Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/PYw_pajOO4nsXONQjIYrX72gH2c.roa
File:                     PYw_pajOO4nsXONQjIYrX72gH2c.roa (raw, json)
Hash identifier:          BlRddElu2fQJLZvUnpwjztoMdVrsdTJqd/QbgXtYf0A=
Subject key identifier:   3D:8C:3F:A5:A8:CE:3B:89:EC:5C:E3:50:8C:86:2B:5F:BD:A0:1F:67
Certificate issuer:       /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial:       019137095679C27467149F4266ADDD5D2EE4
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/PYw_pajOO4nsXONQjIYrX72gH2c.roa
Signing time:             Fri 09 Aug 2024 12:07:24 +0000
ROA not before:           Fri 09 Aug 2024 12:07:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47583
IP address blocks:        88.222.208.0/20 maxlen: 24
                          88.222.240.0/21 maxlen: 24
                          88.223.80.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Aug 2024 11:18:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:37:09:56:79:c2:74:67:14:9f:42:66:ad:dd:5d:2e:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
        Validity
            Not Before: Aug  9 12:07:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3d8c3fa5a8ce3b89ec5ce3508c862b5fbda01f67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ae:52:44:51:c0:9d:85:ae:ef:3d:f6:44:71:
                    62:6e:27:c6:dd:03:c9:02:64:a6:a3:c0:2f:7e:22:
                    37:0f:90:f4:9e:d9:72:8a:2e:db:34:e3:71:79:f1:
                    ce:86:2e:f0:f3:79:da:81:86:1f:2c:10:ee:77:a5:
                    9d:4e:69:b8:aa:1f:fb:97:15:74:20:ae:b7:61:3c:
                    a7:5e:a8:17:fd:33:95:6e:4b:2c:be:d5:db:b6:f5:
                    cb:5c:e5:c6:35:7e:2a:a5:7b:3b:90:14:99:57:aa:
                    37:54:dc:d2:ef:36:b8:c4:51:5a:96:48:92:33:6b:
                    95:6c:1c:40:c9:f2:08:f8:d6:34:9d:4e:19:ed:22:
                    fa:1b:26:3a:71:de:f2:f6:44:cf:54:50:25:78:bd:
                    1e:2b:cc:ef:4e:14:78:21:3b:e2:cc:af:82:b4:58:
                    c6:f1:cd:d6:94:8e:9c:d8:df:ef:af:73:aa:fe:aa:
                    6d:c3:ad:56:0e:08:b6:2e:e2:25:95:e2:4e:ec:4b:
                    62:e3:60:3a:ed:c6:98:c1:88:e2:72:39:0f:36:bc:
                    a6:85:a1:87:1c:82:0f:b4:86:d9:d8:08:35:63:d3:
                    e4:a8:35:67:73:d5:d1:3b:7b:9a:9c:8e:0b:1e:c4:
                    f8:b1:ce:ce:3f:8a:de:1c:8a:25:85:7f:a7:bc:74:
                    c7:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:8C:3F:A5:A8:CE:3B:89:EC:5C:E3:50:8C:86:2B:5F:BD:A0:1F:67
            X509v3 Authority Key Identifier:
                keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/PYw_pajOO4nsXONQjIYrX72gH2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.222.208.0/20
                  88.222.240.0/21
                  88.223.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         16:f2:81:f3:39:2c:e7:c3:d8:0a:8a:ae:2a:71:da:3a:d4:0b:
         4e:64:9c:e9:f1:97:01:91:59:c6:5e:44:c0:67:df:2f:df:85:
         a8:a2:e9:72:e3:f7:36:ab:49:d4:75:49:cb:f5:c4:03:1e:61:
         1a:16:32:3c:74:bf:63:b8:fb:a7:62:72:42:fc:50:01:9b:90:
         6f:38:c0:8c:23:fa:4d:47:54:80:d7:f6:70:53:f7:a9:86:8b:
         16:e5:83:f6:9e:96:d3:f9:dd:d6:97:31:78:fc:5a:22:35:41:
         4f:d1:c7:c4:61:b2:03:bd:a0:97:80:8e:6c:aa:38:2d:a2:ab:
         7f:81:6b:0d:b8:1d:d5:fd:44:5b:3d:09:6e:ab:ae:3a:fd:2e:
         5b:d6:c7:1a:cd:1b:d8:12:be:a3:0d:b9:79:53:b0:bd:8e:c6:
         bc:48:5c:b8:85:ef:5c:6a:d4:0f:46:c2:7a:39:d2:f6:65:dc:
         97:04:97:b4:8e:f9:1b:be:7c:18:66:62:5a:56:d5:31:04:d3:
         83:d3:a4:4d:26:8c:ce:09:05:bb:7d:6f:96:be:98:5c:66:69:
         27:98:aa:e7:71:c6:f2:77:7a:af:c2:d9:ea:65:11:2b:b8:aa:
         e4:bb:6d:0d:c3:a0:d0:58:87:f9:b8:49:01:f0:47:5a:90:76:
         ee:5d:a3:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZE3CVZ5wnRnFJ9CZq3dXS7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwODA5MTIwNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhjM2ZhNWE4Y2UzYjg5ZWM1Y2UzNTA4Yzg2MmI1ZmJkYTAxZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK5SRFHAnYWu7z32RHFibifG3QPJ
AmSmo8AvfiI3D5D0ntlyii7bNONxefHOhi7w83nagYYfLBDud6WdTmm4qh/7lxV0
IK63YTynXqgX/TOVbkssvtXbtvXLXOXGNX4qpXs7kBSZV6o3VNzS7za4xFFalkiS
M2uVbBxAyfII+NY0nU4Z7SL6GyY6cd7y9kTPVFAleL0eK8zvThR4ITvizK+CtFjG
8c3WlI6c2N/vr3Oq/qptw61WDgi2LuIlleJO7Eti42A67caYwYjicjkPNrymhaGH
HIIPtIbZ2Ag1Y9PkqDVnc9XRO3uanI4LHsT4sc7OP4reHIolhX+nvHTHMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD2MP6WozjuJ7FzjUIyGK1+9oB9nMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvUFl3X3Bhak9PNG5zWE9OUWpJWXJYNzJnSDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWN7QAwQD
WN7wAwQEWN9QMA0GCSqGSIb3DQEBCwUAA4IBAQAW8oHzOSznw9gKiq4qcdo61AtO
ZJzp8ZcBkVnGXkTAZ98v34Woouly4/c2q0nUdUnL9cQDHmEaFjI8dL9juPunYnJC
/FABm5BvOMCMI/pNR1SA1/ZwU/ephosW5YP2npbT+d3WlzF4/FoiNUFP0cfEYbID
vaCXgI5sqjgtoqt/gWsNuB3V/URbPQluq646/S5b1scazRvYEr6jDbl5U7C9jsa8
SFy4he9catQPRsJ6OdL2ZdyXBJe0jvkbvnwYZmJaVtUxBNOD06RNJozOCQW7fW+W
vphcZmknmKrnccbyd3qvwtnqZREruKrku20Nw6DQWIf5uEkB8EdakHbuXaPM
-----END CERTIFICATE-----
Generated at Fri Aug 16 15:18:28 2024 by rpki-client on console-fra.rpki-client.org