Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/gyeQ2PUILR0lSds2ZhIh9GEkQMM.roa
File:                     gyeQ2PUILR0lSds2ZhIh9GEkQMM.roa (raw, json)
Hash identifier:          5eaxzZy3jHhRRUttWuTQ/VYrT3eJ/VsqQxUiydvxCTc=
Subject key identifier:   83:27:90:D8:F5:08:2D:1D:25:49:DB:36:66:12:21:F4:61:24:40:C3
Certificate issuer:       /CN=eebe79d147882422ec275417dfd2affa93a02757
Certificate serial:       018CD5BE009C93CDF4E3B772F32B8B69EB72
Authority key identifier: EE:BE:79:D1:47:88:24:22:EC:27:54:17:DF:D2:AF:FA:93:A0:27:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7r550UeIJCLsJ1QX39Kv-pOgJ1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/gyeQ2PUILR0lSds2ZhIh9GEkQMM.roa
Signing time:             Thu 04 Jan 2024 18:30:48 +0000
ROA not before:           Thu 04 Jan 2024 18:30:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34876
IP address blocks:        95.86.188.0/24 maxlen: 24
                          95.86.189.0/24 maxlen: 24
                          95.86.190.0/24 maxlen: 24
                          95.86.191.0/24 maxlen: 24
                          95.86.138.0/24 maxlen: 24
                          95.86.139.0/24 maxlen: 24
                          95.86.133.0/24 maxlen: 24
                          95.86.134.0/24 maxlen: 24
                          95.86.136.0/24 maxlen: 24
                          95.86.137.0/24 maxlen: 24
                          95.86.135.0/24 maxlen: 24
                          95.86.140.0/24 maxlen: 24
                          95.86.141.0/24 maxlen: 24
                          95.86.143.0/24 maxlen: 24
                          95.86.144.0/21 maxlen: 21
                          95.86.142.0/24 maxlen: 24
                          95.86.152.0/24 maxlen: 24
                          95.86.154.0/24 maxlen: 24
                          95.86.153.0/24 maxlen: 24
                          95.86.157.0/24 maxlen: 24
                          95.86.158.0/24 maxlen: 24
                          95.86.155.0/24 maxlen: 24
                          95.86.156.0/24 maxlen: 24
                          95.86.159.0/24 maxlen: 24
                          95.86.166.0/24 maxlen: 24
                          95.86.161.0/24 maxlen: 24
                          95.86.160.0/24 maxlen: 24
                          95.86.164.0/24 maxlen: 24
                          95.86.165.0/24 maxlen: 24
                          95.86.162.0/24 maxlen: 24
                          95.86.163.0/24 maxlen: 24
                          95.86.168.0/22 maxlen: 22
                          95.86.167.0/24 maxlen: 24
                          95.86.172.0/24 maxlen: 24
                          95.86.175.0/24 maxlen: 24
                          95.86.173.0/24 maxlen: 24
                          95.86.174.0/24 maxlen: 24
                          95.86.178.0/24 maxlen: 24
                          95.86.179.0/24 maxlen: 24
                          95.86.176.0/24 maxlen: 24
                          95.86.177.0/24 maxlen: 24
                          95.86.182.0/24 maxlen: 24
                          95.86.180.0/24 maxlen: 24
                          95.86.181.0/24 maxlen: 24
                          95.86.183.0/24 maxlen: 24
                          95.86.184.0/22 maxlen: 22
                          95.86.129.0/24 maxlen: 24
                          95.86.130.0/24 maxlen: 24
                          95.86.128.0/24 maxlen: 24
                          95.86.131.0/24 maxlen: 24
                          95.86.132.0/24 maxlen: 24
                          193.8.62.0/23 maxlen: 23
                          193.8.62.0/24 maxlen: 24
                          193.8.63.0/24 maxlen: 24
                          193.8.73.0/24 maxlen: 24
                          193.8.72.0/23 maxlen: 23
                          193.8.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Jan 2024 18:06:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d5:be:00:9c:93:cd:f4:e3:b7:72:f3:2b:8b:69:eb:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eebe79d147882422ec275417dfd2affa93a02757
        Validity
            Not Before: Jan  4 18:30:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=832790d8f5082d1d2549db36661221f4612440c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c9:f3:f2:fe:a3:1d:b9:5b:92:ce:64:1c:61:
                    f3:92:fd:ff:77:3c:d8:e2:0e:c9:56:ee:93:18:a5:
                    1e:2e:bc:98:b6:4a:b1:d6:92:22:fe:c8:1c:2a:20:
                    44:7a:da:32:3f:21:92:7c:22:c9:43:c0:37:1c:eb:
                    26:e5:c1:ec:39:14:ae:3e:8b:2d:24:bd:93:66:8c:
                    22:0a:06:4a:ec:0b:3e:92:cd:e4:d7:99:bd:87:4b:
                    7a:4a:08:e1:1c:a8:e9:b3:fc:22:c9:b1:fc:8e:54:
                    f0:28:38:5b:29:63:3e:e6:5d:78:2c:9b:8e:f4:dd:
                    d4:6a:af:87:30:12:e8:c4:b7:cf:60:e1:06:7f:42:
                    30:94:52:30:67:4e:80:62:35:fe:45:33:81:47:bd:
                    0b:46:64:02:7a:ce:17:e0:88:ee:1d:5b:e6:2a:5b:
                    c4:a1:0c:97:28:e8:51:34:0d:9f:b1:70:b5:0c:d0:
                    8f:2b:ab:5c:0f:43:7c:ee:9d:96:29:6a:f4:e0:03:
                    f7:bf:53:6c:31:1d:b8:bd:51:4a:3e:a6:56:99:7f:
                    68:27:5f:73:be:72:da:d8:cf:3f:25:f6:f0:8e:45:
                    dd:ac:2d:53:b3:4b:0f:df:ee:67:f2:ff:54:07:52:
                    49:c0:5a:b8:c4:11:09:89:e0:a1:29:c4:b4:df:67:
                    b3:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:27:90:D8:F5:08:2D:1D:25:49:DB:36:66:12:21:F4:61:24:40:C3
            X509v3 Authority Key Identifier:
                keyid:EE:BE:79:D1:47:88:24:22:EC:27:54:17:DF:D2:AF:FA:93:A0:27:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7r550UeIJCLsJ1QX39Kv-pOgJ1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/gyeQ2PUILR0lSds2ZhIh9GEkQMM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/7r550UeIJCLsJ1QX39Kv-pOgJ1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.86.128.0/18
                  193.8.62.0/23
                  193.8.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:3b:57:4e:61:6b:44:ec:17:89:cb:aa:a7:91:92:ee:7d:8b:
         4a:38:c8:63:df:20:ad:cc:6d:41:98:01:df:74:56:7c:d0:9d:
         58:13:ca:26:10:00:16:eb:fd:29:9d:52:ee:c2:1e:5f:3d:98:
         5d:87:44:ec:8b:e6:bf:55:64:84:25:1e:0f:02:a7:2a:10:65:
         69:4a:d2:23:8e:8b:29:69:c4:89:90:99:89:3d:6b:e5:bf:e4:
         e1:8d:27:0c:04:c1:58:3c:ed:31:a2:a8:cf:f2:05:15:ed:9c:
         33:78:fe:f1:e4:35:94:b0:a2:17:3e:8d:8f:2a:27:25:9b:b2:
         e0:03:db:04:22:63:54:e0:81:b1:ca:a1:82:e5:11:90:b7:7e:
         3a:4b:ab:6c:3e:be:6d:12:ba:23:85:27:e1:92:eb:e3:6d:ac:
         0d:18:ae:e6:f1:01:c2:32:c6:fa:75:ab:34:33:ac:07:5e:14:
         a8:c1:b4:51:6e:1a:c1:cd:d0:7f:c7:6c:31:ce:62:fd:cd:2e:
         a4:0c:a5:23:ee:ff:ea:8d:dc:df:bf:b5:42:ac:f6:3c:ba:81:
         74:f5:f4:24:d3:77:93:ce:a5:b9:43:d9:87:01:ba:d3:5b:f1:
         84:3d:08:d0:2a:d0:f1:e4:b5:19:2f:fe:8e:27:58:81:f6:ff:
         79:53:50:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzVvgCck83047dy8yuLaetyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmU3OWQxNDc4ODI0MjJlYzI3NTQxN2RmZDJhZmZhOTNh
MDI3NTcwHhcNMjQwMTA0MTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI3OTBkOGY1MDgyZDFkMjU0OWRiMzY2NjEyMjFmNDYxMjQ0MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcnz8v6jHblbks5kHGHzkv3/dzzY
4g7JVu6TGKUeLryYtkqx1pIi/sgcKiBEetoyPyGSfCLJQ8A3HOsm5cHsORSuPost
JL2TZowiCgZK7As+ks3k15m9h0t6SgjhHKjps/wiybH8jlTwKDhbKWM+5l14LJuO
9N3Uaq+HMBLoxLfPYOEGf0IwlFIwZ06AYjX+RTOBR70LRmQCes4X4IjuHVvmKlvE
oQyXKOhRNA2fsXC1DNCPK6tcD0N87p2WKWr04AP3v1NsMR24vVFKPqZWmX9oJ19z
vnLa2M8/JfbwjkXdrC1Ts0sP3+5n8v9UB1JJwFq4xBEJieChKcS032ezhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIMnkNj1CC0dJUnbNmYSIfRhJEDDMB8GA1UdIwQY
MBaAFO6+edFHiCQi7CdUF9/Sr/qToCdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3I1NTBVZUlKQ0xzSjFRWDM5S3YtcE9nSjFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jNDRiN2YtNWJjZC00ZWU3LTg3MTIt
Mzg4MjNjMTQ0OWFmLzEvZ3llUTJQVUlMUjBsU2RzMlpoSWg5R0VrUU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jNDRiN2YtNWJjZC00ZWU3LTg3MTItMzg4MjNjMTQ0OWFm
LzEvN3I1NTBVZUlKQ0xzSjFRWDM5S3YtcE9nSjFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGX1aAAwQB
wQg+AwQBwQhIMA0GCSqGSIb3DQEBCwUAA4IBAQA/O1dOYWtE7BeJy6qnkZLufYtK
OMhj3yCtzG1BmAHfdFZ80J1YE8omEAAW6/0pnVLuwh5fPZhdh0Tsi+a/VWSEJR4P
AqcqEGVpStIjjospacSJkJmJPWvlv+ThjScMBMFYPO0xoqjP8gUV7ZwzeP7x5DWU
sKIXPo2PKiclm7LgA9sEImNU4IGxyqGC5RGQt346S6tsPr5tErojhSfhkuvjbawN
GK7m8QHCMsb6das0M6wHXhSowbRRbhrBzdB/x2wxzmL9zS6kDKUj7v/qjdzfv7VC
rPY8uoF09fQk03eTzqW5Q9mHAbrTW/GEPQjQKtDx5LUZL/6OJ1iB9v95U1BX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:55 2024 by rpki-client on console-fra.rpki-client.org