Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/fMIdBfCxZMugq4VIa33JJcXE0Nc.roa
File:                     fMIdBfCxZMugq4VIa33JJcXE0Nc.roa (raw, json)
Hash identifier:          Mz+USYSZF51n0goLW7aCEKLi/Gzm6NXUmlWAelXz5pg=
Subject key identifier:   7C:C2:1D:05:F0:B1:64:CB:A0:AB:85:48:6B:7D:C9:25:C5:C4:D0:D7
Certificate issuer:       /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial:       018B6B0167807B2341211388E9810DAC47BB
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/fMIdBfCxZMugq4VIa33JJcXE0Nc.roa
Signing time:             Thu 26 Oct 2023 08:02:15 +0000
ROA not before:           Thu 26 Oct 2023 08:02:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     196705
IP address blocks:        194.187.148.0/22 maxlen: 22
                          188.191.20.0/24 maxlen: 24
                          188.191.21.0/24 maxlen: 24
                          188.191.22.0/24 maxlen: 24
                          188.191.23.0/24 maxlen: 24
                          188.191.20.0/22 maxlen: 22
                          188.191.28.0/24 maxlen: 24
                          188.191.28.0/22 maxlen: 24
                          91.215.60.0/22 maxlen: 22
                          91.215.60.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:6b:01:67:80:7b:23:41:21:13:88:e9:81:0d:ac:47:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
        Validity
            Not Before: Oct 26 08:02:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7cc21d05f0b164cba0ab85486b7dc925c5c4d0d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:ec:40:af:77:eb:21:87:31:a4:34:d8:56:c2:
                    c3:f0:98:57:11:3d:ba:d1:af:91:b3:ea:9f:66:ca:
                    c8:8f:dd:9a:e3:97:33:19:61:89:65:69:0a:9f:ff:
                    3e:b6:5a:b7:b6:2d:65:c9:59:45:b6:0e:32:46:4f:
                    89:cb:9d:d4:96:10:e5:e6:8c:1e:d8:3f:0b:6d:c3:
                    67:d5:90:45:1b:55:f2:ce:2b:1a:10:36:f4:0e:12:
                    6a:24:58:0c:03:8c:69:35:33:19:d5:3b:6b:02:c3:
                    5d:44:32:cf:de:40:cd:6f:cb:44:2a:41:38:db:8e:
                    33:60:55:c4:be:1b:3f:d7:06:e7:3c:48:7a:9b:24:
                    b4:4d:27:96:e3:f1:eb:1e:88:20:42:7c:29:3f:92:
                    84:8f:3f:74:d2:4d:73:48:b0:5f:95:88:1a:5c:fb:
                    a0:85:d8:65:be:7e:58:36:b7:9f:e0:16:44:f7:79:
                    16:b2:0f:d1:be:df:3e:01:94:34:7d:51:c7:d9:c5:
                    87:be:67:a1:30:2e:54:56:5c:df:1d:20:68:0f:59:
                    21:0d:9e:ef:f7:0c:ab:2e:c4:24:66:94:28:06:26:
                    41:d5:4f:1a:dc:b5:40:ff:24:4e:4c:08:0d:f8:20:
                    26:22:ce:c2:71:7b:fa:7c:f7:30:4b:b7:8d:5a:17:
                    97:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:C2:1D:05:F0:B1:64:CB:A0:AB:85:48:6B:7D:C9:25:C5:C4:D0:D7
            X509v3 Authority Key Identifier:
                keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/fMIdBfCxZMugq4VIa33JJcXE0Nc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.215.60.0/22
                  188.191.20.0/22
                  188.191.28.0/22
                  194.187.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a5:00:fd:5e:b6:72:b4:9d:4c:e2:7b:ec:6c:9e:3f:75:10:34:
         1e:47:0e:40:ed:b5:66:b6:82:be:da:ae:ac:d4:ac:84:d6:95:
         f4:8b:23:6a:6d:23:21:74:62:1f:01:66:12:b9:c2:98:2b:5b:
         39:8a:e8:39:6f:27:ef:35:ab:21:69:3b:36:9a:99:36:58:f8:
         b8:61:69:cf:9c:2b:e3:73:c4:ed:2b:a6:a7:f2:d9:dc:08:16:
         80:34:e1:d0:b4:23:f0:58:19:f5:4b:d4:fc:73:3f:60:bb:da:
         c5:fb:47:0d:7d:97:c8:a2:6b:6f:cd:6b:f2:20:58:ff:c8:dd:
         f4:79:78:a7:f5:27:95:9c:f2:ff:8e:63:39:a0:b0:51:54:26:
         f7:4e:06:37:ab:49:7d:97:14:1c:5a:46:fe:7f:1d:2a:eb:43:
         bc:0b:c5:72:ca:40:d8:7f:c5:04:95:5c:64:2f:2c:3f:67:c4:
         20:5e:d2:90:52:33:0b:d2:2c:b0:e2:aa:a8:2b:49:77:ee:90:
         e0:4e:d8:58:83:1a:09:74:52:e5:f9:21:90:96:10:da:13:13:
         72:8a:6d:7f:2c:e5:ea:c0:13:06:67:07:4d:67:65:1a:2d:28:
         83:03:b6:8e:22:b4:e1:c7:64:1c:b4:4a:3f:80:4c:33:2e:69:
         8d:da:2e:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtrAWeAeyNBIROI6YENrEe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMxMDI2MDgwMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2MyMWQwNWYwYjE2NGNiYTBhYjg1NDg2YjdkYzkyNWM1YzRkMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOxAr3frIYcxpDTYVsLD8JhXET26
0a+Rs+qfZsrIj92a45czGWGJZWkKn/8+tlq3ti1lyVlFtg4yRk+Jy53UlhDl5owe
2D8LbcNn1ZBFG1XyzisaEDb0DhJqJFgMA4xpNTMZ1TtrAsNdRDLP3kDNb8tEKkE4
244zYFXEvhs/1wbnPEh6myS0TSeW4/HrHoggQnwpP5KEjz900k1zSLBflYgaXPug
hdhlvn5YNref4BZE93kWsg/Rvt8+AZQ0fVHH2cWHvmehMC5UVlzfHSBoD1khDZ7v
9wyrLsQkZpQoBiZB1U8a3LVA/yROTAgN+CAmIs7CcXv6fPcwS7eNWheX9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHzCHQXwsWTLoKuFSGt9ySXFxNDXMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvZk1JZEJmQ3haTXVncTRWSWEzM0pKY1hFME5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW9c8AwQC
vL8UAwQCvL8cAwQCwruUMA0GCSqGSIb3DQEBCwUAA4IBAQClAP1etnK0nUzie+xs
nj91EDQeRw5A7bVmtoK+2q6s1KyE1pX0iyNqbSMhdGIfAWYSucKYK1s5iug5byfv
NashaTs2mpk2WPi4YWnPnCvjc8TtK6an8tncCBaANOHQtCPwWBn1S9T8cz9gu9rF
+0cNfZfIomtvzWvyIFj/yN30eXin9SeVnPL/jmM5oLBRVCb3TgY3q0l9lxQcWkb+
fx0q60O8C8VyykDYf8UElVxkLyw/Z8QgXtKQUjML0iyw4qqoK0l37pDgTthYgxoJ
dFLl+SGQlhDaExNyim1/LOXqwBMGZwdNZ2UaLSiDA7aOIrThx2QctEo/gEwzLmmN
2i58
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org