Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/fKP7EgMqDUXoH9n3Psm4YMqTAO4.roa
File:                     fKP7EgMqDUXoH9n3Psm4YMqTAO4.roa (raw, json)
Hash identifier:          y9YJIoxDiwNpCdck41FrA6g6sKV4dH4JE/4GPT9s2i8=
Subject key identifier:   7C:A3:FB:12:03:2A:0D:45:E8:1F:D9:F7:3E:C9:B8:60:CA:93:00:EE
Certificate issuer:       /CN=af935603e52e831537716d458b360192f99a3689
Certificate serial:       01857170A557A6D68166811F99D047E29B6B
Authority key identifier: AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/fKP7EgMqDUXoH9n3Psm4YMqTAO4.roa
Signing time:             Mon 02 Jan 2023 07:44:45 +0000
ROA not before:           Mon 02 Jan 2023 07:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.49.132.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 11 May 2023 08:49:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:70:a5:57:a6:d6:81:66:81:1f:99:d0:47:e2:9b:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af935603e52e831537716d458b360192f99a3689
        Validity
            Not Before: Jan  2 07:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7ca3fb12032a0d45e81fd9f73ec9b860ca9300ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e8:f7:39:72:ba:ad:7a:b9:f9:97:cb:d3:ad:
                    c3:b9:1f:24:4a:5f:11:7c:87:08:ac:a4:df:e7:99:
                    d7:f3:ad:f8:66:a7:ca:84:15:77:5c:01:e0:87:7c:
                    87:8e:0c:b9:dd:9b:70:7c:37:0a:22:0e:6c:0b:6d:
                    ea:c2:58:b5:ec:48:74:a2:c1:9d:6e:66:49:fd:bf:
                    a2:04:67:12:6b:fc:73:e2:b0:6e:87:f4:5d:19:7f:
                    c6:dd:e7:70:26:9f:7d:f3:4b:ea:45:75:5c:90:2e:
                    45:1a:da:c8:b5:82:3f:38:f3:a4:a7:67:51:a1:8b:
                    5d:89:a2:09:b2:9a:53:ad:f6:23:b5:fa:10:c3:7b:
                    5e:71:05:ec:8f:d8:f0:05:58:5f:96:e6:f8:ad:9c:
                    ad:2b:0d:cd:67:a2:c0:28:65:51:1a:39:da:a3:ef:
                    c5:a2:3e:b5:90:98:8c:b9:72:64:13:8a:39:e8:1e:
                    50:ca:81:cd:3d:d2:cd:4d:c6:7f:16:7b:89:2b:93:
                    6e:70:39:20:d5:02:2b:1f:51:1e:98:cb:ef:9f:96:
                    f1:f8:ee:d0:f0:dc:73:98:a8:32:14:d8:b7:fb:3c:
                    9e:a3:54:f0:79:d7:a1:cc:d2:06:65:61:8d:a5:9f:
                    2f:e6:7a:8d:2b:7d:74:cc:9f:b2:7f:f4:1c:da:6b:
                    b4:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:A3:FB:12:03:2A:0D:45:E8:1F:D9:F7:3E:C9:B8:60:CA:93:00:EE
            X509v3 Authority Key Identifier:
                keyid:AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/fKP7EgMqDUXoH9n3Psm4YMqTAO4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:d4:cc:b3:5b:2d:94:2c:fa:73:91:a1:c8:79:20:5c:93:a3:
         23:66:ac:ee:b5:b0:c0:58:4a:36:cd:be:5c:07:ca:4c:b6:30:
         ef:ef:03:62:85:e1:ac:70:81:84:73:b3:98:88:28:96:53:ac:
         24:b8:0c:5e:ba:96:9f:15:a4:96:cf:2b:00:5c:7f:75:61:3b:
         a0:4d:30:21:68:54:72:f0:88:15:1e:c0:df:2c:db:75:f8:1d:
         7f:83:7c:b4:4c:c9:6d:53:ab:0a:c9:ff:39:06:06:e4:06:4e:
         6b:47:11:85:61:c8:25:85:9d:f3:7b:5a:9d:db:41:97:fd:d3:
         55:14:26:37:c4:69:d2:d6:0f:81:05:e5:70:88:9c:8c:7d:34:
         3a:be:cf:31:26:85:75:b7:4a:9d:76:fd:e7:93:55:a7:d2:44:
         5b:7d:5d:8d:5c:97:6f:41:49:a8:2f:22:b0:73:97:7d:a5:51:
         21:f4:56:d6:15:9c:ed:dc:e9:ca:90:06:08:a9:3b:27:3f:2d:
         56:99:0f:1c:59:9a:f9:3d:90:cf:20:37:35:e4:e8:87:a2:3b:
         31:49:85:fa:8a:b8:9b:e8:88:f1:20:1c:79:cf:6f:98:e3:83:
         c7:b2:ef:0b:d5:44:5f:93:d7:bf:1b:6e:a4:2a:f4:ec:a9:cc:
         f1:c5:0e:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxcKVXptaBZoEfmdBH4ptrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM1NjAzZTUyZTgzMTUzNzcxNmQ0NThiMzYwMTkyZjk5
YTM2ODkwHhcNMjMwMTAyMDc0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2EzZmIxMjAzMmEwZDQ1ZTgxZmQ5ZjczZWM5Yjg2MGNhOTMwMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Oj3OXK6rXq5+ZfL063DuR8kSl8R
fIcIrKTf55nX8634ZqfKhBV3XAHgh3yHjgy53ZtwfDcKIg5sC23qwli17Eh0osGd
bmZJ/b+iBGcSa/xz4rBuh/RdGX/G3edwJp9980vqRXVckC5FGtrItYI/OPOkp2dR
oYtdiaIJsppTrfYjtfoQw3tecQXsj9jwBVhflub4rZytKw3NZ6LAKGVRGjnao+/F
oj61kJiMuXJkE4o56B5QyoHNPdLNTcZ/FnuJK5NucDkg1QIrH1EemMvvn5bx+O7Q
8NxzmKgyFNi3+zyeo1TwedehzNIGZWGNpZ8v5nqNK310zJ+yf/Qc2mu03QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHyj+xIDKg1F6B/Z9z7JuGDKkwDuMB8GA1UdIwQY
MBaAFK+TVgPlLoMVN3FtRYs2AZL5mjaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYt
MGEwZDA1ZWQwYzZiLzEvZktQN0VnTXFEVVhvSDluM1BzbTRZTXFUQU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZi
LzEvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTGEMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ1MyzWy2ULPpzkaHIeSBck6MjZqzutbDAWEo2zb5c
B8pMtjDv7wNiheGscIGEc7OYiCiWU6wkuAxeupafFaSWzysAXH91YTugTTAhaFRy
8IgVHsDfLNt1+B1/g3y0TMltU6sKyf85BgbkBk5rRxGFYcglhZ3ze1qd20GX/dNV
FCY3xGnS1g+BBeVwiJyMfTQ6vs8xJoV1t0qddv3nk1Wn0kRbfV2NXJdvQUmoLyKw
c5d9pVEh9FbWFZzt3OnKkAYIqTsnPy1WmQ8cWZr5PZDPIDc15OiHojsxSYX6irib
6IjxIBx5z2+Y44PHsu8L1URfk9e/G26kKvTsqczxxQ4v
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:43 2024 by rpki-client on console-fra.rpki-client.org