Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/FrwSaWAVQGgF2cou9DwWDBFMNyM.roa
File:                     FrwSaWAVQGgF2cou9DwWDBFMNyM.roa (raw, json)
Hash identifier:          1fmOZBTVdI2RSYx0Z2CgkOQnBwWnyyrX3TLeOMdec28=
Subject key identifier:   16:BC:12:69:60:15:40:68:05:D9:CA:2E:F4:3C:16:0C:11:4C:37:23
Certificate issuer:       /CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Certificate serial:       018CC64B325DE492E20B99F88C5B74118F3E
Authority key identifier: BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/FrwSaWAVQGgF2cou9DwWDBFMNyM.roa
Signing time:             Mon 01 Jan 2024 18:31:06 +0000
ROA not before:           Mon 01 Jan 2024 18:31:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60522
IP address blocks:        217.61.192.0/20 maxlen: 20
                          185.29.216.0/22 maxlen: 22
                          86.111.152.0/21 maxlen: 21
                          195.192.216.0/21 maxlen: 21
                          185.205.124.0/22 maxlen: 22
                          134.255.192.0/22 maxlen: 22
                          2a00:ab60::/29 maxlen: 32

Validation:               Failed, certificate revoked on Thu 12 Sep 2024 07:08:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:32:5d:e4:92:e2:0b:99:f8:8c:5b:74:11:8f:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
        Validity
            Not Before: Jan  1 18:31:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=16bc12696015406805d9ca2ef43c160c114c3723
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9d:10:de:f8:f3:0f:87:87:41:a5:f5:20:65:
                    d2:82:18:0a:05:62:3d:fe:e4:1c:62:04:5b:71:90:
                    1f:18:04:3d:e0:04:b4:9b:7b:53:8c:0c:a1:d3:3d:
                    1d:a0:d1:00:16:39:c5:27:52:d1:a1:39:54:a4:c7:
                    01:7c:09:8e:19:52:a0:80:9a:2a:eb:fc:6e:c4:7c:
                    52:40:cb:86:60:2f:00:01:77:4f:37:e2:f5:03:be:
                    12:7b:c4:e2:89:cc:a4:8f:03:a2:54:8e:11:06:c5:
                    6f:f3:a1:04:a3:80:5c:d2:8d:e3:07:98:79:f2:83:
                    d1:38:2f:f1:87:cb:40:ad:d7:d7:66:49:08:f0:72:
                    15:03:e9:8c:64:35:5e:b1:02:3b:6a:a9:8a:88:45:
                    25:91:5e:37:ee:da:fa:c4:d2:60:d2:61:19:e4:8b:
                    0f:c5:65:08:80:fe:7c:63:28:fa:4e:74:89:78:f3:
                    fc:4d:67:fc:01:dc:a8:0b:6d:c3:de:e1:bd:8d:87:
                    e0:9c:ac:56:dc:b7:b8:69:05:6d:bd:a1:64:91:da:
                    94:99:3f:60:7b:c2:ab:7e:69:62:d8:41:c8:53:50:
                    d0:fc:3b:c0:91:f6:89:47:af:4b:cb:95:28:96:75:
                    66:e4:27:93:66:c0:b5:31:cf:b3:95:7d:42:de:90:
                    9c:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:BC:12:69:60:15:40:68:05:D9:CA:2E:F4:3C:16:0C:11:4C:37:23
            X509v3 Authority Key Identifier:
                keyid:BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/FrwSaWAVQGgF2cou9DwWDBFMNyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/vkjMNUiL2ebzErIPx2oQJy8M3to.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.111.152.0/21
                  134.255.192.0/22
                  185.29.216.0/22
                  185.205.124.0/22
                  195.192.216.0/21
                  217.61.192.0/20
                IPv6:
                  2a00:ab60::/29

    Signature Algorithm: sha256WithRSAEncryption
         a8:6b:9e:83:19:29:1f:1c:4b:7e:2d:ca:fc:87:ec:9f:2a:65:
         9c:47:e6:84:92:c4:91:7b:fb:5f:0c:e5:77:11:2d:cc:dc:9a:
         72:c6:93:df:91:cc:a3:0a:1e:88:3a:b2:eb:9c:f9:a1:bb:fc:
         97:2b:d0:89:ba:c8:a1:12:09:42:69:b2:d2:e4:80:76:35:94:
         5f:67:c6:5c:28:4a:75:71:b4:7f:0c:a5:61:e5:f1:c6:50:53:
         8c:30:89:26:9f:83:b7:62:4e:0c:ce:54:99:af:70:d0:a5:27:
         39:05:06:4e:f8:03:98:e3:de:8d:35:92:43:8d:2b:f7:fd:03:
         7d:21:5f:1d:7d:1e:cf:e6:ef:ee:ff:cc:ca:24:d3:e5:bc:99:
         af:06:99:64:cc:f4:f5:17:f5:35:75:27:7e:23:b9:32:b3:74:
         12:12:d5:ad:93:50:58:07:f0:1b:6e:dc:fe:68:14:34:24:9e:
         81:15:0c:59:d3:b3:d7:3c:91:de:ab:92:24:90:43:02:bf:e8:
         5b:70:31:49:e1:90:5f:1b:84:6c:83:59:3d:52:bd:e1:c9:cf:
         96:13:df:b6:a2:de:04:7e:6d:4e:a9:41:56:37:9b:ff:52:f0:
         79:c6:d3:cc:43:8e:1a:0f:67:15:13:cf:a6:fb:11:ef:2e:09:
         12:37:95:ba
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzGSzJd5JLiC5n4jFt0EY8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDhjYzM1NDg4YmQ5ZTZmMzEyYjIwZmM3NmExMDI3MmYw
Y2RlZGEwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmJjMTI2OTYwMTU0MDY4MDVkOWNhMmVmNDNjMTYwYzExNGMzNzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ0Q3vjzD4eHQaX1IGXSghgKBWI9
/uQcYgRbcZAfGAQ94AS0m3tTjAyh0z0doNEAFjnFJ1LRoTlUpMcBfAmOGVKggJoq
6/xuxHxSQMuGYC8AAXdPN+L1A74Se8TiicykjwOiVI4RBsVv86EEo4Bc0o3jB5h5
8oPROC/xh8tArdfXZkkI8HIVA+mMZDVesQI7aqmKiEUlkV437tr6xNJg0mEZ5IsP
xWUIgP58Yyj6TnSJePP8TWf8AdyoC23D3uG9jYfgnKxW3Le4aQVtvaFkkdqUmT9g
e8Krfmli2EHIU1DQ/DvAkfaJR69Ly5UolnVm5CeTZsC1Mc+zlX1C3pCcuwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBa8EmlgFUBoBdnKLvQ8FgwRTDcjMB8GA1UdIwQY
MBaAFL5IzDVIi9nm8xKyD8dqECcvDN7aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtqTU5VaUwyZWJ6RXJJUHgyb1FKeThNM3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kMjY5NzEtYjdhOC00ZWRlLThiYjQt
NDliYzQzNjYwYzk3LzEvRnJ3U2FXQVZRR2dGMmNvdTlEd1dEQkZNTnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kMjY5NzEtYjdhOC00ZWRlLThiYjQtNDliYzQzNjYwYzk3
LzEvdmtqTU5VaUwyZWJ6RXJJUHgyb1FKeThNM3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDVm+YAwQC
hv/AAwQCuR3YAwQCuc18AwQDw8DYAwQE2T3AMA0EAgACMAcDBQMqAKtgMA0GCSqG
SIb3DQEBCwUAA4IBAQCoa56DGSkfHEt+Lcr8h+yfKmWcR+aEksSRe/tfDOV3ES3M
3JpyxpPfkcyjCh6IOrLrnPmhu/yXK9CJusihEglCabLS5IB2NZRfZ8ZcKEp1cbR/
DKVh5fHGUFOMMIkmn4O3Yk4MzlSZr3DQpSc5BQZO+AOY496NNZJDjSv3/QN9IV8d
fR7P5u/u/8zKJNPlvJmvBplkzPT1F/U1dSd+I7kys3QSEtWtk1BYB/Abbtz+aBQ0
JJ6BFQxZ07PXPJHeq5IkkEMCv+hbcDFJ4ZBfG4Rsg1k9Ur3hyc+WE9+2ot4Efm1O
qUFWN5v/UvB5xtPMQ44aD2cVE8+m+xHvLgkSN5W6
-----END CERTIFICATE-----
Generated at Thu Sep 12 09:26:05 2024 by rpki-client on console-fra.rpki-client.org