Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cb537d-d7ef-409c-823c-eae4f6d33ca6/1/F6WYxozdtYjuWkqeDFzEZaJDQRQ.roa
File:                     F6WYxozdtYjuWkqeDFzEZaJDQRQ.roa (raw, json)
Hash identifier:          w9rpiYrJA927ahD4eZbigPVRlQQ+Ut23VuisRp6KYLU=
Subject key identifier:   17:A5:98:C6:8C:DD:B5:88:EE:5A:4A:9E:0C:5C:C4:65:A2:43:41:14
Certificate issuer:       /CN=c7da82e877933d9c2c952cb376c93aaa337dd7d2
Certificate serial:       01856F42AC764FD40A6AE33C8EE1E782CE97
Authority key identifier: C7:DA:82:E8:77:93:3D:9C:2C:95:2C:B3:76:C9:3A:AA:33:7D:D7:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x9qC6HeTPZwslSyzdsk6qjN919I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/cb537d-d7ef-409c-823c-eae4f6d33ca6/1/F6WYxozdtYjuWkqeDFzEZaJDQRQ.roa
Signing time:             Sun 01 Jan 2023 21:35:18 +0000
ROA not before:           Sun 01 Jan 2023 21:35:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198024
IP address blocks:        185.124.88.0/22 maxlen: 22
                          2a05:b080::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:ac:76:4f:d4:0a:6a:e3:3c:8e:e1:e7:82:ce:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7da82e877933d9c2c952cb376c93aaa337dd7d2
        Validity
            Not Before: Jan  1 21:35:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=17a598c68cddb588ee5a4a9e0c5cc465a2434114
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:93:52:a4:b0:5f:cd:99:90:17:45:65:03:29:
                    0f:41:e2:ab:81:04:ad:e3:50:95:16:ab:9e:d0:cd:
                    46:13:b6:dc:30:65:12:c4:e3:fc:ee:79:68:b5:2b:
                    aa:80:65:38:df:12:5c:b6:92:44:70:86:92:f6:07:
                    a5:13:4c:40:bc:26:0a:79:c0:8f:ee:f3:ad:13:d5:
                    0a:63:e9:24:ef:c5:a8:c9:88:ec:da:06:7e:99:96:
                    f6:29:db:fe:b1:0a:41:90:94:32:5f:92:e8:1b:49:
                    99:b7:be:df:4c:fd:67:37:6f:6c:f1:b8:c6:8f:77:
                    23:a6:7c:52:d3:43:49:0d:5c:d6:10:05:b6:e1:b0:
                    05:e6:d1:0d:20:08:d9:1e:4d:ae:26:49:b0:ed:e6:
                    e7:84:eb:4c:8a:66:85:62:1d:20:d0:f4:71:1a:07:
                    cf:38:b0:a4:68:f1:fb:43:da:3d:9f:8d:63:71:a3:
                    dc:b6:4b:e2:a4:f2:d6:98:be:1e:3f:d5:92:87:84:
                    85:dd:ca:c6:4a:f3:03:72:c8:d3:13:5b:98:ab:f9:
                    4e:49:3f:0d:e3:2a:23:37:44:fa:51:5a:52:38:b1:
                    fe:c4:e0:d9:ed:2c:b7:ae:e3:77:3e:b3:8a:9d:2a:
                    d3:76:7a:74:a1:84:c3:0c:6f:dc:ba:59:bc:9e:f3:
                    f0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:A5:98:C6:8C:DD:B5:88:EE:5A:4A:9E:0C:5C:C4:65:A2:43:41:14
            X509v3 Authority Key Identifier:
                keyid:C7:DA:82:E8:77:93:3D:9C:2C:95:2C:B3:76:C9:3A:AA:33:7D:D7:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x9qC6HeTPZwslSyzdsk6qjN919I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cb537d-d7ef-409c-823c-eae4f6d33ca6/1/F6WYxozdtYjuWkqeDFzEZaJDQRQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cb537d-d7ef-409c-823c-eae4f6d33ca6/1/x9qC6HeTPZwslSyzdsk6qjN919I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.124.88.0/22
                IPv6:
                  2a05:b080::/29

    Signature Algorithm: sha256WithRSAEncryption
         1d:08:04:e5:3b:e4:a0:cf:79:33:70:eb:8a:44:c1:6c:d1:bf:
         7e:f1:8c:7e:1a:d0:27:a6:d5:af:42:d0:59:77:9a:13:7a:80:
         ed:87:a0:a5:ae:1f:89:35:f7:9a:22:26:58:46:ff:de:67:a3:
         d6:d7:ae:c2:ca:46:70:d1:be:5e:ce:8a:c2:df:bf:74:73:81:
         73:4a:c6:e8:32:87:96:2b:5f:0b:88:d0:a3:bb:0f:d8:2d:60:
         92:e9:83:4f:d9:3b:de:57:7a:9d:2b:24:41:0b:a9:39:41:ab:
         f5:0e:83:98:83:68:b1:24:6d:9f:78:41:ec:7d:2d:4d:d9:2d:
         64:dc:aa:f1:96:6e:1d:67:47:be:54:39:c6:cf:b1:fe:31:92:
         d0:32:37:72:99:3e:6f:80:83:43:da:d1:9b:1a:33:32:c9:7f:
         5d:6b:6e:cd:e8:42:0b:9d:ba:78:31:e0:90:e0:2b:74:86:94:
         91:07:7b:4f:b9:4f:00:89:72:df:ae:b2:9e:3d:13:cc:22:dd:
         6f:fc:82:1c:64:e2:8a:81:42:fd:84:30:7d:06:f7:4e:c8:50:
         c8:03:9a:4d:5a:8a:ad:3c:0d:8f:25:73:2b:f8:7f:f1:a5:8d:
         85:1d:9a:8e:e0:9f:60:ed:7f:0c:bb:fc:0b:39:ee:74:3a:38:
         69:be:d0:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQqx2T9QKauM8juHngs6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZGE4MmU4Nzc5MzNkOWMyYzk1MmNiMzc2YzkzYWFhMzM3
ZGQ3ZDIwHhcNMjMwMTAxMjEzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2E1OThjNjhjZGRiNTg4ZWU1YTRhOWUwYzVjYzQ2NWEyNDM0MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJNSpLBfzZmQF0VlAykPQeKrgQSt
41CVFque0M1GE7bcMGUSxOP87nlotSuqgGU43xJctpJEcIaS9gelE0xAvCYKecCP
7vOtE9UKY+kk78WoyYjs2gZ+mZb2Kdv+sQpBkJQyX5LoG0mZt77fTP1nN29s8bjG
j3cjpnxS00NJDVzWEAW24bAF5tENIAjZHk2uJkmw7ebnhOtMimaFYh0g0PRxGgfP
OLCkaPH7Q9o9n41jcaPctkvipPLWmL4eP9WSh4SF3crGSvMDcsjTE1uYq/lOST8N
4yojN0T6UVpSOLH+xODZ7Sy3ruN3PrOKnSrTdnp0oYTDDG/culm8nvPwTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBelmMaM3bWI7lpKngxcxGWiQ0EUMB8GA1UdIwQY
MBaAFMfaguh3kz2cLJUss3bJOqozfdfSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDlxQzZIZVRQWndzbFN5emRzazZxak45MTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jYjUzN2QtZDdlZi00MDljLTgyM2Mt
ZWFlNGY2ZDMzY2E2LzEvRjZXWXhvemR0WWp1V2txZURGekVaYUpEUVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jYjUzN2QtZDdlZi00MDljLTgyM2MtZWFlNGY2ZDMzY2E2
LzEveDlxQzZIZVRQWndzbFN5emRzazZxak45MTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXxYMA0E
AgACMAcDBQMqBbCAMA0GCSqGSIb3DQEBCwUAA4IBAQAdCATlO+Sgz3kzcOuKRMFs
0b9+8Yx+GtAnptWvQtBZd5oTeoDth6Clrh+JNfeaIiZYRv/eZ6PW167CykZw0b5e
zorC3790c4FzSsboMoeWK18LiNCjuw/YLWCS6YNP2TveV3qdKyRBC6k5Qav1DoOY
g2ixJG2feEHsfS1N2S1k3Krxlm4dZ0e+VDnGz7H+MZLQMjdymT5vgIND2tGbGjMy
yX9da27N6EILnbp4MeCQ4Ct0hpSRB3tPuU8AiXLfrrKePRPMIt1v/IIcZOKKgUL9
hDB9BvdOyFDIA5pNWoqtPA2PJXMr+H/xpY2FHZqO4J9g7X8Mu/wLOe50OjhpvtAP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:02 2024 by rpki-client on console-ams.rpki-client.org