Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/_R4MDVbB9mwU01cNsCUXYC7VCbM.roa
File:                     _R4MDVbB9mwU01cNsCUXYC7VCbM.roa (raw, json)
Hash identifier:          rP/8LrLh1SN4x6gqA0QlgSCAxPA6eHBKzVXffsct5TA=
Subject key identifier:   FD:1E:0C:0D:56:C1:F6:6C:14:D3:57:0D:B0:25:17:60:2E:D5:09:B3
Certificate issuer:       /CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Certificate serial:       01891BD4FCA8D461D85EE167D43B6667BEE8
Authority key identifier: 4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/_R4MDVbB9mwU01cNsCUXYC7VCbM.roa
Signing time:             Mon 03 Jul 2023 12:58:10 +0000
ROA not before:           Mon 03 Jul 2023 12:58:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205975
IP address blocks:        212.46.58.0/24 maxlen: 24
                          176.10.0.0/20 maxlen: 24
                          80.79.48.0/20 maxlen: 24
                          147.189.155.0/24 maxlen: 24
                          2a12:f40::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1b:d4:fc:a8:d4:61:d8:5e:e1:67:d4:3b:66:67:be:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
        Validity
            Not Before: Jul  3 12:58:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd1e0c0d56c1f66c14d3570db02517602ed509b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:be:87:14:6d:1e:79:48:02:78:ae:39:c5:fe:
                    b3:b2:22:8e:b0:ce:8c:82:2e:5e:98:fc:8b:0b:11:
                    7c:97:f7:31:dd:78:6d:77:d2:26:6f:03:8e:6a:b7:
                    6a:dd:62:c4:6e:a3:e8:90:1e:9f:94:8e:16:c8:9f:
                    1a:97:06:4b:84:0b:90:57:ad:06:c2:9f:a2:e7:09:
                    e3:6b:55:41:63:3d:20:78:c7:c0:6b:07:0c:86:54:
                    d6:94:75:7a:fb:11:b6:4c:eb:e0:24:b3:0d:4c:cd:
                    50:dc:3d:55:8e:1c:82:a1:61:06:f1:f5:51:b5:f3:
                    88:d1:10:65:24:80:0e:22:48:ab:b0:07:e9:61:ed:
                    3f:00:f0:b1:a0:d5:d0:5f:7e:1c:9f:72:0c:94:53:
                    0f:d0:c2:a7:1b:0c:91:e4:12:d0:d3:52:ae:6a:85:
                    59:0f:96:f8:1b:f4:04:3d:5c:1d:6a:e3:5b:f1:fc:
                    ff:82:86:57:d7:6f:10:44:33:6e:32:49:75:ca:d6:
                    a9:a9:ea:ba:82:5a:20:51:40:2b:b9:29:81:2b:e9:
                    ab:26:e6:2b:f9:2d:5c:5e:85:56:c2:21:c0:32:f8:
                    6f:8d:d3:8a:e1:28:1d:b6:65:8b:04:06:a1:0e:ca:
                    f4:e7:c8:dd:27:cf:ec:6a:87:6f:fc:86:62:0c:39:
                    65:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:1E:0C:0D:56:C1:F6:6C:14:D3:57:0D:B0:25:17:60:2E:D5:09:B3
            X509v3 Authority Key Identifier:
                keyid:4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/_R4MDVbB9mwU01cNsCUXYC7VCbM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/TyESy_bcyN00ROTs7ShEVzEPcNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.79.48.0/20
                  147.189.155.0/24
                  176.10.0.0/20
                  212.46.58.0/24
                IPv6:
                  2a12:f40::/29

    Signature Algorithm: sha256WithRSAEncryption
         13:bc:be:98:94:72:8a:78:c8:51:c7:63:b3:3d:20:31:bf:d6:
         26:bb:1b:07:36:4a:49:ac:dc:77:9c:f6:fd:7c:82:a2:57:6d:
         e7:ab:71:a9:96:eb:71:f3:dc:26:01:96:1a:74:3a:41:45:da:
         f1:eb:ee:4c:da:4c:dd:94:e5:67:4c:d3:e9:63:b5:d0:65:30:
         48:a2:63:7a:13:53:77:6f:b1:dd:9b:e4:70:84:e5:a8:c5:85:
         6e:26:20:c0:eb:ab:60:36:8e:70:a3:76:fd:a1:35:4a:37:82:
         61:36:b3:4f:87:c4:94:6f:89:0d:a1:80:25:c7:11:13:a2:b9:
         2c:9f:d7:3e:a7:3b:2a:97:ce:e8:2a:75:e4:e7:0e:7c:15:59:
         e1:0d:11:87:20:c6:51:6a:1c:3c:ae:6c:a2:c5:c7:e1:25:3d:
         34:e6:fd:a1:e7:a0:0b:be:0e:57:48:68:28:8c:17:2e:1f:79:
         39:c8:27:b6:c1:5c:6d:56:80:0e:da:2f:88:d1:69:4a:2e:63:
         c1:ec:b9:01:4f:aa:2c:e5:77:70:2e:24:f8:ea:39:94:a5:dd:
         a1:af:01:f2:8a:78:99:5a:26:8f:dc:8c:d6:e1:e4:17:7d:de:
         77:19:3d:01:19:68:f5:0d:a4:e7:e5:9c:8c:4f:62:33:fd:50:
         6c:5e:da:50
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYkb1Pyo1GHYXuFn1DtmZ77oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjExMmNiZjZkY2M4ZGQzNDQ0ZTRlY2VkMjg0NDU3MzEw
ZjcwZDIwHhcNMjMwNzAzMTI1ODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDFlMGMwZDU2YzFmNjZjMTRkMzU3MGRiMDI1MTc2MDJlZDUwOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr6HFG0eeUgCeK45xf6zsiKOsM6M
gi5emPyLCxF8l/cx3Xhtd9ImbwOOardq3WLEbqPokB6flI4WyJ8alwZLhAuQV60G
wp+i5wnja1VBYz0geMfAawcMhlTWlHV6+xG2TOvgJLMNTM1Q3D1VjhyCoWEG8fVR
tfOI0RBlJIAOIkirsAfpYe0/APCxoNXQX34cn3IMlFMP0MKnGwyR5BLQ01KuaoVZ
D5b4G/QEPVwdauNb8fz/goZX128QRDNuMkl1ytapqeq6glogUUAruSmBK+mrJuYr
+S1cXoVWwiHAMvhvjdOK4SgdtmWLBAahDsr058jdJ8/saodv/IZiDDllhQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFP0eDA1WwfZsFNNXDbAlF2Au1QmzMB8GA1UdIwQY
MBaAFE8hEsv23MjdNETk7O0oRFcxD3DSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMt
YjI3OThjMWEwMzI3LzEvX1I0TURWYkI5bXdVMDFjTnNDVVhZQzdWQ2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMtYjI3OThjMWEwMzI3
LzEvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUE8wAwQA
k72bAwQEsAoAAwQA1C46MA0EAgACMAcDBQMqEg9AMA0GCSqGSIb3DQEBCwUAA4IB
AQATvL6YlHKKeMhRx2OzPSAxv9YmuxsHNkpJrNx3nPb9fIKiV23nq3Gplutx89wm
AZYadDpBRdrx6+5M2kzdlOVnTNPpY7XQZTBIomN6E1N3b7Hdm+RwhOWoxYVuJiDA
66tgNo5wo3b9oTVKN4JhNrNPh8SUb4kNoYAlxxETorksn9c+pzsql87oKnXk5w58
FVnhDRGHIMZRahw8rmyixcfhJT005v2h56ALvg5XSGgojBcuH3k5yCe2wVxtVoAO
2i+I0WlKLmPB7LkBT6os5XdwLiT46jmUpd2hrwHyiniZWiaP3IzW4eQXfd53GT0B
GWj1DaTn5ZyMT2Iz/VBsXtpQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:54 2024 by rpki-client on console-ams.rpki-client.org