Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/_FF226sRN2RBitD4one8rfCvRUE.roa
File:                     _FF226sRN2RBitD4one8rfCvRUE.roa (raw, json)
Hash identifier:          r347L6dNF3yBn//w70z3+ZUth6aTiqkb6Gz+jbcWZ+A=
Subject key identifier:   FC:51:76:DB:AB:11:37:64:41:8A:D0:F8:A2:77:BC:AD:F0:AF:45:41
Certificate issuer:       /CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Certificate serial:       01856ED4B76A17477264CC0E07D52433C1AF
Authority key identifier: 1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/_FF226sRN2RBitD4one8rfCvRUE.roa
Signing time:             Sun 01 Jan 2023 19:35:12 +0000
ROA not before:           Sun 01 Jan 2023 19:35:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39356
IP address blocks:        164.215.106.0/24 maxlen: 24
                          164.215.109.0/24 maxlen: 24
                          164.215.110.0/24 maxlen: 24
                          164.215.108.0/24 maxlen: 24
                          185.68.232.0/24 maxlen: 24
                          185.68.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Mar 2023 10:39:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:b7:6a:17:47:72:64:cc:0e:07:d5:24:33:c1:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
        Validity
            Not Before: Jan  1 19:35:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fc5176dbab113764418ad0f8a277bcadf0af4541
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:56:ad:1d:47:50:13:44:20:be:75:2a:dc:bf:
                    cd:fd:d9:94:83:a5:03:85:65:ba:1a:88:22:a6:3f:
                    30:a8:1b:d5:ed:59:8c:69:39:e8:d5:f2:25:c7:3f:
                    7b:f8:e5:2e:16:ce:4e:06:5e:79:05:37:f2:d1:6a:
                    5e:56:13:44:7d:d7:a2:1c:c0:16:ae:42:e4:d1:c9:
                    7e:59:67:23:f2:58:c3:77:0a:06:37:de:cd:bb:de:
                    0e:5a:4d:1d:4a:4c:79:53:b7:0d:8d:c2:80:22:3d:
                    f0:86:e8:70:fd:f1:7f:a8:c9:9e:35:7b:36:f2:15:
                    57:c5:2d:27:21:cf:75:01:42:ba:7e:d3:c3:8d:e2:
                    ca:52:d3:ed:44:97:e0:6d:3d:78:f9:69:48:98:7a:
                    e0:00:d4:40:c9:31:45:7a:3d:fa:ac:a4:3a:08:eb:
                    ca:e9:01:a1:84:30:54:fc:29:aa:dd:61:d0:8a:cf:
                    d0:f5:aa:10:bf:57:4e:66:39:6d:06:35:6e:af:bf:
                    87:56:0e:36:85:6b:d0:ee:45:05:a8:04:85:10:e7:
                    7a:6a:73:80:61:7d:de:9c:9d:ff:9e:2b:c0:ad:ad:
                    46:e1:47:98:fd:b4:70:33:48:75:73:61:a4:aa:97:
                    fd:c8:76:7a:e6:f9:a2:53:34:43:02:ce:60:65:ae:
                    2c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:51:76:DB:AB:11:37:64:41:8A:D0:F8:A2:77:BC:AD:F0:AF:45:41
            X509v3 Authority Key Identifier:
                keyid:1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/_FF226sRN2RBitD4one8rfCvRUE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.215.106.0/24
                  164.215.108.0-164.215.110.255
                  185.68.232.0/24
                  185.68.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:ea:c1:74:9d:6f:4b:c9:f1:a2:fd:e0:24:03:50:ed:39:76:
         f4:b9:d2:a4:1b:38:40:b2:f3:df:6c:05:67:68:88:e1:92:94:
         c6:d0:16:7b:a1:48:bf:81:13:c1:f6:29:4b:d8:77:6f:91:eb:
         ee:7b:a5:b9:3f:a7:31:b5:78:1b:bc:ca:4b:7c:7f:91:71:17:
         94:52:34:80:46:a1:be:95:e2:a6:1b:07:34:c5:87:65:00:98:
         fd:31:92:92:25:fc:ea:89:ab:c0:b1:38:fa:e2:3e:40:26:b1:
         bf:1d:36:7d:ee:e6:e2:7e:78:27:4b:45:df:a9:84:dc:c3:cc:
         1a:bd:da:2e:7e:82:e9:0e:85:b7:aa:42:72:8b:e6:40:d6:c6:
         e3:cd:21:2f:d1:21:22:3f:18:42:98:55:b6:42:1e:4a:37:9a:
         93:49:91:14:ec:87:b6:59:db:d2:79:37:92:06:77:af:3b:39:
         f3:07:aa:20:0e:34:48:05:92:7f:df:7a:ba:2e:1d:92:16:10:
         23:ae:a7:12:81:5c:02:b7:b1:ed:43:8a:f2:df:fc:b8:cf:3d:
         3f:31:46:16:a1:5e:a9:2c:01:5a:98:79:77:d3:c2:c2:87:97:
         38:dd:92:c7:07:37:36:ef:dd:83:5d:6b:1d:e7:00:e6:e2:e1:
         e1:8d:ed:78
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVu1LdqF0dyZMwOB9UkM8GvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNjViN2I3Yjg5OGZhYWVlNzA3NjdkMDk3MTVjNDM2YTgz
ZmNkYzIwHhcNMjMwMTAxMTkzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzUxNzZkYmFiMTEzNzY0NDE4YWQwZjhhMjc3YmNhZGYwYWY0NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVatHUdQE0QgvnUq3L/N/dmUg6UD
hWW6Gogipj8wqBvV7VmMaTno1fIlxz97+OUuFs5OBl55BTfy0WpeVhNEfdeiHMAW
rkLk0cl+WWcj8ljDdwoGN97Nu94OWk0dSkx5U7cNjcKAIj3whuhw/fF/qMmeNXs2
8hVXxS0nIc91AUK6ftPDjeLKUtPtRJfgbT14+WlImHrgANRAyTFFej36rKQ6COvK
6QGhhDBU/Cmq3WHQis/Q9aoQv1dOZjltBjVur7+HVg42hWvQ7kUFqASFEOd6anOA
YX3enJ3/nivAra1G4UeY/bRwM0h1c2Gkqpf9yHZ65vmiUzRDAs5gZa4sXQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPxRdturETdkQYrQ+KJ3vK3wr0VBMB8GA1UdIwQY
MBaAFB1lt7e4mPqu5wdn0JcVxDaoP83CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUt
OGZjMzczNzU3Njg0LzEvX0ZGMjI2c1JOMlJCaXRENG9uZThyZkN2UlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUtOGZjMzczNzU3Njg0
LzEvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQApNdqMAwD
BAKk12wDBACk124DBAC5ROgDBAC5ROswDQYJKoZIhvcNAQELBQADggEBAK/qwXSd
b0vJ8aL94CQDUO05dvS50qQbOECy899sBWdoiOGSlMbQFnuhSL+BE8H2KUvYd2+R
6+57pbk/pzG1eBu8ykt8f5FxF5RSNIBGob6V4qYbBzTFh2UAmP0xkpIl/OqJq8Cx
OPriPkAmsb8dNn3u5uJ+eCdLRd+phNzDzBq92i5+gukOhbeqQnKL5kDWxuPNIS/R
ISI/GEKYVbZCHko3mpNJkRTsh7ZZ29J5N5IGd687OfMHqiAONEgFkn/ferouHZIW
ECOupxKBXAK3se1DivLf/LjPPT8xRhahXqksAVqYeXfTwsKHlzjdkscHNzbv3YNd
ax3nAObi4eGN7Xg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:40 2024 by rpki-client on console-ams.rpki-client.org