Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EPBwP5VnotLXGjHKD0WO8w56QiU.roa
File:                     EPBwP5VnotLXGjHKD0WO8w56QiU.roa (raw, json)
Hash identifier:          Q5RBUElXUZzr7ADcct93w+BrlVeWVEumU8gxTHKR1pQ=
Subject key identifier:   10:F0:70:3F:95:67:A2:D2:D7:1A:31:CA:0F:45:8E:F3:0E:7A:42:25
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D82013D772FB45FE8169A1FB11F9A26
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EPBwP5VnotLXGjHKD0WO8w56QiU.roa
Signing time:             Sun 01 Jan 2023 13:25:14 +0000
ROA not before:           Sun 01 Jan 2023 13:25:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201200
IP address blocks:        87.120.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:82:01:3d:77:2f:b4:5f:e8:16:9a:1f:b1:1f:9a:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10f0703f9567a2d2d71a31ca0f458ef30e7a4225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c4:c5:39:a6:20:e8:47:59:9a:f2:c8:3a:e7:
                    d3:a7:9d:62:6a:a6:88:af:82:9a:77:93:75:2d:b6:
                    a7:c2:87:f4:d0:7b:f6:77:99:d2:32:8c:44:31:a9:
                    0d:73:22:3b:5d:b5:d9:98:ec:ae:59:23:45:02:a4:
                    89:b8:b1:f4:ed:b9:46:74:79:72:75:a7:97:6c:e6:
                    a0:89:d9:f9:26:80:5a:f3:4c:0e:37:f1:e9:62:53:
                    76:7f:02:92:32:53:76:84:44:b8:dc:b9:2a:99:bc:
                    dd:79:3d:06:5c:69:2e:7e:f6:1e:9c:3b:3b:5a:c0:
                    5e:72:a8:6b:e9:98:f9:5a:61:d8:af:54:86:0d:0c:
                    14:b4:d3:79:bf:1e:05:39:cd:d3:48:ab:e7:1e:59:
                    27:01:76:25:0e:3f:ff:ac:33:47:bd:14:b7:17:f4:
                    d3:24:70:cd:e2:ea:a9:cc:ed:a5:62:8b:e4:20:f6:
                    14:73:e8:0d:74:ba:9f:38:c8:af:a5:2a:26:12:61:
                    64:81:dc:be:1b:72:36:45:ec:46:bd:c3:30:5f:39:
                    33:a9:e9:31:67:b4:5c:77:e2:2f:33:c5:37:aa:66:
                    0b:92:a3:e9:d3:52:af:75:d6:0f:b9:a3:8c:4a:4a:
                    04:48:fe:2a:05:65:e4:36:e9:8c:5b:c8:fd:9a:32:
                    d3:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:F0:70:3F:95:67:A2:D2:D7:1A:31:CA:0F:45:8E:F3:0E:7A:42:25
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EPBwP5VnotLXGjHKD0WO8w56QiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.120.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:85:9e:b8:51:20:45:36:dd:2d:e1:dc:ad:5e:53:b5:a5:a9:
         3d:bc:44:62:69:f3:af:97:37:eb:3c:b2:38:41:68:ba:29:9f:
         9e:62:be:48:e3:6a:d1:dd:eb:79:f7:3e:76:82:53:a1:c2:92:
         5f:67:02:fa:9e:95:11:71:2f:8f:f6:8c:96:b3:7a:8b:71:3f:
         cc:bf:5a:34:22:39:bc:bc:35:63:09:24:a9:8c:25:43:24:53:
         bb:22:81:6c:07:b9:b0:2d:4d:3b:e2:0c:f5:0b:2c:f8:33:6c:
         e7:6d:30:f1:bb:e4:0f:93:d4:db:be:59:a5:2a:8d:a8:5b:dd:
         3d:1e:ae:f5:1b:54:65:c3:3b:54:f1:59:e0:11:3c:90:32:39:
         36:81:b3:b4:b6:a4:93:96:0b:76:3f:96:78:2b:cc:38:e2:5d:
         ed:d5:b5:86:8f:5c:ba:30:0e:2f:76:2b:62:4b:48:9f:3a:2a:
         ef:f2:30:58:da:77:d3:2b:35:21:b4:62:bc:3d:e2:aa:e6:94:
         3a:5b:5c:3f:e3:43:42:08:57:a3:ba:5e:1f:68:2b:69:71:d8:
         04:a6:87:da:01:38:9a:d3:8e:d9:0f:48:d9:bf:46:e1:97:48:
         6c:5a:ce:a9:ad:89:c4:e2:13:f3:77:56:17:8c:a4:4c:04:5d:
         65:a2:f0:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtggE9dy+0X+gWmh+xH5omMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGYwNzAzZjk1NjdhMmQyZDcxYTMxY2EwZjQ1OGVmMzBlN2E0MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMTFOaYg6EdZmvLIOufTp51iaqaI
r4Kad5N1Lbanwof00Hv2d5nSMoxEMakNcyI7XbXZmOyuWSNFAqSJuLH07blGdHly
daeXbOagidn5JoBa80wON/HpYlN2fwKSMlN2hES43LkqmbzdeT0GXGkufvYenDs7
WsBecqhr6Zj5WmHYr1SGDQwUtNN5vx4FOc3TSKvnHlknAXYlDj//rDNHvRS3F/TT
JHDN4uqpzO2lYovkIPYUc+gNdLqfOMivpSomEmFkgdy+G3I2RexGvcMwXzkzqekx
Z7Rcd+IvM8U3qmYLkqPp01KvddYPuaOMSkoESP4qBWXkNumMW8j9mjLTbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDwcD+VZ6LS1xoxyg9FjvMOekIlMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRVBCd1A1Vm5vdExYR2pIS0QwV084dzU2UWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3goMA0G
CSqGSIb3DQEBCwUAA4IBAQADhZ64USBFNt0t4dytXlO1pak9vERiafOvlzfrPLI4
QWi6KZ+eYr5I42rR3et59z52glOhwpJfZwL6npURcS+P9oyWs3qLcT/Mv1o0Ijm8
vDVjCSSpjCVDJFO7IoFsB7mwLU074gz1Cyz4M2znbTDxu+QPk9TbvlmlKo2oW909
Hq71G1RlwztU8VngETyQMjk2gbO0tqSTlgt2P5Z4K8w44l3t1bWGj1y6MA4vditi
S0ifOirv8jBY2nfTKzUhtGK8PeKq5pQ6W1w/40NCCFejul4faCtpcdgEpofaATia
047ZD0jZv0bhl0hsWs6prYnE4hPzd1YXjKRMBF1lovDe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:02 2024 by rpki-client on console-fra.rpki-client.org