Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/fF1o9-UqaoxmrEch-SfIpux4PNo.roa
File:                     fF1o9-UqaoxmrEch-SfIpux4PNo.roa (raw, json)
Hash identifier:          mNIMGbKpl23Eb3y8oO81RlVxbd6S9d2FN+GJRMBZVuk=
Subject key identifier:   7C:5D:68:F7:E5:2A:6A:8C:66:AC:47:21:F9:27:C8:A6:EC:78:3C:DA
Certificate issuer:       /CN=af5bc49d5f01a235af9289cf4926affef7af92b0
Certificate serial:       01856D418A4F2EC0B715165C900D7E63738C
Authority key identifier: AF:5B:C4:9D:5F:01:A2:35:AF:92:89:CF:49:26:AF:FE:F7:AF:92:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r1vEnV8BojWvkonPSSav_vevkrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/fF1o9-UqaoxmrEch-SfIpux4PNo.roa
Signing time:             Sun 01 Jan 2023 12:14:49 +0000
ROA not before:           Sun 01 Jan 2023 12:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50673
IP address blocks:        185.254.172.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:41:8a:4f:2e:c0:b7:15:16:5c:90:0d:7e:63:73:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af5bc49d5f01a235af9289cf4926affef7af92b0
        Validity
            Not Before: Jan  1 12:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c5d68f7e52a6a8c66ac4721f927c8a6ec783cda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:54:8c:b0:3a:ef:5b:0e:9c:d3:ca:80:d7:34:
                    50:54:f5:7a:7e:41:ec:34:e3:01:41:e1:12:1d:c0:
                    35:c7:41:34:a1:8f:28:79:62:cb:fe:37:b6:dc:2d:
                    80:ad:0a:9d:13:29:9c:13:81:69:bf:62:4d:40:f5:
                    8b:2e:45:0c:f6:7f:80:17:ac:2c:5e:f3:72:97:3e:
                    f4:df:a2:ae:1f:1b:36:1d:5a:c8:9b:e4:c1:fa:11:
                    3a:96:5e:c2:29:2c:99:61:56:db:56:09:f0:f6:ca:
                    42:b5:13:30:ef:72:4d:b8:0b:f3:65:5a:3e:35:0e:
                    6c:54:55:81:19:66:55:8d:79:1f:b3:c0:22:6f:98:
                    a2:a4:83:04:8b:aa:5c:32:9f:87:c7:45:03:b7:01:
                    b7:b5:b1:5a:2f:32:c4:d5:b8:fc:95:70:69:a5:70:
                    82:d4:1d:70:0b:1c:fd:b5:df:22:27:6f:dd:f5:4e:
                    3a:8a:75:6f:f3:d7:39:d0:ae:2a:e1:a6:44:6b:48:
                    3c:d5:8f:60:c9:60:13:7e:24:34:05:96:56:bd:81:
                    f6:49:99:02:03:1a:48:dd:6f:68:06:05:d2:13:22:
                    b6:5a:08:0e:45:cc:56:c1:7b:30:7a:3b:ae:f6:1b:
                    d3:06:72:54:6e:73:f7:2f:3c:1e:ce:bf:25:55:b7:
                    8c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:5D:68:F7:E5:2A:6A:8C:66:AC:47:21:F9:27:C8:A6:EC:78:3C:DA
            X509v3 Authority Key Identifier:
                keyid:AF:5B:C4:9D:5F:01:A2:35:AF:92:89:CF:49:26:AF:FE:F7:AF:92:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r1vEnV8BojWvkonPSSav_vevkrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/fF1o9-UqaoxmrEch-SfIpux4PNo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/r1vEnV8BojWvkonPSSav_vevkrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.254.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:2f:4a:aa:ce:0f:29:8a:6c:ce:b0:81:b0:7d:43:70:0e:0f:
         e2:4c:6e:51:67:8a:a2:af:a5:7d:c2:bc:0d:7b:30:28:6c:99:
         28:0f:2b:dc:90:76:6f:0d:dc:db:2b:cc:0d:5d:a6:3d:2d:0e:
         66:d4:bd:87:40:68:84:74:8e:92:bb:28:f9:fe:dc:a9:66:f0:
         04:81:e2:23:06:6d:1a:cb:5d:5c:d9:3c:79:15:e6:8e:02:42:
         45:c7:9b:fc:2f:61:a9:fe:c2:aa:28:4f:04:0f:c7:1f:71:25:
         46:3c:67:bf:7c:81:13:9a:c5:ea:a6:4c:67:16:6a:e5:0f:41:
         8b:42:f6:69:47:09:fd:89:03:c0:87:fb:7d:60:d8:72:00:25:
         32:2f:aa:f0:6e:fa:36:96:11:9e:1a:e3:49:ac:8e:99:77:e0:
         26:ed:5f:7b:c3:f2:64:6d:58:25:f6:16:6a:5e:d1:2a:64:19:
         9c:d3:97:1e:f1:18:09:4c:f5:e7:ff:e3:c2:b4:10:6f:04:b6:
         1c:97:3e:98:f8:70:ec:b4:e3:f0:ed:c3:af:a9:54:85:6f:01:
         99:71:fa:9c:bf:0b:f2:8a:90:fa:36:c5:d2:07:46:4f:be:3c:
         83:a9:b4:3e:67:19:e2:a2:8b:47:e6:dd:b4:42:b5:ea:c1:10:
         11:0c:6a:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQYpPLsC3FRZckA1+Y3OMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWJjNDlkNWYwMWEyMzVhZjkyODljZjQ5MjZhZmZlZjdh
ZjkyYjAwHhcNMjMwMTAxMTIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVkNjhmN2U1MmE2YThjNjZhYzQ3MjFmOTI3YzhhNmVjNzgzY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1SMsDrvWw6c08qA1zRQVPV6fkHs
NOMBQeESHcA1x0E0oY8oeWLL/je23C2ArQqdEymcE4Fpv2JNQPWLLkUM9n+AF6ws
XvNylz7036KuHxs2HVrIm+TB+hE6ll7CKSyZYVbbVgnw9spCtRMw73JNuAvzZVo+
NQ5sVFWBGWZVjXkfs8Aib5iipIMEi6pcMp+Hx0UDtwG3tbFaLzLE1bj8lXBppXCC
1B1wCxz9td8iJ2/d9U46inVv89c50K4q4aZEa0g81Y9gyWATfiQ0BZZWvYH2SZkC
AxpI3W9oBgXSEyK2WggORcxWwXswejuu9hvTBnJUbnP3Lzwezr8lVbeMPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxdaPflKmqMZqxHIfknyKbseDzaMB8GA1UdIwQY
MBaAFK9bxJ1fAaI1r5KJz0kmr/73r5KwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjF2RW5WOEJvald2a29uUFNTYXZfdmV2a3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9mMmZiZDgtZDZlMS00N2FkLWFhMjEt
MTQ3ZTQ1NzI4NzNhLzEvZkYxbzktVXFhb3htckVjaC1TZklwdXg0UE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9mMmZiZDgtZDZlMS00N2FkLWFhMjEtMTQ3ZTQ1NzI4NzNh
LzEvcjF2RW5WOEJvald2a29uUFNTYXZfdmV2a3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf6sMA0G
CSqGSIb3DQEBCwUAA4IBAQB0L0qqzg8pimzOsIGwfUNwDg/iTG5RZ4qir6V9wrwN
ezAobJkoDyvckHZvDdzbK8wNXaY9LQ5m1L2HQGiEdI6Suyj5/typZvAEgeIjBm0a
y11c2Tx5FeaOAkJFx5v8L2Gp/sKqKE8ED8cfcSVGPGe/fIETmsXqpkxnFmrlD0GL
QvZpRwn9iQPAh/t9YNhyACUyL6rwbvo2lhGeGuNJrI6Zd+Am7V97w/JkbVgl9hZq
XtEqZBmc05ce8RgJTPXn/+PCtBBvBLYclz6Y+HDstOPw7cOvqVSFbwGZcfqcvwvy
ipD6NsXSB0ZPvjyDqbQ+ZxniootH5t20QrXqwRARDGpq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:41 2024 by rpki-client on console-ams.rpki-client.org