Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7yxC8pqeDmTQlfJbN4M362d5p0A.roa
File:                     7yxC8pqeDmTQlfJbN4M362d5p0A.roa (raw, json)
Hash identifier:          MMPsqFiugKNu9cMB0qRK+/IM/o4XSv40G9bjyb7fATY=
Subject key identifier:   EF:2C:42:F2:9A:9E:0E:64:D0:95:F2:5B:37:83:37:EB:67:79:A7:40
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018DE2E842A4A0051FA6D92B0011AA864A0D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7yxC8pqeDmTQlfJbN4M362d5p0A.roa
Signing time:             Mon 26 Feb 2024 00:54:48 +0000
ROA not before:           Mon 26 Feb 2024 00:54:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        5.253.65.0/24 maxlen: 24
                          45.8.94.0/24 maxlen: 24
                          45.14.166.0/24 maxlen: 24
                          87.120.68.0/23 maxlen: 24
                          87.121.60.0/24 maxlen: 24
                          87.121.61.0/24 maxlen: 24
                          91.92.26.0/24 maxlen: 24
                          93.123.74.0/23 maxlen: 23
                          93.123.80.0/24 maxlen: 24
                          185.252.160.0/23 maxlen: 24
                          212.87.204.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Feb 2024 18:16:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:e2:e8:42:a4:a0:05:1f:a6:d9:2b:00:11:aa:86:4a:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Feb 26 00:54:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ef2c42f29a9e0e64d095f25b378337eb6779a740
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d9:00:81:be:12:d4:bc:e1:12:f4:25:b9:98:
                    04:cb:a4:07:1b:55:c8:fb:7f:d7:68:67:03:05:5e:
                    75:7e:44:c5:59:13:e8:5f:9c:50:d5:c1:29:a6:b2:
                    35:e6:a0:ef:83:4e:a1:76:46:37:a2:2e:5f:ca:8a:
                    83:1e:2b:e2:a9:de:6c:06:0a:d4:95:59:a1:e5:5f:
                    a9:c9:3e:44:3a:fe:ec:be:de:36:ac:0b:84:27:2f:
                    3b:1a:96:cb:a4:4c:88:ab:f9:9b:b0:5d:dc:52:9d:
                    1f:ef:15:5b:71:e6:cc:be:2a:a4:ca:ed:b9:81:18:
                    1b:a7:92:31:b2:f9:06:98:d9:40:05:c1:6c:88:cb:
                    c9:5e:05:3b:1c:78:77:af:dc:fb:63:7e:ff:32:7a:
                    a8:8a:40:89:40:d9:88:83:50:d1:a8:ba:9a:ce:e6:
                    c2:1b:fd:76:1b:34:20:bd:12:d2:d8:1a:d1:3e:a3:
                    22:47:51:8e:59:ad:45:44:d1:77:35:52:4c:4e:a0:
                    24:07:76:b1:1c:06:27:30:13:f8:af:0c:76:98:d3:
                    a6:cd:0b:2f:ce:6a:39:d9:f8:8c:0a:28:6c:69:30:
                    e5:b2:90:9f:ca:5b:a1:44:30:58:0d:c0:cd:20:19:
                    90:0e:c7:22:a7:c3:57:53:8b:e0:e1:d3:11:51:a5:
                    09:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:2C:42:F2:9A:9E:0E:64:D0:95:F2:5B:37:83:37:EB:67:79:A7:40
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7yxC8pqeDmTQlfJbN4M362d5p0A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.65.0/24
                  45.8.94.0/24
                  45.14.166.0/24
                  87.120.68.0/23
                  87.121.60.0/23
                  91.92.26.0/24
                  93.123.74.0/23
                  93.123.80.0/24
                  185.252.160.0/23
                  212.87.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a2:38:f7:c4:8b:00:b8:3d:8c:bc:d0:a6:6f:05:ab:3b:ae:a6:
         d4:19:2c:37:94:7e:c3:2e:f0:8b:5f:46:f0:bc:b4:92:59:06:
         bc:07:29:6b:1b:5e:71:dd:bf:10:fe:7f:5f:4c:aa:76:e7:07:
         d5:32:13:94:5a:8a:31:94:de:ff:2f:c9:50:d7:15:a4:07:ec:
         5e:cf:06:19:6d:74:21:40:b5:70:c0:b4:68:54:42:15:50:17:
         d1:5e:2b:d2:b6:f3:a2:1d:cb:7b:fa:4f:6f:bd:a5:e6:9f:fb:
         8c:51:79:a8:eb:2e:47:a1:f1:22:fd:96:d3:d9:fb:2b:a0:66:
         5e:36:c2:8a:30:8b:69:c5:6d:cc:be:19:a9:67:78:87:7d:6d:
         58:6a:3e:2a:a6:a8:ba:ca:dc:38:bc:9c:69:b7:21:05:49:d9:
         07:9b:81:86:52:d2:4e:aa:de:2b:a8:c7:8b:84:46:0f:10:2f:
         b4:66:49:da:60:a7:7c:a9:68:f1:52:2c:d3:11:e9:41:c8:f7:
         88:7b:0b:21:b5:f7:1c:22:39:8b:07:a0:44:a3:b2:0b:24:c3:
         7f:6c:96:8a:92:21:9c:4e:2d:1c:7d:15:2d:60:b8:8f:79:ee:
         f0:2d:bc:02:bb:91:a2:3d:a2:81:ed:78:1f:e0:43:89:51:bb:
         41:9d:65:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY3i6EKkoAUfptkrABGqhkoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI2MDA1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjJjNDJmMjlhOWUwZTY0ZDA5NWYyNWIzNzgzMzdlYjY3NzlhNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtkAgb4S1LzhEvQluZgEy6QHG1XI
+3/XaGcDBV51fkTFWRPoX5xQ1cEpprI15qDvg06hdkY3oi5fyoqDHiviqd5sBgrU
lVmh5V+pyT5EOv7svt42rAuEJy87GpbLpEyIq/mbsF3cUp0f7xVbcebMviqkyu25
gRgbp5IxsvkGmNlABcFsiMvJXgU7HHh3r9z7Y37/MnqoikCJQNmIg1DRqLqazubC
G/12GzQgvRLS2BrRPqMiR1GOWa1FRNF3NVJMTqAkB3axHAYnMBP4rwx2mNOmzQsv
zmo52fiMCihsaTDlspCfyluhRDBYDcDNIBmQDscip8NXU4vg4dMRUaUJ6wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFO8sQvKang5k0JXyWzeDN+tneadAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN3l4QzhwcWVEbVRRbGZKYk40TTM2MmQ1cDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABf1BAwQA
LQheAwQALQ6mAwQBV3hEAwQBV3k8AwQAW1waAwQBXXtKAwQAXXtQAwQBufygAwQB
1FfMMA0GCSqGSIb3DQEBCwUAA4IBAQCiOPfEiwC4PYy80KZvBas7rqbUGSw3lH7D
LvCLX0bwvLSSWQa8BylrG15x3b8Q/n9fTKp25wfVMhOUWooxlN7/L8lQ1xWkB+xe
zwYZbXQhQLVwwLRoVEIVUBfRXivStvOiHct7+k9vvaXmn/uMUXmo6y5HofEi/ZbT
2fsroGZeNsKKMItpxW3MvhmpZ3iHfW1Yaj4qpqi6ytw4vJxptyEFSdkHm4GGUtJO
qt4rqMeLhEYPEC+0ZknaYKd8qWjxUizTEelByPeIewshtfccIjmLB6BEo7ILJMN/
bJaKkiGcTi0cfRUtYLiPee7wLbwCu5GiPaKB7Xgf4EOJUbtBnWXH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:59 2024 by rpki-client on console-fra.rpki-client.org