Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/85sWqB6fbeDRLzxjAZcTITWfTfU.roa
File:                     85sWqB6fbeDRLzxjAZcTITWfTfU.roa (raw, json)
Hash identifier:          aqAdHp4WuISMgMX+1xabLbpshgxKEz39WSeo1C4XnqM=
Subject key identifier:   F3:9B:16:A8:1E:9F:6D:E0:D1:2F:3C:63:01:97:13:21:35:9F:4D:F5
Certificate issuer:       /CN=ab06c8f2247d22041c82e555667881e50f9154ab
Certificate serial:       01856EEFF827B3F80B35C17ECFD49602BAC6
Authority key identifier: AB:06:C8:F2:24:7D:22:04:1C:82:E5:55:66:78:81:E5:0F:91:54:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qwbI8iR9IgQcguVVZniB5Q-RVKs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/85sWqB6fbeDRLzxjAZcTITWfTfU.roa
Signing time:             Sun 01 Jan 2023 20:04:58 +0000
ROA not before:           Sun 01 Jan 2023 20:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205112
IP address blocks:        185.138.54.0/24 maxlen: 24
                          2a07:a40:c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:ef:f8:27:b3:f8:0b:35:c1:7e:cf:d4:96:02:ba:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab06c8f2247d22041c82e555667881e50f9154ab
        Validity
            Not Before: Jan  1 20:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f39b16a81e9f6de0d12f3c6301971321359f4df5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:35:41:5f:50:0c:5c:84:9c:47:de:e5:06:c1:
                    e9:dd:fb:61:9d:05:46:46:9c:88:71:c6:68:46:df:
                    90:d0:42:11:e1:52:4e:11:22:db:b6:57:57:f8:5d:
                    01:35:2b:4c:35:cd:b7:ca:0a:f8:75:fd:0a:a4:0e:
                    5e:0b:28:fe:5e:d4:b8:e7:e8:0d:7b:ea:30:a2:e1:
                    5d:38:16:0a:a7:e9:18:7e:ed:9c:06:7f:05:8e:b1:
                    51:7f:fe:fb:07:1b:27:4a:ba:2d:fd:3f:31:96:a6:
                    22:35:0e:8e:f9:3e:b5:17:19:87:0e:1a:ca:00:ba:
                    f6:9c:36:d1:7f:02:99:41:f1:e1:e6:de:bc:33:35:
                    6e:94:16:c1:87:75:e3:55:75:05:2b:06:75:0c:73:
                    37:80:a1:a7:c8:91:aa:5c:f5:5f:7a:59:cd:dc:fc:
                    1f:b9:41:4d:c5:5d:d5:ce:0c:96:85:14:ce:89:9c:
                    87:6c:df:86:61:94:d2:ba:24:b0:8d:53:3f:cd:9a:
                    69:a9:1d:83:82:34:f6:e0:56:69:92:25:22:78:e3:
                    15:96:11:ce:e7:d1:df:b4:f7:2e:a7:ab:c8:b5:64:
                    f3:d4:de:3d:99:35:e3:2d:2b:5b:12:a8:46:6b:f0:
                    1b:e6:f2:64:56:fe:04:d5:3d:54:6c:02:4b:e3:a2:
                    69:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:9B:16:A8:1E:9F:6D:E0:D1:2F:3C:63:01:97:13:21:35:9F:4D:F5
            X509v3 Authority Key Identifier:
                keyid:AB:06:C8:F2:24:7D:22:04:1C:82:E5:55:66:78:81:E5:0F:91:54:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwbI8iR9IgQcguVVZniB5Q-RVKs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/85sWqB6fbeDRLzxjAZcTITWfTfU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a94dea-2ffc-408d-aa9d-1ae36a4469fd/1/qwbI8iR9IgQcguVVZniB5Q-RVKs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.138.54.0/24
                IPv6:
                  2a07:a40:c::/48

    Signature Algorithm: sha256WithRSAEncryption
         af:bb:d5:51:ca:3a:8b:07:6c:5e:fb:b1:8d:c0:84:de:fe:88:
         cc:ff:e3:94:73:f0:74:3e:18:3c:a4:f7:f1:7f:c5:aa:2b:74:
         d4:8b:a2:cb:46:32:a9:64:d9:82:fa:91:c8:43:71:38:b4:92:
         a2:fe:85:e1:1c:2c:4b:94:50:4f:77:5d:e5:2e:2f:80:0d:4b:
         81:f6:20:a9:5f:a9:e0:b0:2c:ae:5a:d9:8d:68:69:5a:7d:45:
         b6:2c:52:7c:83:44:17:7d:18:13:c7:ec:2b:e7:7b:a9:11:41:
         b9:a8:49:7a:cc:5e:3c:3c:04:39:92:8b:16:9b:a0:92:ba:cc:
         f2:57:19:b6:d4:30:d7:93:58:4d:c5:4d:f5:25:58:07:c5:a4:
         84:77:2f:73:8b:8b:13:7a:fa:60:08:d0:01:55:82:7c:17:f6:
         5b:4c:12:0f:cb:c7:b6:42:91:ed:16:c5:ba:64:98:59:df:80:
         f0:f6:d5:49:f3:d4:1c:8e:af:8f:b8:2a:b3:7f:e2:7c:65:9c:
         be:db:43:4b:2c:30:18:1e:f0:30:a0:18:41:0f:a4:d4:07:19:
         97:eb:18:82:bb:c3:1f:ca:ad:18:c5:03:14:86:6e:11:a4:72:
         aa:a0:87:a5:58:63:f0:2e:7c:5d:3b:67:c3:f0:ce:37:61:e3:
         75:01:37:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVu7/gns/gLNcF+z9SWArrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDZjOGYyMjQ3ZDIyMDQxYzgyZTU1NTY2Nzg4MWU1MGY5
MTU0YWIwHhcNMjMwMTAxMjAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzliMTZhODFlOWY2ZGUwZDEyZjNjNjMwMTk3MTMyMTM1OWY0ZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzVBX1AMXIScR97lBsHp3fthnQVG
RpyIccZoRt+Q0EIR4VJOESLbtldX+F0BNStMNc23ygr4df0KpA5eCyj+XtS45+gN
e+owouFdOBYKp+kYfu2cBn8FjrFRf/77BxsnSrot/T8xlqYiNQ6O+T61FxmHDhrK
ALr2nDbRfwKZQfHh5t68MzVulBbBh3XjVXUFKwZ1DHM3gKGnyJGqXPVfelnN3Pwf
uUFNxV3VzgyWhRTOiZyHbN+GYZTSuiSwjVM/zZppqR2DgjT24FZpkiUieOMVlhHO
59HftPcup6vItWTz1N49mTXjLStbEqhGa/Ab5vJkVv4E1T1UbAJL46Jp8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPObFqgen23g0S88YwGXEyE1n031MB8GA1UdIwQY
MBaAFKsGyPIkfSIEHILlVWZ4geUPkVSrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdiSThpUjlJZ1FjZ3VWVlpuaUI1US1SVktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hOTRkZWEtMmZmYy00MDhkLWFhOWQt
MWFlMzZhNDQ2OWZkLzEvODVzV3FCNmZiZURSTHp4akFaY1RJVFdmVGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hOTRkZWEtMmZmYy00MDhkLWFhOWQtMWFlMzZhNDQ2OWZk
LzEvcXdiSThpUjlJZ1FjZ3VWVlpuaUI1US1SVktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYo2MA8E
AgACMAkDBwAqBwpAAAwwDQYJKoZIhvcNAQELBQADggEBAK+71VHKOosHbF77sY3A
hN7+iMz/45Rz8HQ+GDyk9/F/xaordNSLostGMqlk2YL6kchDcTi0kqL+heEcLEuU
UE93XeUuL4ANS4H2IKlfqeCwLK5a2Y1oaVp9RbYsUnyDRBd9GBPH7Cvne6kRQbmo
SXrMXjw8BDmSixaboJK6zPJXGbbUMNeTWE3FTfUlWAfFpIR3L3OLixN6+mAI0AFV
gnwX9ltMEg/Lx7ZCke0WxbpkmFnfgPD21Unz1ByOr4+4KrN/4nxlnL7bQ0ssMBge
8DCgGEEPpNQHGZfrGIK7wx/KrRjFAxSGbhGkcqqgh6VYY/AufF07Z8Pwzjdh43UB
N88=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:32 2024 by rpki-client on console-fra.rpki-client.org