Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FbcCLzWDuqUx3zJY4f-iUeCC42Y.roa
File:                     FbcCLzWDuqUx3zJY4f-iUeCC42Y.roa (raw, json)
Hash identifier:          91PrcNEZMQU6SI2c/ScYLZMI8hzvewW9urC6sTR54Yk=
Subject key identifier:   15:B7:02:2F:35:83:BA:A5:31:DF:32:58:E1:FF:A2:51:E0:82:E3:66
Certificate issuer:       /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial:       01856F14AE154C4023848B65E874320D891F
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FbcCLzWDuqUx3zJY4f-iUeCC42Y.roa
Signing time:             Sun 01 Jan 2023 20:45:04 +0000
ROA not before:           Sun 01 Jan 2023 20:45:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200420
IP address blocks:        212.110.157.0/24 maxlen: 24
                          192.109.248.0/24 maxlen: 24
                          185.76.82.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:ae:15:4c:40:23:84:8b:65:e8:74:32:0d:89:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
        Validity
            Not Before: Jan  1 20:45:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=15b7022f3583baa531df3258e1ffa251e082e366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ec:4d:d9:f0:ef:26:5e:93:d9:e6:a0:74:32:
                    ed:21:b8:a1:b7:b7:11:63:c8:81:c2:e3:ff:5e:43:
                    bd:40:30:03:4b:a5:cd:e6:17:4f:ba:c1:94:ee:93:
                    7f:73:11:3c:61:e0:6e:00:35:0f:47:a5:82:14:01:
                    01:ab:c7:60:fc:aa:04:2b:f3:09:bd:51:e4:ee:c4:
                    d1:92:44:b8:93:9f:54:1a:ba:ae:de:07:28:53:1e:
                    f5:27:b7:5c:b3:2b:5d:80:06:e8:96:02:3c:11:86:
                    d6:1b:e2:cc:d2:29:5b:ec:c4:4f:42:fc:7b:1b:02:
                    62:6e:5b:00:0c:00:c0:27:17:84:2e:a6:a4:b4:36:
                    2b:0c:e2:b0:2d:96:9c:b9:3c:8c:22:6e:12:0e:d8:
                    d9:6b:45:bf:d7:68:5e:e8:bf:31:1d:20:91:61:fd:
                    ce:0c:2a:ab:7b:be:57:df:3b:33:32:2e:a3:c4:24:
                    f2:04:d9:8e:fb:11:b6:8f:e3:c0:bb:39:f3:27:6a:
                    05:04:48:5b:d0:5e:31:a2:f5:0a:02:00:f3:5b:d6:
                    74:ab:87:4a:4c:d8:df:76:1d:98:b4:af:d9:58:c9:
                    73:03:f3:7d:f2:27:92:48:c8:78:7c:39:c1:c4:cd:
                    06:c9:63:b5:f6:e1:06:65:49:92:8c:d9:64:df:a5:
                    5c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:B7:02:2F:35:83:BA:A5:31:DF:32:58:E1:FF:A2:51:E0:82:E3:66
            X509v3 Authority Key Identifier:
                keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FbcCLzWDuqUx3zJY4f-iUeCC42Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.76.82.0/24
                  192.109.248.0/24
                  212.110.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:64:e8:ad:f2:89:e9:d2:c2:8e:e4:e4:12:97:d5:03:1a:95:
         70:e4:fa:02:ff:d8:21:69:0e:19:62:57:9b:0a:0e:a3:1e:35:
         e4:91:3f:2b:98:66:21:7b:de:93:c7:9f:31:94:6f:b4:19:93:
         c6:88:e1:01:01:b8:cc:20:6f:79:48:9b:29:d8:88:fb:ed:1b:
         e9:8e:d4:07:7d:60:f3:30:c9:51:15:df:7c:b3:b0:b4:9e:37:
         94:e4:93:a5:7f:4b:1a:e1:4a:21:2a:9a:59:26:29:11:ae:ae:
         9b:e7:fa:8d:b5:c9:d2:0c:de:a7:d4:e8:a5:5f:00:17:4d:80:
         73:30:37:bf:57:e2:e5:18:92:3a:07:7f:e3:4c:53:4d:9e:71:
         d3:23:d5:10:cf:58:7f:2c:d3:71:14:dd:bb:95:83:7f:38:e1:
         7f:11:12:0b:d2:11:0b:78:fa:c3:7c:40:a8:6d:01:23:77:a6:
         03:b3:09:f7:02:23:20:dd:ad:f5:cf:74:41:9a:8e:95:1d:81:
         77:84:9b:71:a8:29:85:b7:f2:17:b6:88:a8:df:06:34:ff:90:
         7f:f5:48:a1:22:b8:f5:a5:bc:3c:13:a1:ac:d4:d4:87:10:18:
         c1:bc:de:f6:d5:9c:5b:6c:2e:28:61:5a:c1:a7:73:55:3b:59:
         6b:db:e9:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvFK4VTEAjhItl6HQyDYkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWI3MDIyZjM1ODNiYWE1MzFkZjMyNThlMWZmYTI1MWUwODJlMzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuxN2fDvJl6T2eagdDLtIbiht7cR
Y8iBwuP/XkO9QDADS6XN5hdPusGU7pN/cxE8YeBuADUPR6WCFAEBq8dg/KoEK/MJ
vVHk7sTRkkS4k59UGrqu3gcoUx71J7dcsytdgAbolgI8EYbWG+LM0ilb7MRPQvx7
GwJiblsADADAJxeELqaktDYrDOKwLZacuTyMIm4SDtjZa0W/12he6L8xHSCRYf3O
DCqre75X3zszMi6jxCTyBNmO+xG2j+PAuznzJ2oFBEhb0F4xovUKAgDzW9Z0q4dK
TNjfdh2YtK/ZWMlzA/N98ieSSMh4fDnBxM0GyWO19uEGZUmSjNlk36VcmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBW3Ai81g7qlMd8yWOH/olHgguNmMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvRmJjQ0x6V0R1cVV4M3pKWTRmLWlVZUNDNDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuUxSAwQA
wG34AwQA1G6dMA0GCSqGSIb3DQEBCwUAA4IBAQA0ZOit8onp0sKO5OQSl9UDGpVw
5PoC/9ghaQ4ZYlebCg6jHjXkkT8rmGYhe96Tx58xlG+0GZPGiOEBAbjMIG95SJsp
2Ij77RvpjtQHfWDzMMlRFd98s7C0njeU5JOlf0sa4UohKppZJikRrq6b5/qNtcnS
DN6n1OilXwAXTYBzMDe/V+LlGJI6B3/jTFNNnnHTI9UQz1h/LNNxFN27lYN/OOF/
ERIL0hELePrDfECobQEjd6YDswn3AiMg3a31z3RBmo6VHYF3hJtxqCmFt/IXtoio
3wY0/5B/9UihIrj1pbw8E6Gs1NSHEBjBvN721ZxbbC4oYVrBp3NVO1lr2+mQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:53 2024 by rpki-client on console-ams.rpki-client.org