Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/Oe6fMhecSmmMSFLO5me0ecwl42s.roa
File:                     Oe6fMhecSmmMSFLO5me0ecwl42s.roa (raw, json)
Hash identifier:          GivGDITYeM9gZ/PEurEnssOJ1TcYcx2xHE804qSp9d8=
Subject key identifier:   39:EE:9F:32:17:9C:4A:69:8C:48:52:CE:E6:67:B4:79:CC:25:E3:6B
Certificate issuer:       /CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Certificate serial:       01856F025860CB9D90399839F3583D7DFB03
Authority key identifier: F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/Oe6fMhecSmmMSFLO5me0ecwl42s.roa
Signing time:             Sun 01 Jan 2023 20:25:02 +0000
ROA not before:           Sun 01 Jan 2023 20:25:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43150
IP address blocks:        217.199.199.0/24 maxlen: 24
                          2a00:4d80::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:58:60:cb:9d:90:39:98:39:f3:58:3d:7d:fb:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
        Validity
            Not Before: Jan  1 20:25:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=39ee9f32179c4a698c4852cee667b479cc25e36b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:2b:bd:fb:33:8d:25:49:e7:c1:7d:07:84:af:
                    dc:3f:db:ca:e4:78:d5:47:e8:c3:3b:4d:64:31:0d:
                    b9:c2:c6:a1:81:4d:ed:5f:76:3e:e5:82:d5:66:2f:
                    f9:2e:13:29:51:0c:ca:57:08:2e:88:35:c2:fd:89:
                    6f:7b:d7:6e:ef:54:67:f8:ce:bb:c9:64:a9:a9:ea:
                    9e:1c:51:36:50:8f:8c:69:61:6b:a0:93:d3:b4:04:
                    4d:5f:5e:a9:f5:11:d5:66:d0:98:27:55:87:9b:7d:
                    ca:d8:94:e2:c4:cd:1c:a5:be:3a:0c:6f:eb:a5:80:
                    72:39:b9:fc:d2:57:04:e4:e9:12:60:18:50:af:e8:
                    d0:b6:a6:cd:35:a8:d4:97:6e:00:c4:0e:1f:61:c5:
                    7d:f5:6e:37:ac:7e:bf:74:b7:6d:17:2d:f8:df:33:
                    e1:f9:7e:7b:ee:6e:7d:03:8e:73:9c:8e:8c:88:a3:
                    35:bf:8c:b3:d9:ee:c9:fd:c5:67:b1:44:ac:60:09:
                    9b:95:ae:88:43:b6:72:f3:3f:b4:81:bd:e7:7b:a7:
                    b0:0c:76:ed:36:73:77:95:7d:3f:de:88:ff:af:c4:
                    6c:ac:3f:39:2e:6e:57:4d:fa:ee:b8:9b:09:aa:7e:
                    9c:40:a8:a2:87:d5:0b:1f:15:98:19:2f:5d:ae:98:
                    6c:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:EE:9F:32:17:9C:4A:69:8C:48:52:CE:E6:67:B4:79:CC:25:E3:6B
            X509v3 Authority Key Identifier:
                keyid:F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/Oe6fMhecSmmMSFLO5me0ecwl42s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.199.199.0/24
                IPv6:
                  2a00:4d80::/48

    Signature Algorithm: sha256WithRSAEncryption
         08:f7:66:e6:a0:dd:17:50:5a:45:86:12:76:b3:a0:71:32:b5:
         e0:7c:f9:1b:f0:a2:92:3a:dd:39:a0:b6:1a:fc:93:ff:d4:f7:
         df:a0:86:3a:77:a8:07:07:ba:10:b3:fb:93:8d:85:9a:7b:a3:
         d7:d3:07:72:13:bc:48:d1:47:08:4c:c5:a0:b1:78:d9:17:c3:
         45:61:2d:e3:c3:e8:db:1f:ce:27:e3:f4:83:12:33:1c:70:32:
         94:f3:11:64:7f:23:a7:77:6f:bd:97:26:1f:ea:de:6e:e4:bb:
         41:b6:5d:eb:7b:f5:3a:06:ca:65:c5:33:4c:ba:5a:94:1b:b2:
         ae:2a:75:93:13:86:d5:e3:e7:82:5a:fa:0c:f8:a5:fb:32:8e:
         4d:fb:b4:51:0b:42:a3:cc:af:bc:6b:2c:b6:ad:69:f6:cf:8b:
         18:90:4f:8b:76:0f:1f:73:5a:59:08:6e:95:de:5b:0d:c4:a5:
         d8:71:15:a6:dc:7c:cc:2f:31:60:6f:8f:b8:1c:ec:de:56:22:
         94:27:5c:8b:4e:31:9a:b1:c9:86:40:5b:5c:18:06:4a:7f:5d:
         f2:92:b4:b5:8a:83:f2:9e:0a:b3:26:62:28:9c:d8:09:b1:ee:
         52:3d:a1:75:cb:b3:da:c8:9e:5d:c8:d3:b9:9e:fd:43:d7:e9:
         d7:21:de:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvAlhgy52QOZg581g9ffsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMjJmYmU4NWFlNDA4ZDM3N2IyMTdkNGViYTdiMzhiMjRi
YWY1ZGQwHhcNMjMwMTAxMjAyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWVlOWYzMjE3OWM0YTY5OGM0ODUyY2VlNjY3YjQ3OWNjMjVlMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySu9+zONJUnnwX0HhK/cP9vK5HjV
R+jDO01kMQ25wsahgU3tX3Y+5YLVZi/5LhMpUQzKVwguiDXC/Ylve9du71Rn+M67
yWSpqeqeHFE2UI+MaWFroJPTtARNX16p9RHVZtCYJ1WHm33K2JTixM0cpb46DG/r
pYByObn80lcE5OkSYBhQr+jQtqbNNajUl24AxA4fYcV99W43rH6/dLdtFy343zPh
+X577m59A45znI6MiKM1v4yz2e7J/cVnsUSsYAmbla6IQ7Zy8z+0gb3ne6ewDHbt
NnN3lX0/3oj/r8RsrD85Lm5XTfruuJsJqn6cQKiih9ULHxWYGS9drphsLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDnunzIXnEppjEhSzuZntHnMJeNrMB8GA1UdIwQY
MBaAFPIi++ha5AjTd7IX1Ouns4skuvXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzkt
YjBjMWUzMzA0ZTc0LzEvT2U2Zk1oZWNTbW1NU0ZMTzVtZTBlY3dsNDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzktYjBjMWUzMzA0ZTc0
LzEvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2cfHMA8E
AgACMAkDBwAqAE2AAAAwDQYJKoZIhvcNAQELBQADggEBAAj3Zuag3RdQWkWGEnaz
oHEyteB8+RvwopI63Tmgthr8k//U99+ghjp3qAcHuhCz+5ONhZp7o9fTB3ITvEjR
RwhMxaCxeNkXw0VhLePD6Nsfzifj9IMSMxxwMpTzEWR/I6d3b72XJh/q3m7ku0G2
Xet79ToGymXFM0y6WpQbsq4qdZMThtXj54Ja+gz4pfsyjk37tFELQqPMr7xrLLat
afbPixiQT4t2Dx9zWlkIbpXeWw3EpdhxFabcfMwvMWBvj7gc7N5WIpQnXItOMZqx
yYZAW1wYBkp/XfKStLWKg/KeCrMmYiic2Amx7lI9oXXLs9rInl3I07me/UPX6dch
3rU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:13 2024 by rpki-client on console-ams.rpki-client.org