Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/fRbbr7U4MHVtTLvDZejIMQ4Fuhw.roa
File:                     fRbbr7U4MHVtTLvDZejIMQ4Fuhw.roa (raw, json)
Hash identifier:          LSp4NHVBbBNHO/g4Hxon4MVANqn9xS87lYfgdigeiGU=
Subject key identifier:   7D:16:DB:AF:B5:38:30:75:6D:4C:BB:C3:65:E8:C8:31:0E:05:BA:1C
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       018CC56EFBD59FA207F79B0A3CFA1098D564
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/fRbbr7U4MHVtTLvDZejIMQ4Fuhw.roa
Signing time:             Mon 01 Jan 2024 14:30:34 +0000
ROA not before:           Mon 01 Jan 2024 14:30:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5089
IP address blocks:        194.88.96.0/21 maxlen: 24
                          84.234.16.0/20 maxlen: 24
                          194.88.112.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Mar 2024 04:40:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:fb:d5:9f:a2:07:f7:9b:0a:3c:fa:10:98:d5:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Jan  1 14:30:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d16dbafb53830756d4cbbc365e8c8310e05ba1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:5c:fa:51:57:97:8c:df:6c:39:77:d8:05:3d:
                    83:dd:1d:21:29:08:b5:76:f8:8e:b4:e9:36:af:7d:
                    7b:91:e3:71:7b:5a:4b:16:64:9a:74:d4:d1:f9:85:
                    64:f3:0e:3b:00:9e:a5:44:6d:ac:ed:44:2c:98:15:
                    fa:45:99:54:90:fb:95:7a:b7:00:0a:60:16:da:70:
                    e2:13:17:fc:0e:ca:f7:4b:49:23:c6:cd:5b:7f:49:
                    40:b3:b7:0d:0c:34:5d:24:26:1b:04:92:d4:b9:10:
                    d5:dd:50:b3:b8:c5:8b:21:e5:88:a3:3f:9d:d1:2e:
                    b9:27:80:94:52:3d:2e:ef:3b:a2:14:96:1b:4f:80:
                    c8:43:55:88:57:1d:e5:6e:81:40:c8:34:85:d3:21:
                    da:89:d4:80:96:9f:20:a5:47:cf:ce:ff:93:ad:41:
                    6d:57:cf:f7:b7:c1:81:b9:02:24:2c:87:e0:f4:0d:
                    31:19:6d:d8:4e:af:83:f0:4f:6e:01:ea:81:33:6b:
                    f5:5d:60:0a:6e:ea:22:87:c5:20:72:07:86:b6:b9:
                    e7:68:3f:33:c0:f7:07:25:11:81:55:17:e8:d0:4c:
                    06:57:d7:a4:4a:7b:7b:ce:25:4a:1a:9b:e7:45:6b:
                    88:ee:5f:42:9c:31:04:5e:02:d9:5d:4f:ab:b6:62:
                    5c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:16:DB:AF:B5:38:30:75:6D:4C:BB:C3:65:E8:C8:31:0E:05:BA:1C
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/fRbbr7U4MHVtTLvDZejIMQ4Fuhw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.234.16.0/20
                  194.88.96.0/21
                  194.88.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         76:df:df:df:60:fa:42:95:f5:f7:fc:93:4e:30:b9:4a:a5:66:
         41:d0:68:79:6f:49:7e:c0:93:e6:f8:0a:cd:4e:11:fa:90:ca:
         fe:15:47:85:63:41:41:8c:aa:d9:a5:67:ef:61:86:ba:db:f9:
         c8:e6:44:6a:94:78:fd:5e:55:d2:90:f1:cb:1b:6a:82:79:f4:
         60:c7:24:9c:ef:a7:03:9b:04:2a:45:24:97:00:a6:93:1f:b4:
         f0:f7:2e:f6:d4:8c:99:96:d6:72:83:0e:42:7e:8d:e1:f6:f5:
         73:06:87:27:94:29:80:c2:bb:2c:0a:16:0f:5f:06:59:f8:87:
         bb:a7:2f:5f:cb:be:f0:a4:ba:56:0b:d7:0e:f4:19:6e:2b:0e:
         0d:e4:25:d9:a3:75:ab:13:42:26:05:cb:1e:39:87:e8:33:5d:
         1d:86:d6:46:b2:a7:da:7e:64:18:ee:fd:09:ef:24:c3:bc:1d:
         ac:e6:cb:4d:6b:0b:1e:e3:41:40:8c:97:a7:68:3f:85:78:53:
         ab:df:80:e6:1e:81:e0:3b:78:b3:90:96:f5:b0:b6:45:ed:a8:
         89:48:93:ce:b9:7a:bb:71:01:22:f6:2a:05:ab:41:45:bd:7a:
         03:91:46:2b:9f:a6:08:86:e3:b7:99:49:a8:49:d1:8c:52:c8:
         1b:82:4c:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbvvVn6IH95sKPPoQmNVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE2ZGJhZmI1MzgzMDc1NmQ0Y2JiYzM2NWU4YzgzMTBlMDViYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1z6UVeXjN9sOXfYBT2D3R0hKQi1
dviOtOk2r317keNxe1pLFmSadNTR+YVk8w47AJ6lRG2s7UQsmBX6RZlUkPuVercA
CmAW2nDiExf8Dsr3S0kjxs1bf0lAs7cNDDRdJCYbBJLUuRDV3VCzuMWLIeWIoz+d
0S65J4CUUj0u7zuiFJYbT4DIQ1WIVx3lboFAyDSF0yHaidSAlp8gpUfPzv+TrUFt
V8/3t8GBuQIkLIfg9A0xGW3YTq+D8E9uAeqBM2v1XWAKbuoih8UgcgeGtrnnaD8z
wPcHJRGBVRfo0EwGV9ekSnt7ziVKGpvnRWuI7l9CnDEEXgLZXU+rtmJcMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH0W26+1ODB1bUy7w2XoyDEOBbocMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvZlJiYnI3VTRNSFZ0VEx2RFplaklNUTRGdWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEVOoQAwQD
wlhgAwQEwlhwMA0GCSqGSIb3DQEBCwUAA4IBAQB239/fYPpClfX3/JNOMLlKpWZB
0Gh5b0l+wJPm+ArNThH6kMr+FUeFY0FBjKrZpWfvYYa62/nI5kRqlHj9XlXSkPHL
G2qCefRgxySc76cDmwQqRSSXAKaTH7Tw9y721IyZltZygw5Cfo3h9vVzBocnlCmA
wrssChYPXwZZ+Ie7py9fy77wpLpWC9cO9BluKw4N5CXZo3WrE0ImBcseOYfoM10d
htZGsqfafmQY7v0J7yTDvB2s5stNawse40FAjJenaD+FeFOr34DmHoHgO3izkJb1
sLZF7aiJSJPOuXq7cQEi9ioFq0FFvXoDkUYrn6YIhuO3mUmoSdGMUsgbgkxL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org