Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/wrfEQyANWe25hqMHT2sLM6dZuTQ.roa
File:                     wrfEQyANWe25hqMHT2sLM6dZuTQ.roa (raw, json)
Hash identifier:          zUXMPu/X/U9I34/JuR+mtchcZDQ59xYkYoMIUvKzGws=
Subject key identifier:   C2:B7:C4:43:20:0D:59:ED:B9:86:A3:07:4F:6B:0B:33:A7:59:B9:34
Certificate issuer:       /CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
Certificate serial:       018BF73229E558886BA9AD94E735EFBC43D2
Authority key identifier: F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/wrfEQyANWe25hqMHT2sLM6dZuTQ.roa
Signing time:             Wed 22 Nov 2023 13:22:21 +0000
ROA not before:           Wed 22 Nov 2023 13:22:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21263
IP address blocks:        185.159.244.0/24 maxlen: 24
                          2a13:780::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f7:32:29:e5:58:88:6b:a9:ad:94:e7:35:ef:bc:43:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
        Validity
            Not Before: Nov 22 13:22:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c2b7c443200d59edb986a3074f6b0b33a759b934
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:20:3a:0b:f3:5c:0e:a1:ff:b9:8d:04:97:ee:
                    0e:7a:5c:c5:5b:2c:87:4d:c7:38:1c:2c:fe:b9:ae:
                    92:b6:9e:70:a2:70:bb:3f:02:ec:35:27:6c:86:0e:
                    f4:2f:9b:55:88:ad:d7:bf:8e:33:09:46:81:09:ff:
                    a0:91:39:00:cc:99:91:0c:57:8b:20:e3:f9:d5:df:
                    40:ba:ba:b2:23:33:b8:f2:39:b6:6e:69:f1:64:8c:
                    5d:23:5c:42:d2:0d:b2:64:41:1a:92:fd:8c:50:35:
                    81:80:fd:10:da:54:5e:99:4f:4a:36:90:18:04:5a:
                    b5:de:60:7d:34:64:b2:04:0c:fd:0b:2c:38:3d:4b:
                    44:ad:19:6f:5a:0d:07:13:34:68:66:b5:7d:5e:12:
                    99:1a:4e:17:c9:ee:2b:6a:8a:b0:0c:ae:47:db:e3:
                    14:81:1b:51:03:c8:f6:58:45:e8:eb:e8:ad:30:b6:
                    40:d5:4c:91:e7:72:84:00:6f:e9:6b:2c:4d:3e:f2:
                    29:d6:63:85:01:a8:90:a8:fa:b9:c5:ca:08:06:4d:
                    0e:ed:1f:a5:0a:f1:d8:cd:1e:8f:5e:fa:ef:00:44:
                    41:4b:59:f9:a5:b3:2c:c8:2e:68:c0:57:49:95:a2:
                    dc:dd:58:f6:42:8b:75:33:46:10:73:3f:f4:2c:c6:
                    37:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:B7:C4:43:20:0D:59:ED:B9:86:A3:07:4F:6B:0B:33:A7:59:B9:34
            X509v3 Authority Key Identifier:
                keyid:F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/wrfEQyANWe25hqMHT2sLM6dZuTQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/80fO2aDtf5RLn078OFd7OObRxnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.244.0/24
                IPv6:
                  2a13:780::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:3b:c6:51:3d:71:ef:fe:fc:ad:de:20:41:e6:8c:4d:cd:34:
         81:03:d9:af:f2:7f:7a:21:fd:1c:c3:65:4e:a1:e9:92:9c:1a:
         1d:9b:fe:69:73:8a:f1:29:ba:f9:31:b8:62:d3:2c:48:a3:78:
         0c:94:9c:b7:d6:2f:2b:13:22:c4:5d:24:3d:f8:2d:da:a6:c6:
         4c:43:a7:b0:9f:76:95:eb:ca:ff:67:47:f3:96:d8:f8:29:43:
         94:2e:aa:a0:24:2f:83:b7:29:7a:c7:ce:f4:9e:56:3b:4a:b4:
         a1:28:dc:98:de:af:35:aa:fa:f6:94:4b:b2:75:00:f7:44:1b:
         5a:89:a5:8e:e3:09:4b:7c:7e:ae:6e:a8:60:15:98:2a:c5:f8:
         b5:df:b3:3f:2e:48:b9:a5:1a:cd:56:b8:a2:e5:95:85:16:d7:
         b9:06:c6:55:57:e6:f9:e9:ea:45:35:0f:04:2d:e4:15:66:b8:
         ae:64:63:33:02:ac:fb:5e:f6:48:68:9c:62:f3:45:eb:ce:9c:
         0e:32:af:b9:3a:85:3f:9a:7e:89:4c:3e:2a:1d:91:ea:97:dc:
         c0:2e:64:a1:b0:df:4f:71:fb:4c:5c:d0:11:a4:6f:7b:79:c0:
         d6:88:6c:8f:05:59:a7:b3:db:ea:c2:c7:c1:6b:39:4f:2f:77:
         54:c0:c5:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYv3MinlWIhrqa2U5zXvvEPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDdjZWQ5YTBlZDdmOTQ0YjlmNGVmYzM4NTc3YjM4ZTZk
MWM2NzMwHhcNMjMxMTIyMTMyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI3YzQ0MzIwMGQ1OWVkYjk4NmEzMDc0ZjZiMGIzM2E3NTliOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyA6C/NcDqH/uY0El+4OelzFWyyH
Tcc4HCz+ua6Stp5wonC7PwLsNSdshg70L5tViK3Xv44zCUaBCf+gkTkAzJmRDFeL
IOP51d9AurqyIzO48jm2bmnxZIxdI1xC0g2yZEEakv2MUDWBgP0Q2lRemU9KNpAY
BFq13mB9NGSyBAz9Cyw4PUtErRlvWg0HEzRoZrV9XhKZGk4Xye4raoqwDK5H2+MU
gRtRA8j2WEXo6+itMLZA1UyR53KEAG/payxNPvIp1mOFAaiQqPq5xcoIBk0O7R+l
CvHYzR6PXvrvAERBS1n5pbMsyC5owFdJlaLc3Vj2Qot1M0YQcz/0LMY3iwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMK3xEMgDVntuYajB09rCzOnWbk0MB8GA1UdIwQY
MBaAFPNHztmg7X+US59O/DhXezjm0cZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjIt
MjMyYjRiNDY1N2U5LzEvd3JmRVF5QU5XZTI1aHFNSFQyc0xNNmRadVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjItMjMyYjRiNDY1N2U5
LzEvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZ/0MA0E
AgACMAcDBQMqEweAMA0GCSqGSIb3DQEBCwUAA4IBAQAOO8ZRPXHv/vyt3iBB5oxN
zTSBA9mv8n96If0cw2VOoemSnBodm/5pc4rxKbr5Mbhi0yxIo3gMlJy31i8rEyLE
XSQ9+C3apsZMQ6ewn3aV68r/Z0fzltj4KUOULqqgJC+Dtyl6x870nlY7SrShKNyY
3q81qvr2lEuydQD3RBtaiaWO4wlLfH6ubqhgFZgqxfi137M/Lki5pRrNVrii5ZWF
Fte5BsZVV+b56epFNQ8ELeQVZriuZGMzAqz7XvZIaJxi80XrzpwOMq+5OoU/mn6J
TD4qHZHql9zALmShsN9PcftMXNARpG97ecDWiGyPBVmns9vqwsfBazlPL3dUwMXS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:37 2024 by rpki-client on console-fra.rpki-client.org