Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/PxCexIBchYIRKtpFp5pk6Rurb7Y.roa
File:                     PxCexIBchYIRKtpFp5pk6Rurb7Y.roa (raw, json)
Hash identifier:          IuunPHcqHwFd0XN8j1GVLe7symcaqngtclqhhTd506s=
Subject key identifier:   3F:10:9E:C4:80:5C:85:82:11:2A:DA:45:A7:9A:64:E9:1B:AB:6F:B6
Certificate issuer:       /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial:       01898D9CBC5C64992236A4282030B0077021
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/PxCexIBchYIRKtpFp5pk6Rurb7Y.roa
Signing time:             Tue 25 Jul 2023 15:13:26 +0000
ROA not before:           Tue 25 Jul 2023 15:13:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57043
IP address blocks:        185.247.18.0/24 maxlen: 24
                          185.247.19.0/24 maxlen: 24
                          176.57.212.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8d:9c:bc:5c:64:99:22:36:a4:28:20:30:b0:07:70:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
        Validity
            Not Before: Jul 25 15:13:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f109ec4805c8582112ada45a79a64e91bab6fb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b6:57:92:c3:34:fd:9b:12:3f:b2:11:43:bf:
                    7f:b9:1b:c3:4f:9b:c1:39:c9:9f:29:76:8e:7e:09:
                    08:7a:08:b3:c4:1d:6c:88:78:dd:01:31:a7:9c:bc:
                    c3:64:1f:14:60:a7:fb:5f:30:28:95:9e:57:0e:da:
                    48:e6:d8:4f:85:18:b1:62:02:a2:6b:76:c7:f9:8e:
                    a9:8b:4c:1a:24:a4:de:ed:67:16:07:10:18:a0:cd:
                    dc:bd:b0:5a:d9:1d:63:43:c9:24:eb:a9:d8:8e:bd:
                    e4:ed:1f:3d:58:88:b0:a0:73:bc:1b:8a:c4:7d:28:
                    e4:eb:61:2c:57:34:45:91:79:26:e5:9b:28:10:04:
                    c0:8f:4c:b4:ad:b5:06:23:70:66:b9:fc:37:7a:bd:
                    1c:33:68:ac:b2:8c:ce:03:e8:46:85:7d:26:76:f8:
                    c4:4f:cb:ec:0f:1f:56:ab:da:5e:f7:e0:8b:14:e6:
                    0d:88:1b:c0:c4:19:03:22:3d:92:bb:e1:da:69:bf:
                    2b:18:11:35:8b:ff:77:91:ee:a3:bd:b2:ce:48:76:
                    50:b9:79:c8:eb:8d:69:16:5a:11:dc:5d:71:20:2b:
                    bc:80:19:d4:f2:68:66:c1:77:cf:ba:7e:62:e2:db:
                    e7:e7:69:c5:86:77:09:7a:b2:4b:08:71:b6:a7:d0:
                    c8:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:10:9E:C4:80:5C:85:82:11:2A:DA:45:A7:9A:64:E9:1B:AB:6F:B6
            X509v3 Authority Key Identifier:
                keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/PxCexIBchYIRKtpFp5pk6Rurb7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.57.212.0/24
                  185.247.18.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9d:31:3f:dc:02:53:fd:18:17:0a:c4:e0:52:86:5c:9a:d2:d3:
         41:3d:ae:fe:13:4f:fe:f1:a1:75:9d:06:de:79:1e:6c:ac:eb:
         cb:26:a8:58:89:99:30:1d:16:c1:6c:ef:98:aa:77:08:05:91:
         d8:20:64:9d:bd:35:35:45:d5:62:91:99:f1:0b:ac:14:92:74:
         d3:a6:60:9b:e4:9c:ce:8e:fd:49:c8:40:8f:49:aa:27:6f:bb:
         6a:3d:0f:a6:7d:22:e3:2d:ef:d9:99:94:45:50:e6:81:49:de:
         71:d1:3b:98:f5:27:a8:c2:be:9e:22:c4:16:dc:38:80:74:49:
         24:e5:6b:c9:14:0b:0b:45:29:6f:fe:95:c2:cd:d0:1c:01:f3:
         d1:7c:9c:23:11:f3:eb:be:56:0d:3c:95:7f:d1:bc:f9:d8:87:
         16:2c:2d:2e:d7:24:54:87:4b:ed:f3:5f:dc:e6:68:fd:8a:9a:
         20:b3:d5:67:7b:0b:c7:e8:d0:19:1c:ce:a6:ab:00:c7:cf:9a:
         1b:4e:e0:0f:94:83:e1:a7:41:e3:92:93:3f:05:3e:87:9b:eb:
         fa:d2:31:e5:b7:6a:f8:14:d7:7c:de:35:d5:95:73:26:42:31:
         a3:e8:5a:c4:b6:26:a2:7a:41:4c:e5:3f:13:3d:87:12:b2:09:
         ec:74:4e:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmNnLxcZJkiNqQoIDCwB3AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwNzI1MTUxMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjEwOWVjNDgwNWM4NTgyMTEyYWRhNDVhNzlhNjRlOTFiYWI2ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbZXksM0/ZsSP7IRQ79/uRvDT5vB
OcmfKXaOfgkIegizxB1siHjdATGnnLzDZB8UYKf7XzAolZ5XDtpI5thPhRixYgKi
a3bH+Y6pi0waJKTe7WcWBxAYoM3cvbBa2R1jQ8kk66nYjr3k7R89WIiwoHO8G4rE
fSjk62EsVzRFkXkm5ZsoEATAj0y0rbUGI3Bmufw3er0cM2issozOA+hGhX0mdvjE
T8vsDx9Wq9pe9+CLFOYNiBvAxBkDIj2Su+Haab8rGBE1i/93ke6jvbLOSHZQuXnI
641pFloR3F1xICu8gBnU8mhmwXfPun5i4tvn52nFhncJerJLCHG2p9DImQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD8QnsSAXIWCESraRaeaZOkbq2+2MB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvUHhDZXhJQmNoWUlSS3RwRnA1cGs2UnVyYjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsDnUAwQB
ufcSMA0GCSqGSIb3DQEBCwUAA4IBAQCdMT/cAlP9GBcKxOBShlya0tNBPa7+E0/+
8aF1nQbeeR5srOvLJqhYiZkwHRbBbO+YqncIBZHYIGSdvTU1RdVikZnxC6wUknTT
pmCb5JzOjv1JyECPSaonb7tqPQ+mfSLjLe/ZmZRFUOaBSd5x0TuY9Seowr6eIsQW
3DiAdEkk5WvJFAsLRSlv/pXCzdAcAfPRfJwjEfPrvlYNPJV/0bz52IcWLC0u1yRU
h0vt81/c5mj9ipogs9VnewvH6NAZHM6mqwDHz5obTuAPlIPhp0HjkpM/BT6Hm+v6
0jHlt2r4FNd83jXVlXMmQjGj6FrEtiaiekFM5T8TPYcSsgnsdE6O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:03 2024 by rpki-client on console-ams.rpki-client.org