Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/_j9RG1BIS7ggkI5bqbJBUYyunFw.roa
File:                     _j9RG1BIS7ggkI5bqbJBUYyunFw.roa (raw, json)
Hash identifier:          kjqR2vEukndDeHymkioby7/JY3+Vn7J7brnheEy4U+o=
Subject key identifier:   FE:3F:51:1B:50:48:4B:B8:20:90:8E:5B:A9:B2:41:51:8C:AE:9C:5C
Certificate issuer:       /CN=a2ddaeb164e398214a171a0410e6b0232d642f50
Certificate serial:       018570FBB5F0F80C3B0B81B6297B48452706
Authority key identifier: A2:DD:AE:B1:64:E3:98:21:4A:17:1A:04:10:E6:B0:23:2D:64:2F:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ot2usWTjmCFKFxoEEOawIy1kL1A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/_j9RG1BIS7ggkI5bqbJBUYyunFw.roa
Signing time:             Mon 02 Jan 2023 05:37:02 +0000
ROA not before:           Mon 02 Jan 2023 05:37:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47915
IP address blocks:        85.204.118.0/24 maxlen: 24
                          86.104.211.0/24 maxlen: 24
                          89.39.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:b5:f0:f8:0c:3b:0b:81:b6:29:7b:48:45:27:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2ddaeb164e398214a171a0410e6b0232d642f50
        Validity
            Not Before: Jan  2 05:37:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe3f511b50484bb820908e5ba9b241518cae9c5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:9a:3e:93:a7:83:8f:b2:b3:48:a2:3b:a7:9b:
                    9f:02:0e:bb:9a:b0:4c:b3:df:75:40:f0:7b:ae:5e:
                    2a:a2:f2:9a:2c:8f:20:de:0b:c6:fd:a4:95:5a:e4:
                    8c:72:46:7d:af:f6:ce:22:62:68:b2:db:51:3c:58:
                    f1:6d:ee:45:de:df:f7:39:e4:a0:c7:d4:ad:c2:09:
                    c3:90:10:3f:04:3b:9c:22:3e:51:5a:7a:73:1d:a6:
                    fb:6c:ab:38:dc:28:42:49:d0:b1:ff:2d:1d:63:dd:
                    a9:6a:e8:db:01:ca:66:4f:74:78:ca:52:1f:47:d6:
                    c2:1c:66:ca:42:87:d1:55:4f:ab:40:c2:cf:61:e8:
                    55:8a:90:2f:ba:d5:c0:e1:f4:d7:0d:73:47:86:40:
                    af:62:45:34:dd:fc:cb:7b:7e:03:ce:f8:15:a8:90:
                    3a:3f:1e:52:d7:2d:a4:97:47:70:58:e2:f7:26:20:
                    67:aa:0f:d0:d6:56:8e:45:1c:9d:07:d1:e3:fb:82:
                    0d:5b:88:7f:16:a6:1a:b7:3b:2b:a3:07:84:4e:6b:
                    68:38:9a:a9:c1:a6:7d:76:ff:80:15:66:19:71:ca:
                    f9:15:c1:22:e8:dc:10:2c:7b:e9:b4:ec:69:b4:58:
                    f9:af:14:95:4b:ce:fd:b9:4b:dc:5b:3b:6e:aa:ca:
                    61:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:3F:51:1B:50:48:4B:B8:20:90:8E:5B:A9:B2:41:51:8C:AE:9C:5C
            X509v3 Authority Key Identifier:
                keyid:A2:DD:AE:B1:64:E3:98:21:4A:17:1A:04:10:E6:B0:23:2D:64:2F:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ot2usWTjmCFKFxoEEOawIy1kL1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/_j9RG1BIS7ggkI5bqbJBUYyunFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/ot2usWTjmCFKFxoEEOawIy1kL1A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.118.0/24
                  86.104.211.0/24
                  89.39.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:d5:0d:9b:6e:4e:97:e3:38:d1:31:fb:af:70:1d:d6:b6:1c:
         f4:9c:b0:26:af:07:83:3e:c7:f5:1c:cf:cc:71:6d:aa:75:90:
         b3:96:18:d4:f5:0b:d1:67:8e:8c:87:f2:c0:b1:37:57:90:90:
         6e:0e:70:5d:50:2b:58:e0:ee:89:c9:7a:84:4a:f2:7b:22:b1:
         f8:e5:f4:fc:9d:37:00:9c:35:44:ce:53:87:15:f1:99:9b:b1:
         ef:ea:9f:1c:cb:a4:8c:dc:96:07:23:e4:f1:4a:0a:bb:40:ba:
         b8:b7:01:48:55:a1:f1:84:58:a7:6c:1a:b0:a1:fe:5d:cd:a4:
         5d:1f:b4:6d:fa:3d:ea:fa:78:81:e7:2b:2f:64:a6:2a:59:4c:
         86:c5:cc:d4:2b:e2:3b:b0:26:c3:a4:b9:d6:1b:16:d1:c1:1e:
         bc:47:1c:05:1d:22:38:26:12:85:54:84:34:57:80:0f:c0:c7:
         24:84:b5:35:1a:b8:fb:c3:a8:ea:23:a6:d0:e9:05:49:1d:fe:
         37:ef:aa:f1:65:24:46:f9:21:f5:06:ec:18:f1:22:9d:48:61:
         99:2e:a3:0a:a9:3e:6c:cf:4f:0a:e6:3c:9b:11:34:b0:9b:47:
         41:f7:cc:1d:88:3f:aa:96:5f:4e:00:88:4c:0c:da:8f:04:a0:
         2f:a5:75:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw+7Xw+Aw7C4G2KXtIRScGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZGRhZWIxNjRlMzk4MjE0YTE3MWEwNDEwZTZiMDIzMmQ2
NDJmNTAwHhcNMjMwMTAyMDUzNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTNmNTExYjUwNDg0YmI4MjA5MDhlNWJhOWIyNDE1MThjYWU5YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Jo+k6eDj7KzSKI7p5ufAg67mrBM
s991QPB7rl4qovKaLI8g3gvG/aSVWuSMckZ9r/bOImJosttRPFjxbe5F3t/3OeSg
x9StwgnDkBA/BDucIj5RWnpzHab7bKs43ChCSdCx/y0dY92paujbAcpmT3R4ylIf
R9bCHGbKQofRVU+rQMLPYehVipAvutXA4fTXDXNHhkCvYkU03fzLe34DzvgVqJA6
Px5S1y2kl0dwWOL3JiBnqg/Q1laORRydB9Hj+4INW4h/FqYatzsroweETmtoOJqp
waZ9dv+AFWYZccr5FcEi6NwQLHvptOxptFj5rxSVS879uUvcWztuqspheQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP4/URtQSEu4IJCOW6myQVGMrpxcMB8GA1UdIwQY
MBaAFKLdrrFk45ghShcaBBDmsCMtZC9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3QydXNXVGptQ0ZLRnhvRUVPYXdJeTFrTDFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80YWZkYTctODI5Yy00ODgwLWEwYzkt
MTEyZTExM2JiN2I3LzEvX2o5UkcxQklTN2dna0k1YnFiSkJVWXl1bkZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80YWZkYTctODI5Yy00ODgwLWEwYzktMTEyZTExM2JiN2I3
LzEvb3QydXNXVGptQ0ZLRnhvRUVPYXdJeTFrTDFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcx2AwQA
VmjTAwQAWSdZMA0GCSqGSIb3DQEBCwUAA4IBAQAA1Q2bbk6X4zjRMfuvcB3Wthz0
nLAmrweDPsf1HM/McW2qdZCzlhjU9QvRZ46Mh/LAsTdXkJBuDnBdUCtY4O6JyXqE
SvJ7IrH45fT8nTcAnDVEzlOHFfGZm7Hv6p8cy6SM3JYHI+TxSgq7QLq4twFIVaHx
hFinbBqwof5dzaRdH7Rt+j3q+niB5ysvZKYqWUyGxczUK+I7sCbDpLnWGxbRwR68
RxwFHSI4JhKFVIQ0V4APwMckhLU1Grj7w6jqI6bQ6QVJHf4376rxZSRG+SH1BuwY
8SKdSGGZLqMKqT5sz08K5jybETSwm0dB98wdiD+qll9OAIhMDNqPBKAvpXVn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:46 2024 by rpki-client on console-ams.rpki-client.org