Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/dF3tKLyrR_snvg3AcjeU3gHe8dU.roa
File:                     dF3tKLyrR_snvg3AcjeU3gHe8dU.roa (raw, json)
Hash identifier:          RcIbNolhyGpgetqIwxShfUJEN6yfSVev7+Hpf30jLKk=
Subject key identifier:   74:5D:ED:28:BC:AB:47:FB:27:BE:0D:C0:72:37:94:DE:01:DE:F1:D5
Certificate issuer:       /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial:       01856DB8862826B641CE7D5E0B75BD7D5D13
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/dF3tKLyrR_snvg3AcjeU3gHe8dU.roa
Signing time:             Sun 01 Jan 2023 14:24:47 +0000
ROA not before:           Sun 01 Jan 2023 14:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212968
IP address blocks:        155.133.126.0/24 maxlen: 24
                          2a06:1e00:2d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:b8:86:28:26:b6:41:ce:7d:5e:0b:75:bd:7d:5d:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
        Validity
            Not Before: Jan  1 14:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=745ded28bcab47fb27be0dc0723794de01def1d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a0:97:b8:8f:00:a1:6d:1f:75:d9:47:fb:bb:
                    5e:37:6e:d4:1c:df:2f:71:86:03:4e:36:56:ba:dc:
                    06:db:07:12:d6:06:58:e5:b5:54:25:04:16:d5:62:
                    dd:7b:a4:31:5b:cf:9e:df:a9:7e:05:f5:a0:c4:13:
                    c8:b7:36:23:80:e3:0e:57:9c:97:b0:37:b6:8e:12:
                    28:0c:60:04:e8:d5:fe:cf:96:1f:5a:11:51:31:44:
                    71:5d:0b:67:a4:81:49:db:58:43:3c:69:8d:88:05:
                    c0:bb:76:6d:8b:26:7f:e2:ff:43:f5:6c:b4:63:39:
                    77:62:28:58:07:76:17:e8:b7:ea:57:6f:44:d1:aa:
                    87:ad:bc:24:bc:33:04:da:3f:cb:d3:f5:69:b3:73:
                    f0:01:44:e6:3f:f7:4d:ea:81:04:a2:a1:85:1b:bd:
                    c5:51:76:11:44:9b:c0:58:f1:3a:42:37:c9:96:fc:
                    71:23:83:e0:0e:7e:9f:8d:27:39:0d:b0:2f:90:15:
                    fa:2b:3f:bc:3f:ff:8e:2b:2c:28:ba:21:7b:76:5b:
                    bd:45:e6:84:37:0e:a3:ab:d1:66:42:61:6c:a2:c4:
                    c4:56:03:da:ca:ff:07:46:f4:ed:55:f7:95:df:d3:
                    dc:50:c6:e9:0b:ac:80:9d:a9:80:bf:9b:30:a3:15:
                    81:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:5D:ED:28:BC:AB:47:FB:27:BE:0D:C0:72:37:94:DE:01:DE:F1:D5
            X509v3 Authority Key Identifier:
                keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/dF3tKLyrR_snvg3AcjeU3gHe8dU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.133.126.0/24
                IPv6:
                  2a06:1e00:2d::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:a0:d4:b2:dc:5f:db:02:7d:a9:d4:f1:eb:2f:d6:14:07:59:
         b6:3e:f2:4a:be:6f:9c:cc:28:74:26:11:aa:06:ec:5c:0b:92:
         d8:a8:68:6c:ab:13:1d:27:8a:cb:3f:bc:17:ad:02:cd:74:e8:
         f4:91:e7:a9:46:fd:6c:fd:f9:a6:de:5f:0a:b4:d2:d1:e8:d8:
         62:af:a2:03:44:b7:7a:d8:ce:0e:0d:c7:ff:f3:1d:4e:b3:ba:
         3e:90:bf:41:eb:45:1f:c1:79:49:e2:90:49:2e:20:15:d4:71:
         f9:7c:d8:d1:a9:ee:ca:9c:03:01:0d:51:33:a1:d1:43:ef:ff:
         71:80:38:13:03:73:a4:85:67:8f:ef:38:95:c3:fc:0b:1e:74:
         b9:25:f7:68:81:c5:81:5d:53:aa:33:2e:2a:9c:b0:50:21:db:
         16:3c:82:d5:a7:43:1d:61:91:1e:a5:8f:c5:7b:23:4c:69:c2:
         f8:7d:44:5b:03:fc:bd:f4:ae:c1:ae:c7:b0:b4:2c:d6:2a:c9:
         09:82:e6:03:15:87:58:af:bf:69:21:72:26:f8:62:70:bb:c9:
         2a:8e:2e:03:15:99:df:5f:1b:83:a5:ef:28:75:41:35:04:4b:
         6b:ae:48:c4:c2:d2:ab:d3:2e:9a:a6:20:46:a6:0b:52:d9:32:
         70:05:09:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtuIYoJrZBzn1eC3W9fV0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjMwMTAxMTQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDVkZWQyOGJjYWI0N2ZiMjdiZTBkYzA3MjM3OTRkZTAxZGVmMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaCXuI8AoW0fddlH+7teN27UHN8v
cYYDTjZWutwG2wcS1gZY5bVUJQQW1WLde6QxW8+e36l+BfWgxBPItzYjgOMOV5yX
sDe2jhIoDGAE6NX+z5YfWhFRMURxXQtnpIFJ21hDPGmNiAXAu3ZtiyZ/4v9D9Wy0
Yzl3YihYB3YX6LfqV29E0aqHrbwkvDME2j/L0/Vps3PwAUTmP/dN6oEEoqGFG73F
UXYRRJvAWPE6QjfJlvxxI4PgDn6fjSc5DbAvkBX6Kz+8P/+OKywouiF7dlu9ReaE
Nw6jq9FmQmFsosTEVgPayv8HRvTtVfeV39PcUMbpC6yAnamAv5swoxWBdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHRd7Si8q0f7J74NwHI3lN4B3vHVMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvZEYzdEtMeXJSX3NudmczQWNqZVUzZ0hlOGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAm4V+MA8E
AgACMAkDBwAqBh4AAC0wDQYJKoZIhvcNAQELBQADggEBAGSg1LLcX9sCfanU8esv
1hQHWbY+8kq+b5zMKHQmEaoG7FwLktioaGyrEx0niss/vBetAs106PSR56lG/Wz9
+abeXwq00tHo2GKvogNEt3rYzg4Nx//zHU6zuj6Qv0HrRR/BeUnikEkuIBXUcfl8
2NGp7sqcAwENUTOh0UPv/3GAOBMDc6SFZ4/vOJXD/AsedLkl92iBxYFdU6ozLiqc
sFAh2xY8gtWnQx1hkR6lj8V7I0xpwvh9RFsD/L30rsGux7C0LNYqyQmC5gMVh1iv
v2khcib4YnC7ySqOLgMVmd9fG4Ol7yh1QTUES2uuSMTC0qvTLpqmIEamC1LZMnAF
CTQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:17 2024 by rpki-client on console-fra.rpki-client.org