3
uhpPyFfnbSoo9rV1NAkoJBrEpdUMOrXikiG/ph2Wo3AJPYMisgcL/zitEDP/PvS9
Fp7GZDhvPwSa+D9TAo0CLERkerh3rTxsA+wXrWkrqGuugMfmdzDkQfOhl13LR4sH
Y0e7ughQBrGDWK0Lqu/PJhtXpLvEIWUIYUIACLzS+D25EHUXBajFw1xHU2LMM+YO
LXk1abGyaAJPIbr6uxD7KX/UAcdEM+wJ5BCtEMqVa/30MJMhFoOFhR8SPEAqYKBf
iFspbIIY2algimdG8ZLG4OZKM3NQrnXuw1s5RbJcBYzA4R2mN3834JoqDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBZ1dFS96UVtTlZIGXwTCS9opsvfMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvRm5WMFZMM3BSVzFPVmtnWmZCTUpMMmlteTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuayAMA0G
CSqGSIb3DQEBCwUAA4IBAQAhx4OghC4FGX3CvGb5pK+byNz4EVVqESNArCzJKJFu
v+/xd9DrckxeI0n8FlvqrQO+ZRpH25HLOB+qWWkQW5GXPJLqef2NX7hvx+X6WDkM
owzdFu1ifmmQZfJafyMva9tAtTUarfCvFPwn2lrkyaE1VZNdhqUW1dFMbqpTpupB
xfQ4PepC1UGOojqE3XzCTcxqWz4MTxhINiu2q3O2iBswoQRjCwuhtNsj1k+yFqnQ
mnKUWJEA3ewApf5heWzQtTURZzH7rPS1N5O8oKoYyYGqWBNMqh6+V8xUblvvqrvV
wuk6c0si/b6rH4OEjIXoxbjUHUpmTkz90NZWLxcn44Bx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org