Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/4pbsYeR60niKwibYO82GJZW_YAk.roa
File:                     4pbsYeR60niKwibYO82GJZW_YAk.roa (raw, json)
Hash identifier:          XjM3FkxZJFaaD30GK7TpMLniUYP2PpsW4iZ0BYqAS6I=
Subject key identifier:   E2:96:EC:61:E4:7A:D2:78:8A:C2:26:D8:3B:CD:86:25:95:BF:60:09
Certificate issuer:       /CN=f57c1aaadb8320dd843235458cf2c5cbf4704ad6
Certificate serial:       0189209C241662B13CAF1DB93E9C2DE4D7E6
Authority key identifier: F5:7C:1A:AA:DB:83:20:DD:84:32:35:45:8C:F2:C5:CB:F4:70:4A:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/4pbsYeR60niKwibYO82GJZW_YAk.roa
Signing time:             Tue 04 Jul 2023 11:14:10 +0000
ROA not before:           Tue 04 Jul 2023 11:14:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35242
IP address blocks:        194.45.208.0/21 maxlen: 21
                          193.29.132.0/24 maxlen: 24
                          195.80.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:20:9c:24:16:62:b1:3c:af:1d:b9:3e:9c:2d:e4:d7:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f57c1aaadb8320dd843235458cf2c5cbf4704ad6
        Validity
            Not Before: Jul  4 11:14:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e296ec61e47ad2788ac226d83bcd862595bf6009
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:64:7a:bb:51:12:08:4c:af:8c:41:3d:2d:59:
                    8e:a1:54:54:70:56:bd:c0:9b:8f:e4:83:cd:bd:78:
                    27:4b:cf:5f:37:09:28:a8:dd:4f:33:b2:57:97:54:
                    b2:52:ab:68:55:77:6b:2d:73:20:5d:de:4d:01:ad:
                    3b:85:ab:0a:3d:6c:31:10:53:51:c8:99:3a:51:56:
                    b9:2d:02:33:ac:8f:8b:1e:ba:d7:46:32:1b:5e:b0:
                    9b:1d:80:8d:7e:9d:f4:95:e6:1b:f4:67:e5:ec:74:
                    3a:51:93:15:9c:90:7f:4c:b2:5d:60:66:fe:75:71:
                    26:a2:b4:50:74:66:78:01:d8:35:2f:38:b1:c6:a3:
                    54:73:87:ca:2f:e9:bc:18:98:22:00:2c:bd:b8:92:
                    27:ec:13:23:a7:fc:39:ad:30:5d:66:62:82:2d:00:
                    18:2c:9e:a4:55:e6:be:5a:97:87:64:52:97:10:ea:
                    8c:40:8b:69:6a:fd:ca:0e:59:0c:03:87:39:a9:7f:
                    c4:03:e5:33:ca:4f:b8:db:3c:fa:f4:31:36:8c:f4:
                    db:69:2a:db:d8:db:ad:2b:db:e5:a5:46:c6:09:05:
                    4b:b7:36:82:24:e7:d1:72:1b:2f:b2:47:9b:37:da:
                    2d:a7:02:f3:f1:2d:53:71:10:79:99:11:ea:a9:61:
                    d0:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:96:EC:61:E4:7A:D2:78:8A:C2:26:D8:3B:CD:86:25:95:BF:60:09
            X509v3 Authority Key Identifier:
                keyid:F5:7C:1A:AA:DB:83:20:DD:84:32:35:45:8C:F2:C5:CB:F4:70:4A:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/4pbsYeR60niKwibYO82GJZW_YAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/9XwaqtuDIN2EMjVFjPLFy_RwStY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.29.132.0/24
                  194.45.208.0/21
                  195.80.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:a8:92:f1:f3:2a:ee:e6:16:2e:1a:14:00:6b:e4:19:23:62:
         ce:b9:26:f3:05:c6:e3:5c:a3:80:e6:cf:63:0b:43:26:d4:2a:
         35:7d:30:3c:20:11:ad:13:d1:3c:3f:5b:95:c3:17:80:b8:ce:
         67:f1:f6:87:ab:4b:cf:1e:89:b6:46:e2:ea:95:c5:5d:f4:16:
         8d:7d:96:cf:8b:71:28:0d:ac:c4:ac:61:84:31:2a:21:d9:9d:
         5c:56:37:c3:53:b0:8e:c5:06:d4:09:47:ad:25:f9:d9:6a:17:
         51:d7:77:40:81:10:97:59:23:3f:66:80:5b:7b:0c:15:7c:20:
         46:cf:76:a2:1d:76:a9:5b:75:6b:ad:a7:c0:16:81:59:64:7c:
         73:73:78:60:46:82:93:14:db:e0:0d:98:10:e5:a2:04:ac:d3:
         2a:7e:b6:fe:7c:d5:73:43:96:0b:39:f5:a9:64:b9:98:6d:50:
         80:9f:88:0e:8a:ab:61:99:c7:12:62:8f:e1:32:1f:15:4f:8e:
         1f:df:d7:68:65:9a:d2:af:5a:4d:56:66:66:e2:cb:ed:25:85:
         c5:60:12:f7:5a:a5:ed:52:10:92:88:19:f5:1a:04:10:2f:c5:
         70:8a:29:56:07:9b:5d:23:71:58:2f:a8:a2:e0:98:e4:6a:07:
         6f:b9:6b:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkgnCQWYrE8rx25Ppwt5NfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2MxYWFhZGI4MzIwZGQ4NDMyMzU0NThjZjJjNWNiZjQ3
MDRhZDYwHhcNMjMwNzA0MTExNDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjk2ZWM2MWU0N2FkMjc4OGFjMjI2ZDgzYmNkODYyNTk1YmY2MDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWR6u1ESCEyvjEE9LVmOoVRUcFa9
wJuP5IPNvXgnS89fNwkoqN1PM7JXl1SyUqtoVXdrLXMgXd5NAa07hasKPWwxEFNR
yJk6UVa5LQIzrI+LHrrXRjIbXrCbHYCNfp30leYb9Gfl7HQ6UZMVnJB/TLJdYGb+
dXEmorRQdGZ4Adg1LzixxqNUc4fKL+m8GJgiACy9uJIn7BMjp/w5rTBdZmKCLQAY
LJ6kVea+WpeHZFKXEOqMQItpav3KDlkMA4c5qX/EA+Uzyk+42zz69DE2jPTbaSrb
2NutK9vlpUbGCQVLtzaCJOfRchsvskebN9otpwLz8S1TcRB5mRHqqWHQYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOKW7GHketJ4isIm2DvNhiWVv2AJMB8GA1UdIwQY
MBaAFPV8GqrbgyDdhDI1RYzyxcv0cErWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVh3YXF0dURJTjJFTWpWRmpQTEZ5X1J3U3RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jM2U4NzEtMjBjYy00NGY0LWJmYTAt
YTE4NTZkZDdiNWQ4LzEvNHBic1llUjYwbmlLd2liWU84MkdKWldfWUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jM2U4NzEtMjBjYy00NGY0LWJmYTAtYTE4NTZkZDdiNWQ4
LzEvOVh3YXF0dURJTjJFTWpWRmpQTEZ5X1J3U3RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwR2EAwQD
wi3QAwQAw1DvMA0GCSqGSIb3DQEBCwUAA4IBAQAvqJLx8yru5hYuGhQAa+QZI2LO
uSbzBcbjXKOA5s9jC0Mm1Co1fTA8IBGtE9E8P1uVwxeAuM5n8faHq0vPHom2RuLq
lcVd9BaNfZbPi3EoDazErGGEMSoh2Z1cVjfDU7COxQbUCUetJfnZahdR13dAgRCX
WSM/ZoBbewwVfCBGz3aiHXapW3VrrafAFoFZZHxzc3hgRoKTFNvgDZgQ5aIErNMq
frb+fNVzQ5YLOfWpZLmYbVCAn4gOiqthmccSYo/hMh8VT44f39doZZrSr1pNVmZm
4svtJYXFYBL3WqXtUhCSiBn1GgQQL8VwiilWB5tdI3FYL6ii4JjkagdvuWu1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:07 2024 by rpki-client on console-fra.rpki-client.org