Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/FZS6g3rCdGR3KsyOsz2a4rgwaUQ.roa
File:                     FZS6g3rCdGR3KsyOsz2a4rgwaUQ.roa (raw, json)
Hash identifier:          E0oGscvvH5zDAAbHePAT1EqCPEceMn8e2scJBTkIGJA=
Subject key identifier:   15:94:BA:83:7A:C2:74:64:77:2A:CC:8E:B3:3D:9A:E2:B8:30:69:44
Certificate issuer:       /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial:       018EB960851CE402C17CA4F914F4F251E00F
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/FZS6g3rCdGR3KsyOsz2a4rgwaUQ.roa
Signing time:             Sun 07 Apr 2024 16:24:54 +0000
ROA not before:           Sun 07 Apr 2024 16:24:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        185.133.68.0/22 maxlen: 24
                          185.133.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Apr 2024 17:47:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:b9:60:85:1c:e4:02:c1:7c:a4:f9:14:f4:f2:51:e0:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
        Validity
            Not Before: Apr  7 16:24:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1594ba837ac27464772acc8eb33d9ae2b8306944
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:6f:ac:c1:11:09:b8:bd:b0:8c:c0:8a:0c:65:
                    7d:16:80:7e:14:25:1b:98:01:c5:80:38:0d:eb:5f:
                    a7:65:9f:d9:c5:80:d6:54:d9:e9:cf:cb:58:82:70:
                    2c:c4:8e:40:fe:9a:cb:59:51:b3:48:17:cb:95:1e:
                    92:6f:b6:28:cd:6f:4c:3c:66:41:27:80:eb:c1:60:
                    7d:17:10:32:00:29:f7:49:7f:f0:f8:bf:44:f6:34:
                    b6:d3:59:ea:00:b9:7b:73:d1:6b:d1:56:ac:17:25:
                    91:f9:d2:6c:f5:db:d1:02:6b:d4:a0:58:3a:de:16:
                    25:2e:0d:03:1f:d1:57:81:c0:e2:ec:6b:2a:00:4e:
                    59:a9:2a:15:62:2e:a7:8d:77:cc:66:3b:2f:f6:73:
                    20:a6:dd:eb:53:86:70:9c:ea:f7:58:94:cf:c3:88:
                    a5:85:3b:aa:5d:4e:14:40:ab:08:b4:48:01:12:45:
                    bf:d7:ea:c9:18:80:b5:78:8f:47:3e:f8:8a:12:00:
                    be:3a:06:ee:6b:da:af:28:ed:6f:dc:d5:83:ff:38:
                    9d:d2:c0:f4:85:d0:85:ff:03:68:ff:3e:2a:d9:a4:
                    18:04:26:99:6a:ee:fe:1f:9d:b5:df:32:3f:56:3d:
                    1c:ef:e2:54:15:93:e5:df:50:c4:b2:bb:fb:ad:e5:
                    a6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:94:BA:83:7A:C2:74:64:77:2A:CC:8E:B3:3D:9A:E2:B8:30:69:44
            X509v3 Authority Key Identifier:
                keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/FZS6g3rCdGR3KsyOsz2a4rgwaUQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.133.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:95:e6:3b:73:6f:57:bb:ae:6c:97:c4:d9:2d:91:b6:18:30:
         52:27:c0:5a:b5:0d:27:9b:8f:88:f6:c3:af:29:88:b2:3c:a8:
         0d:e6:f7:44:2f:20:2a:0b:80:74:a0:74:d1:66:e3:bb:98:44:
         a0:bd:e2:fa:2d:03:67:8d:f7:8d:fa:59:bf:88:8b:0c:be:bc:
         52:4c:aa:af:e6:bd:d7:00:0a:38:eb:f5:d0:e3:5a:ec:71:e8:
         08:e4:6f:c4:6a:8e:e7:f2:97:29:9a:9a:23:14:64:22:c0:30:
         0d:1d:63:7a:7b:9c:eb:29:65:5e:26:ec:50:6a:2a:6d:8e:ab:
         97:c9:12:ff:0f:6f:90:79:e3:d0:aa:b1:fc:a4:8c:a5:76:ab:
         69:ad:8f:f9:a8:94:4a:9a:84:e2:2c:a9:d7:2b:77:5f:33:6c:
         aa:b9:ee:e7:a5:d7:02:93:86:2f:1f:4b:40:ad:6f:62:d8:e1:
         38:f3:53:0c:db:1d:51:1a:a2:49:b3:15:00:aa:fe:c0:22:36:
         50:01:1d:06:b7:fb:ec:ae:16:a3:9c:a7:f3:14:e4:eb:fc:62:
         26:45:6c:4a:4a:2d:3c:71:f6:69:33:b6:78:62:9b:32:4a:5d:
         e3:90:fc:a7:ae:2f:ff:f3:fa:02:fb:49:53:20:fd:19:ca:dc:
         6f:c9:cf:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY65YIUc5ALBfKT5FPTyUeAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2
NWE2MDYwHhcNMjQwNDA3MTYyNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTk0YmE4MzdhYzI3NDY0NzcyYWNjOGViMzNkOWFlMmI4MzA2OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm+swREJuL2wjMCKDGV9FoB+FCUb
mAHFgDgN61+nZZ/ZxYDWVNnpz8tYgnAsxI5A/prLWVGzSBfLlR6Sb7YozW9MPGZB
J4DrwWB9FxAyACn3SX/w+L9E9jS201nqALl7c9Fr0VasFyWR+dJs9dvRAmvUoFg6
3hYlLg0DH9FXgcDi7GsqAE5ZqSoVYi6njXfMZjsv9nMgpt3rU4ZwnOr3WJTPw4il
hTuqXU4UQKsItEgBEkW/1+rJGIC1eI9HPviKEgC+Ogbua9qvKO1v3NWD/zid0sD0
hdCF/wNo/z4q2aQYBCaZau7+H5213zI/Vj0c7+JUFZPl31DEsrv7reWm/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBWUuoN6wnRkdyrMjrM9muK4MGlEMB8GA1UdIwQY
MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt
N2M5OTgwNzlhNmE5LzEvRlpTNmczckNkR1IzS3N5T3N6MmE0cmd3YVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5
LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYVEMA0G
CSqGSIb3DQEBCwUAA4IBAQAJleY7c29Xu65sl8TZLZG2GDBSJ8BatQ0nm4+I9sOv
KYiyPKgN5vdELyAqC4B0oHTRZuO7mESgveL6LQNnjfeN+lm/iIsMvrxSTKqv5r3X
AAo46/XQ41rscegI5G/Eao7n8pcpmpojFGQiwDANHWN6e5zrKWVeJuxQaiptjquX
yRL/D2+QeePQqrH8pIyldqtprY/5qJRKmoTiLKnXK3dfM2yque7npdcCk4YvH0tA
rW9i2OE481MM2x1RGqJJsxUAqv7AIjZQAR0Gt/vsrhajnKfzFOTr/GImRWxKSi08
cfZpM7Z4YpsySl3jkPynri//8/oC+0lTIP0Zytxvyc8h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:25 2024 by rpki-client on console-fra.rpki-client.org