Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sPdFL20zxH61jgZObFzSFG5U2ac.roa
File:                     sPdFL20zxH61jgZObFzSFG5U2ac.roa (raw, json)
Hash identifier:          jUWTWOp183ErNo/9UYLw7pK7bFD4o7uAcZsahbPW8ns=
Subject key identifier:   B0:F7:45:2F:6D:33:C4:7E:B5:8E:06:4E:6C:5C:D2:14:6E:54:D9:A7
Certificate issuer:       /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial:       018E434342DB5A3032B9A9C5AD1B34B5E120
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sPdFL20zxH61jgZObFzSFG5U2ac.roa
Signing time:             Fri 15 Mar 2024 17:57:45 +0000
ROA not before:           Fri 15 Mar 2024 17:57:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     397630
IP address blocks:        85.115.208.0/24 maxlen: 24
                          213.145.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Nov 2024 07:13:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:43:43:42:db:5a:30:32:b9:a9:c5:ad:1b:34:b5:e1:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
        Validity
            Not Before: Mar 15 17:57:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b0f7452f6d33c47eb58e064e6c5cd2146e54d9a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a4:b6:c2:f7:bc:dd:46:18:1d:93:c4:ac:fc:
                    c9:eb:59:1c:81:6d:7e:02:8f:da:e2:f5:d0:6a:ac:
                    df:a7:7b:89:3a:86:67:1e:88:f1:6f:2e:da:58:14:
                    50:eb:32:ee:15:35:27:46:42:15:e0:c8:8a:e8:38:
                    ad:6e:8d:da:d3:ec:2a:9b:c2:55:26:1b:a7:f4:83:
                    d2:94:16:ef:25:b2:2f:d4:90:21:3f:20:bf:36:8c:
                    cd:89:f5:64:e4:b1:90:a9:a3:05:3d:d1:7c:3a:dc:
                    68:ef:1d:0e:db:9e:25:be:ea:f5:03:f8:ae:f5:bb:
                    e5:82:eb:90:2c:80:9e:a7:bb:8d:c0:63:5d:7f:2e:
                    b8:e7:34:76:2f:78:43:be:4f:02:66:d6:0b:01:1f:
                    ff:fc:fb:85:9c:29:31:ee:a7:3d:f6:8b:44:e8:7d:
                    e8:ac:96:c2:5d:ea:6a:0f:f5:da:9e:d9:03:a4:e4:
                    df:f1:53:f1:25:fa:9c:96:9e:79:81:7e:8e:55:0d:
                    7f:85:fb:e5:0b:4f:43:9a:a8:4e:8f:60:52:79:be:
                    cf:76:ac:3e:7c:d9:55:f5:3d:be:3a:91:c2:5d:e7:
                    ba:d9:22:ba:f8:b3:10:45:3d:4f:e8:c5:78:07:1e:
                    52:e4:17:81:c5:b3:e2:8b:c8:7c:76:25:fd:86:3d:
                    fa:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:F7:45:2F:6D:33:C4:7E:B5:8E:06:4E:6C:5C:D2:14:6E:54:D9:A7
            X509v3 Authority Key Identifier:
                keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sPdFL20zxH61jgZObFzSFG5U2ac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.115.208.0/24
                  213.145.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:0d:fd:ab:70:aa:16:ee:0e:a9:6d:53:8d:7c:bd:1d:5c:e8:
         c7:74:54:c9:fe:03:f0:4a:93:c9:db:c0:7e:aa:4a:e7:c2:d4:
         9f:39:19:52:fe:91:84:22:a7:9d:8a:89:b9:fe:42:bd:9e:f3:
         75:12:99:4e:7f:05:06:a4:11:bb:74:c0:53:4a:22:9d:35:c3:
         34:5c:a1:82:59:ca:0f:94:99:61:4f:23:e2:38:b0:84:8b:4b:
         35:73:80:94:20:2f:33:75:dc:71:54:35:1c:8d:a0:49:4e:db:
         6c:88:e7:5c:51:c3:4e:bf:45:8d:21:cb:9a:28:b4:df:48:24:
         12:c6:5a:ee:5f:ae:2d:a9:72:cb:5d:56:37:21:d9:a5:df:de:
         93:fa:07:36:49:7f:2a:83:f9:0d:6e:d4:46:c8:eb:f4:8d:ca:
         c3:16:67:54:df:31:1b:e6:97:00:f0:03:6f:c0:d4:18:74:16:
         cb:bd:dd:9c:29:3a:e4:9d:46:f9:3c:fc:97:77:87:85:75:7d:
         64:5c:64:cc:68:e4:07:2e:06:0f:9e:0e:c3:49:0a:26:d5:44:
         c9:6b:11:22:73:21:99:42:3b:d6:05:87:b0:15:4f:1c:b3:36:
         dc:50:ba:ec:b0:6e:78:77:c4:b1:f7:60:0e:b3:45:36:5c:ea:
         5f:35:dc:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5DQ0LbWjAyuanFrRs0teEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMzE1MTc1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY3NDUyZjZkMzNjNDdlYjU4ZTA2NGU2YzVjZDIxNDZlNTRkOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKS2wve83UYYHZPErPzJ61kcgW1+
Ao/a4vXQaqzfp3uJOoZnHojxby7aWBRQ6zLuFTUnRkIV4MiK6Ditbo3a0+wqm8JV
Jhun9IPSlBbvJbIv1JAhPyC/NozNifVk5LGQqaMFPdF8Otxo7x0O254lvur1A/iu
9bvlguuQLICep7uNwGNdfy645zR2L3hDvk8CZtYLAR///PuFnCkx7qc99otE6H3o
rJbCXepqD/XantkDpOTf8VPxJfqclp55gX6OVQ1/hfvlC09DmqhOj2BSeb7Pdqw+
fNlV9T2+OpHCXee62SK6+LMQRT1P6MV4Bx5S5BeBxbPii8h8diX9hj36fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLD3RS9tM8R+tY4GTmxc0hRuVNmnMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvc1BkRkwyMHp4SDYxamdaT2JGelNGRzVVMmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXPQAwQA
1ZFKMA0GCSqGSIb3DQEBCwUAA4IBAQCqDf2rcKoW7g6pbVONfL0dXOjHdFTJ/gPw
SpPJ28B+qkrnwtSfORlS/pGEIqediom5/kK9nvN1EplOfwUGpBG7dMBTSiKdNcM0
XKGCWcoPlJlhTyPiOLCEi0s1c4CUIC8zddxxVDUcjaBJTttsiOdcUcNOv0WNIcua
KLTfSCQSxlruX64tqXLLXVY3Idml396T+gc2SX8qg/kNbtRGyOv0jcrDFmdU3zEb
5pcA8ANvwNQYdBbLvd2cKTrknUb5PPyXd4eFdX1kXGTMaOQHLgYPng7DSQom1UTJ
axEicyGZQjvWBYewFU8cszbcULrssG54d8Sx92AOs0U2XOpfNdyW
Generated at Thu Nov 14 08:25:35 2024 by rpki-client on console-fra.rpki-client.org