Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/f4PI9VxuHGWr17yJ3onacWRMyw0.roa
File:                     f4PI9VxuHGWr17yJ3onacWRMyw0.roa (raw, json)
Hash identifier:          n4v8bZIKo+4ZmFW9fkJmnYf6XuK0Zss55G887V8NDbo=
Subject key identifier:   7F:83:C8:F5:5C:6E:1C:65:AB:D7:BC:89:DE:89:DA:71:64:4C:CB:0D
Certificate issuer:       /CN=677b43f538f0ae720e527b2a6c0b8a876d96c947
Certificate serial:       01856FCBA026C4022C93504773AB10EECE29
Authority key identifier: 67:7B:43:F5:38:F0:AE:72:0E:52:7B:2A:6C:0B:8A:87:6D:96:C9:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/f4PI9VxuHGWr17yJ3onacWRMyw0.roa
Signing time:             Mon 02 Jan 2023 00:04:53 +0000
ROA not before:           Mon 02 Jan 2023 00:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205235
IP address blocks:        185.38.175.0/24 maxlen: 24
                          2a01:4262:1ab::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:a0:26:c4:02:2c:93:50:47:73:ab:10:ee:ce:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=677b43f538f0ae720e527b2a6c0b8a876d96c947
        Validity
            Not Before: Jan  2 00:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f83c8f55c6e1c65abd7bc89de89da71644ccb0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:f3:c3:d4:61:b9:56:e8:87:3a:8a:59:ff:e1:
                    75:91:ef:58:29:67:bf:40:e1:e3:d0:51:8f:45:93:
                    76:26:36:80:da:8d:cd:6a:99:65:f5:16:2b:a5:0d:
                    94:68:4a:82:6c:d6:7e:fd:e6:c8:5a:3a:55:9c:ed:
                    a2:79:fe:21:ee:f5:3a:b8:5b:2a:a1:d5:80:5c:be:
                    fa:08:42:fa:4d:b3:28:84:d5:23:f1:28:d9:0b:55:
                    db:bf:95:69:5d:c8:95:e0:af:1e:80:a2:14:93:5e:
                    66:15:55:d3:a9:17:c4:bd:bd:77:7c:50:66:03:2f:
                    b8:f1:ea:8d:68:fd:01:11:b7:7d:92:2c:91:dd:c2:
                    33:2c:41:21:ba:91:fc:39:c4:40:e3:18:36:36:8a:
                    b0:b7:43:7e:3e:a7:14:e0:0a:71:8a:5d:a8:e0:42:
                    28:56:9e:be:e8:e7:99:bd:42:d5:41:81:1f:3e:9d:
                    37:48:5e:06:ad:9d:9a:7b:ea:ab:b5:21:fa:e7:a0:
                    26:96:8f:cc:96:1d:4d:c3:59:5f:e1:67:a8:bb:9c:
                    64:d8:15:7f:8d:9f:00:27:1f:d5:c9:e7:d6:04:4b:
                    6b:87:c7:29:6e:13:eb:d3:78:72:1c:4e:b4:1d:f5:
                    e1:1e:c7:a2:c5:a8:57:e0:5c:b7:02:d0:fa:ca:73:
                    2b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:83:C8:F5:5C:6E:1C:65:AB:D7:BC:89:DE:89:DA:71:64:4C:CB:0D
            X509v3 Authority Key Identifier:
                keyid:67:7B:43:F5:38:F0:AE:72:0E:52:7B:2A:6C:0B:8A:87:6D:96:C9:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/f4PI9VxuHGWr17yJ3onacWRMyw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/Z3tD9TjwrnIOUnsqbAuKh22WyUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.175.0/24
                IPv6:
                  2a01:4262:1ab::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:fc:05:84:ec:1f:c3:a1:55:5b:1e:52:8d:51:19:b3:05:07:
         ae:fc:f7:fd:b2:83:ab:ea:91:d8:43:58:47:ed:c3:b3:4e:76:
         d8:8b:10:d2:94:9e:07:23:43:57:a7:8b:66:47:7b:4e:17:f8:
         c2:a7:25:3e:18:22:e6:25:c6:d4:42:0c:e3:14:8b:0c:bc:51:
         b5:8b:ce:a6:1f:24:19:0e:db:9a:bb:70:dd:d6:47:d1:81:d7:
         03:91:d5:70:09:df:40:28:30:8a:97:b0:87:ba:aa:ef:fc:ac:
         2f:ca:7f:bb:be:3d:d9:54:91:ba:aa:7b:4e:02:92:a2:75:e5:
         e4:c5:c1:2c:52:51:91:b3:ca:57:32:f0:08:ad:04:45:17:ba:
         e8:a0:a4:17:c5:2b:b2:7a:da:bd:26:3b:29:93:ed:6e:7f:dd:
         ee:37:77:eb:eb:56:a5:f2:be:c6:f0:e1:43:30:14:38:80:68:
         fc:ee:7a:1a:3f:a4:64:a0:8e:64:9e:f0:b6:77:cc:00:78:e6:
         5f:2c:e0:63:39:fd:cc:ee:d0:df:d2:20:15:46:d9:41:5d:69:
         0d:08:5e:dc:75:cc:9b:b4:92:84:26:5f:38:44:82:56:d3:04:
         f5:65:b7:47:15:72:be:19:7c:1d:58:41:ba:bc:ab:4b:b5:26:
         e5:63:17:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvy6AmxAIsk1BHc6sQ7s4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3N2I0M2Y1MzhmMGFlNzIwZTUyN2IyYTZjMGI4YTg3NmQ5
NmM5NDcwHhcNMjMwMTAyMDAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjgzYzhmNTVjNmUxYzY1YWJkN2JjODlkZTg5ZGE3MTY0NGNjYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPPD1GG5VuiHOopZ/+F1ke9YKWe/
QOHj0FGPRZN2JjaA2o3Napll9RYrpQ2UaEqCbNZ+/ebIWjpVnO2ief4h7vU6uFsq
odWAXL76CEL6TbMohNUj8SjZC1Xbv5VpXciV4K8egKIUk15mFVXTqRfEvb13fFBm
Ay+48eqNaP0BEbd9kiyR3cIzLEEhupH8OcRA4xg2Noqwt0N+PqcU4Apxil2o4EIo
Vp6+6OeZvULVQYEfPp03SF4GrZ2ae+qrtSH656Amlo/Mlh1Nw1lf4Weou5xk2BV/
jZ8AJx/VyefWBEtrh8cpbhPr03hyHE60HfXhHseixahX4Fy3AtD6ynMr8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH+DyPVcbhxlq9e8id6J2nFkTMsNMB8GA1UdIwQY
MBaAFGd7Q/U48K5yDlJ7KmwLiodtlslHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjN0RDlUandybklPVW5zcWJBdUtoMjJXeVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YTZlZWUtYTA5YS00NGUxLTg4ZGIt
Mjg3ODIwM2EwMDlkLzEvZjRQSTlWeHVIR1dyMTd5SjNvbmFjV1JNeXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YTZlZWUtYTA5YS00NGUxLTg4ZGItMjg3ODIwM2EwMDlk
LzEvWjN0RDlUandybklPVW5zcWJBdUtoMjJXeVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuSavMA8E
AgACMAkDBwAqAUJiAaswDQYJKoZIhvcNAQELBQADggEBAB38BYTsH8OhVVseUo1R
GbMFB6789/2yg6vqkdhDWEftw7NOdtiLENKUngcjQ1eni2ZHe04X+MKnJT4YIuYl
xtRCDOMUiwy8UbWLzqYfJBkO25q7cN3WR9GB1wOR1XAJ30AoMIqXsIe6qu/8rC/K
f7u+PdlUkbqqe04CkqJ15eTFwSxSUZGzylcy8AitBEUXuuigpBfFK7J62r0mOymT
7W5/3e43d+vrVqXyvsbw4UMwFDiAaPzueho/pGSgjmSe8LZ3zAB45l8s4GM5/czu
0N/SIBVG2UFdaQ0IXtx1zJu0koQmXzhEglbTBPVlt0cVcr4ZfB1YQbq8q0u1JuVj
Fxc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:25 2024 by rpki-client on console-fra.rpki-client.org