Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/74192f-e7f4-48c0-84c9-f258c11ce77e/1/fFArR0yvGHMzyZiYiMPrS9_M5K0.roa
File:                     fFArR0yvGHMzyZiYiMPrS9_M5K0.roa (raw, json)
Hash identifier:          aUZyWeCYmVUCqaKx9mOgkJPYH038HA69eLxqZUlWOm8=
Subject key identifier:   7C:50:2B:47:4C:AF:18:73:33:C9:98:98:88:C3:EB:4B:DF:CC:E4:AD
Certificate issuer:       /CN=b8c15fe1e19cb81cb3469fcaa5c6023a6c5c45a3
Certificate serial:       0185724C632327F06A64235F7AE9B5FB60F2
Authority key identifier: B8:C1:5F:E1:E1:9C:B8:1C:B3:46:9F:CA:A5:C6:02:3A:6C:5C:45:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uMFf4eGcuByzRp_KpcYCOmxcRaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/74192f-e7f4-48c0-84c9-f258c11ce77e/1/fFArR0yvGHMzyZiYiMPrS9_M5K0.roa
Signing time:             Mon 02 Jan 2023 11:44:46 +0000
ROA not before:           Mon 02 Jan 2023 11:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42162
IP address blocks:        85.31.152.0/21 maxlen: 21
                          185.70.80.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:4c:63:23:27:f0:6a:64:23:5f:7a:e9:b5:fb:60:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8c15fe1e19cb81cb3469fcaa5c6023a6c5c45a3
        Validity
            Not Before: Jan  2 11:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c502b474caf187333c9989888c3eb4bdfcce4ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:85:18:b6:34:27:da:7e:12:26:2a:f6:6f:de:
                    12:cb:05:ad:38:bc:37:a1:ee:14:15:5a:92:e3:df:
                    79:b8:e1:52:fa:b1:bd:6c:ca:87:a4:05:17:2f:d0:
                    b3:c4:00:e8:e1:b6:4c:cf:ff:50:87:c3:e8:4f:fd:
                    79:5f:de:cb:fd:19:6f:05:27:7b:00:7d:4a:15:3d:
                    18:76:a0:f4:91:6d:3c:f9:17:06:32:b1:d1:96:be:
                    eb:74:8d:43:bb:82:2e:d8:35:79:93:db:4b:68:d3:
                    9e:38:32:9d:41:2a:74:1c:b9:30:20:bf:7f:2f:01:
                    b4:43:90:72:ca:90:da:08:d2:d6:9a:15:5f:6a:5c:
                    dc:0f:ff:68:da:04:1a:8f:68:9b:b7:4f:e8:d8:e8:
                    a2:00:78:aa:70:75:69:b8:0c:42:6d:5d:1b:29:83:
                    c6:0b:94:5f:8c:21:31:33:9c:41:fc:7d:7c:a3:d3:
                    92:7a:12:bc:30:d3:d6:3b:06:4c:eb:e6:54:a5:af:
                    28:2d:4c:e0:e9:4e:c7:8c:e2:ff:05:8a:39:0b:25:
                    d6:fb:75:f8:0d:61:01:01:ea:c1:91:07:7b:34:c8:
                    22:69:59:a0:b0:8c:97:d7:2f:05:48:9c:0c:ca:dd:
                    c9:8e:3b:f3:a2:64:44:0d:a3:67:8a:91:1b:c1:1d:
                    42:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:50:2B:47:4C:AF:18:73:33:C9:98:98:88:C3:EB:4B:DF:CC:E4:AD
            X509v3 Authority Key Identifier:
                keyid:B8:C1:5F:E1:E1:9C:B8:1C:B3:46:9F:CA:A5:C6:02:3A:6C:5C:45:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMFf4eGcuByzRp_KpcYCOmxcRaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/74192f-e7f4-48c0-84c9-f258c11ce77e/1/fFArR0yvGHMzyZiYiMPrS9_M5K0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/74192f-e7f4-48c0-84c9-f258c11ce77e/1/uMFf4eGcuByzRp_KpcYCOmxcRaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.31.152.0/21
                  185.70.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:c3:16:1e:ed:13:b4:26:34:bf:a0:fc:bf:ec:89:0d:0d:cb:
         8b:86:8f:4f:c4:ad:24:3a:73:0e:46:7d:c9:fe:ec:6b:e6:4c:
         b0:6c:53:ac:3b:d2:9c:e5:b0:99:89:9d:f1:89:38:ec:aa:56:
         7c:13:34:17:c6:af:68:6f:7e:fe:c3:e7:0d:c9:b3:02:eb:52:
         6c:67:1b:2d:23:0c:e3:ca:bf:98:39:bd:f5:e8:33:d0:a4:02:
         fb:82:36:79:32:0b:75:3c:69:72:38:64:a0:0c:5f:9b:f6:78:
         d4:dd:0b:76:99:c3:3d:2e:fa:93:35:b4:9d:1a:49:1a:af:6a:
         6b:0c:6a:20:99:fb:ca:e7:11:91:b3:bc:aa:6c:10:92:25:45:
         15:8e:e3:58:d2:d8:b8:cf:c7:dd:8c:80:96:fa:16:43:90:12:
         f0:70:86:dc:85:59:7c:32:6f:ae:04:c9:36:23:9c:06:25:2e:
         e8:e0:80:ec:f2:63:e8:f6:4c:23:42:21:51:c7:8a:fa:e2:58:
         f1:e9:b2:32:a1:96:99:a1:26:a9:7d:c0:61:b2:d8:c6:ae:53:
         68:12:de:e0:67:df:0f:22:a9:00:b0:fa:dd:fd:e4:2c:72:0e:
         b3:e8:d4:ae:bd:98:70:b8:9f:99:8a:24:c2:78:52:97:30:8f:
         73:e0:fb:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyTGMjJ/BqZCNfeum1+2DyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzE1ZmUxZTE5Y2I4MWNiMzQ2OWZjYWE1YzYwMjNhNmM1
YzQ1YTMwHhcNMjMwMTAyMTE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzUwMmI0NzRjYWYxODczMzNjOTk4OTg4OGMzZWI0YmRmY2NlNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIUYtjQn2n4SJir2b94SywWtOLw3
oe4UFVqS4995uOFS+rG9bMqHpAUXL9CzxADo4bZMz/9Qh8PoT/15X97L/RlvBSd7
AH1KFT0YdqD0kW08+RcGMrHRlr7rdI1Du4Iu2DV5k9tLaNOeODKdQSp0HLkwIL9/
LwG0Q5ByypDaCNLWmhVfalzcD/9o2gQaj2ibt0/o2OiiAHiqcHVpuAxCbV0bKYPG
C5RfjCExM5xB/H18o9OSehK8MNPWOwZM6+ZUpa8oLUzg6U7HjOL/BYo5CyXW+3X4
DWEBAerBkQd7NMgiaVmgsIyX1y8FSJwMyt3JjjvzomREDaNnipEbwR1C0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHxQK0dMrxhzM8mYmIjD60vfzOStMB8GA1UdIwQY
MBaAFLjBX+HhnLgcs0afyqXGAjpsXEWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1GZjRlR2N1Qnl6UnBfS3BjWUNPbXhjUmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83NDE5MmYtZTdmNC00OGMwLTg0Yzkt
ZjI1OGMxMWNlNzdlLzEvZkZBclIweXZHSE16eVppWWlNUHJTOV9NNUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83NDE5MmYtZTdmNC00OGMwLTg0YzktZjI1OGMxMWNlNzdl
LzEvdU1GZjRlR2N1Qnl6UnBfS3BjWUNPbXhjUmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVR+YAwQC
uUZQMA0GCSqGSIb3DQEBCwUAA4IBAQB0wxYe7RO0JjS/oPy/7IkNDcuLho9PxK0k
OnMORn3J/uxr5kywbFOsO9Kc5bCZiZ3xiTjsqlZ8EzQXxq9ob37+w+cNybMC61Js
ZxstIwzjyr+YOb316DPQpAL7gjZ5Mgt1PGlyOGSgDF+b9njU3Qt2mcM9LvqTNbSd
Gkkar2prDGogmfvK5xGRs7yqbBCSJUUVjuNY0ti4z8fdjICW+hZDkBLwcIbchVl8
Mm+uBMk2I5wGJS7o4IDs8mPo9kwjQiFRx4r64ljx6bIyoZaZoSapfcBhstjGrlNo
Et7gZ98PIqkAsPrd/eQscg6z6NSuvZhwuJ+ZiiTCeFKXMI9z4Ptv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:48 2024 by rpki-client on console-ams.rpki-client.org