Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/0b556b-ed22-4453-925d-5dbb36f7a033/1/F9cx42tY-GZcVxcKJwn7bLLFwsA.roa
File:                     F9cx42tY-GZcVxcKJwn7bLLFwsA.roa (raw, json)
Hash identifier:          32EuUH+gYvJcSa+JdAljELV201hgSBek/0yJFQu0ffo=
Subject key identifier:   17:D7:31:E3:6B:58:F8:66:5C:57:17:0A:27:09:FB:6C:B2:C5:C2:C0
Certificate issuer:       /CN=14a3de4b7e66c87cf9c33e008a02d1a46e3fc766
Certificate serial:       018CA0ECBBD479E65E9D7E3899A27930AC8B
Authority key identifier: 14:A3:DE:4B:7E:66:C8:7C:F9:C3:3E:00:8A:02:D1:A4:6E:3F:C7:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FKPeS35myHz5wz4AigLRpG4_x2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/0b556b-ed22-4453-925d-5dbb36f7a033/1/F9cx42tY-GZcVxcKJwn7bLLFwsA.roa
Signing time:             Mon 25 Dec 2023 12:21:58 +0000
ROA not before:           Mon 25 Dec 2023 12:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47995
IP address blocks:        193.164.16.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:a0:ec:bb:d4:79:e6:5e:9d:7e:38:99:a2:79:30:ac:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14a3de4b7e66c87cf9c33e008a02d1a46e3fc766
        Validity
            Not Before: Dec 25 12:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=17d731e36b58f8665c57170a2709fb6cb2c5c2c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:77:d3:06:06:22:15:a5:d3:db:26:e0:11:4d:
                    22:1d:2c:a4:b5:8f:da:65:6a:e0:6d:09:ab:bb:9b:
                    e2:a1:30:98:f8:44:56:6f:38:9f:86:a5:64:71:a4:
                    a1:51:d8:56:83:0c:ff:18:54:11:d3:80:c7:e7:72:
                    2e:c9:30:7f:e1:a4:a0:fe:53:9d:83:cc:54:a6:f3:
                    45:69:62:9f:9b:20:40:94:26:06:51:6e:c8:6b:35:
                    8b:7a:2a:5d:f4:8a:16:a6:f0:be:45:c1:46:5d:bb:
                    ba:5e:b9:06:67:79:f9:61:73:5e:ac:ee:2e:e4:9f:
                    6a:be:0f:34:71:3f:18:48:0e:6e:df:0d:3d:45:46:
                    84:ae:18:c8:ee:a6:e7:06:fd:d0:18:a9:65:9e:df:
                    71:40:d5:10:fc:28:dd:e7:51:9e:37:f6:a5:5a:ec:
                    10:15:72:5c:c0:7d:25:4d:2b:6b:b6:2b:7a:1c:e2:
                    be:d4:8d:12:7f:f2:3c:fa:a3:c8:97:0a:51:12:51:
                    6f:06:40:6a:67:46:13:3c:aa:c8:6f:38:0a:c7:30:
                    f8:e4:27:35:eb:54:48:f7:6b:0f:ad:17:39:1f:da:
                    b8:9d:6d:3a:60:6a:8b:a5:45:c6:91:06:5c:56:36:
                    fb:71:9a:ef:e0:5a:4b:cf:6f:5d:52:a9:78:bd:d3:
                    95:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D7:31:E3:6B:58:F8:66:5C:57:17:0A:27:09:FB:6C:B2:C5:C2:C0
            X509v3 Authority Key Identifier:
                keyid:14:A3:DE:4B:7E:66:C8:7C:F9:C3:3E:00:8A:02:D1:A4:6E:3F:C7:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKPeS35myHz5wz4AigLRpG4_x2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/0b556b-ed22-4453-925d-5dbb36f7a033/1/F9cx42tY-GZcVxcKJwn7bLLFwsA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/0b556b-ed22-4453-925d-5dbb36f7a033/1/FKPeS35myHz5wz4AigLRpG4_x2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.164.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:e3:68:32:6f:7e:b2:9f:8c:b4:38:c5:ea:e3:31:09:77:a9:
         c7:12:ef:92:82:7d:e0:64:65:42:9a:44:7a:23:77:9b:11:75:
         15:e6:5b:72:98:fe:6f:1e:be:e1:64:b4:0e:23:3d:72:bf:9c:
         78:5c:7b:20:80:b9:63:06:e4:93:8d:78:82:0a:94:98:1f:15:
         58:92:fe:94:59:f1:13:09:0c:6d:21:c4:54:f9:b2:9a:b0:48:
         4e:6c:24:f5:04:32:6a:df:a1:a2:4f:dd:c8:69:b8:d9:46:f2:
         99:b6:f0:7d:04:7b:cc:04:ac:cc:f9:46:9c:48:96:a6:7d:62:
         05:30:ea:6c:9c:cc:0c:86:ab:06:c4:41:41:41:0c:d5:f8:ff:
         f9:51:e7:bc:d7:cf:df:3d:19:20:20:de:33:59:8e:39:e4:69:
         6f:36:c7:25:6a:53:ed:aa:db:57:b0:f9:6a:d7:11:ec:cf:37:
         66:64:5e:59:1e:85:f7:18:3d:47:e3:97:ee:9b:6f:e8:85:d4:
         03:d5:a9:9b:8d:95:d1:b6:73:a1:79:1a:6a:a6:49:e6:3d:cf:
         4f:fa:4a:72:ce:2d:29:12:90:5b:d6:f6:49:3a:fb:7f:75:51:
         24:9b:1f:05:8b:77:da:54:f3:56:60:1c:6f:0c:c1:23:d0:10:
         9e:91:39:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyg7LvUeeZenX44maJ5MKyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YTNkZTRiN2U2NmM4N2NmOWMzM2UwMDhhMDJkMWE0NmUz
ZmM3NjYwHhcNMjMxMjI1MTIyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Q3MzFlMzZiNThmODY2NWM1NzE3MGEyNzA5ZmI2Y2IyYzVjMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXfTBgYiFaXT2ybgEU0iHSyktY/a
ZWrgbQmru5vioTCY+ERWbzifhqVkcaShUdhWgwz/GFQR04DH53IuyTB/4aSg/lOd
g8xUpvNFaWKfmyBAlCYGUW7IazWLeipd9IoWpvC+RcFGXbu6XrkGZ3n5YXNerO4u
5J9qvg80cT8YSA5u3w09RUaErhjI7qbnBv3QGKllnt9xQNUQ/Cjd51GeN/alWuwQ
FXJcwH0lTStrtit6HOK+1I0Sf/I8+qPIlwpRElFvBkBqZ0YTPKrIbzgKxzD45Cc1
61RI92sPrRc5H9q4nW06YGqLpUXGkQZcVjb7cZrv4FpLz29dUql4vdOVOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBfXMeNrWPhmXFcXCicJ+2yyxcLAMB8GA1UdIwQY
MBaAFBSj3kt+Zsh8+cM+AIoC0aRuP8dmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRktQZVMzNW15SHo1d3o0QWlnTFJwRzRfeDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8wYjU1NmItZWQyMi00NDUzLTkyNWQt
NWRiYjM2ZjdhMDMzLzEvRjljeDQydFktR1pjVnhjS0p3bjdiTExGd3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8wYjU1NmItZWQyMi00NDUzLTkyNWQtNWRiYjM2ZjdhMDMz
LzEvRktQZVMzNW15SHo1d3o0QWlnTFJwRzRfeDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaQQMA0G
CSqGSIb3DQEBCwUAA4IBAQAl42gyb36yn4y0OMXq4zEJd6nHEu+Sgn3gZGVCmkR6
I3ebEXUV5ltymP5vHr7hZLQOIz1yv5x4XHsggLljBuSTjXiCCpSYHxVYkv6UWfET
CQxtIcRU+bKasEhObCT1BDJq36GiT93IabjZRvKZtvB9BHvMBKzM+UacSJamfWIF
MOpsnMwMhqsGxEFBQQzV+P/5Uee818/fPRkgIN4zWY455GlvNsclalPtqttXsPlq
1xHszzdmZF5ZHoX3GD1H45fum2/ohdQD1ambjZXRtnOheRpqpknmPc9P+kpyzi0p
EpBb1vZJOvt/dVEkmx8Fi3faVPNWYBxvDMEj0BCekTng
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:35 2024 by rpki-client on console-fra.rpki-client.org