Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjrIBz6YBM1Rktt5Wt4MUW_Eveg.roa
File:                     XjrIBz6YBM1Rktt5Wt4MUW_Eveg.roa (raw, json)
Hash identifier:          6mYOSiYlnnLNhG9I7quR4D6kHx92FRD0UCM5RfQgCfQ=
Subject key identifier:   5E:3A:C8:07:3E:98:04:CD:51:92:DB:79:5A:DE:0C:51:6F:C4:BD:E8
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018A1800DFC4417B8DFBCD1C11272A371E02
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjrIBz6YBM1Rktt5Wt4MUW_Eveg.roa
Signing time:             Mon 21 Aug 2023 12:10:24 +0000
ROA not before:           Mon 21 Aug 2023 12:10:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202685
IP address blocks:        2.58.95.0/24 maxlen: 24
                          84.54.51.0/24 maxlen: 24
                          94.103.124.0/24 maxlen: 24
                          141.98.4.0/24 maxlen: 24
                          31.13.211.0/24 maxlen: 24
                          87.121.69.0/24 maxlen: 24
                          45.128.232.0/24 maxlen: 24
                          147.78.102.0/24 maxlen: 24
                          193.35.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 08 Sep 2023 09:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:18:00:df:c4:41:7b:8d:fb:cd:1c:11:27:2a:37:1e:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 21 12:10:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e3ac8073e9804cd5192db795ade0c516fc4bde8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c8:56:a0:34:5b:4a:20:60:b5:b4:73:24:c9:
                    ae:cc:00:3d:d9:de:bb:c4:06:c1:5a:8b:8a:c6:93:
                    3c:d9:db:65:f4:5d:20:f6:12:fd:6b:9e:b6:6b:d0:
                    56:6c:e1:ab:f4:0a:0b:d9:cc:5c:24:a7:7e:8c:fc:
                    f0:a6:89:ee:b0:05:88:cc:8c:b9:95:62:ff:12:c7:
                    40:29:97:b8:8c:7a:0d:14:06:27:ed:ac:a9:bc:bc:
                    b7:5d:52:c1:14:b7:9a:ec:ec:f1:e5:77:75:89:09:
                    d7:0c:a3:a2:c4:ab:88:47:ca:09:0f:0a:0c:8f:b9:
                    ac:36:46:d3:fa:af:cb:f6:6c:99:cb:9a:89:25:88:
                    53:ef:5f:08:31:9e:4e:bf:09:b9:fa:44:84:d7:46:
                    4e:93:1b:47:b0:16:8d:b6:5b:82:9a:7e:99:b6:86:
                    ba:79:4c:93:95:52:a3:e0:58:44:f2:3d:d1:44:41:
                    ea:a1:7c:7f:9f:11:93:6a:a1:38:59:5f:8e:33:c3:
                    ed:a7:ca:b9:ff:49:ce:0c:20:35:aa:0f:08:25:a8:
                    22:79:ee:0b:8a:ed:fa:c3:1a:69:0a:90:e4:2d:9f:
                    e5:a7:6c:fa:34:6a:d2:3f:d1:10:7c:8b:7e:77:11:
                    0e:65:91:97:ec:17:07:59:17:af:92:d5:da:43:d6:
                    2f:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:3A:C8:07:3E:98:04:CD:51:92:DB:79:5A:DE:0C:51:6F:C4:BD:E8
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjrIBz6YBM1Rktt5Wt4MUW_Eveg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.95.0/24
                  31.13.211.0/24
                  45.128.232.0/24
                  84.54.51.0/24
                  87.121.69.0/24
                  94.103.124.0/24
                  141.98.4.0/24
                  147.78.102.0/24
                  193.35.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:bc:6a:8c:18:a9:73:14:1e:32:ff:66:91:55:9a:5d:37:3d:
         a3:e2:7b:d9:c0:79:9c:7c:50:bc:c7:6d:d0:2b:22:22:99:b2:
         1a:4f:41:f0:fd:68:59:2a:41:6a:aa:78:af:05:ac:06:88:65:
         b2:cd:9a:46:40:1a:13:f5:70:e9:4b:43:68:c7:bd:e5:f4:1e:
         98:de:ae:0f:15:11:7a:7d:8e:d5:48:28:30:84:69:3f:d5:59:
         94:82:93:5e:6c:91:69:c4:ea:64:98:7d:f0:74:85:f6:ec:85:
         fb:eb:13:18:3f:41:95:e9:5e:9d:71:1e:6f:70:19:d0:18:16:
         44:be:7d:cd:09:a8:7f:9b:41:8e:bd:fc:fc:07:ec:08:55:ad:
         82:cb:95:7b:ac:45:76:e3:ae:57:0c:30:6c:92:1c:b2:fe:aa:
         1d:32:de:ce:27:35:29:34:59:b4:0f:bb:24:3c:60:ca:db:f5:
         78:cd:51:24:2b:8d:de:77:04:ad:55:ae:07:71:f3:76:13:30:
         65:ce:f8:de:10:51:78:66:8e:e7:ee:2a:e8:76:9a:18:32:0a:
         e2:c6:e8:96:07:63:ef:83:e4:3f:b3:94:ce:02:39:1c:52:d9:
         1c:76:1f:33:ca:03:6f:16:5d:90:ee:03:4e:75:16:bf:a3:7b:
         e5:40:06:06
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYoYAN/EQXuN+80cEScqNx4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODIxMTIxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTNhYzgwNzNlOTgwNGNkNTE5MmRiNzk1YWRlMGM1MTZmYzRiZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMhWoDRbSiBgtbRzJMmuzAA92d67
xAbBWouKxpM82dtl9F0g9hL9a562a9BWbOGr9AoL2cxcJKd+jPzwponusAWIzIy5
lWL/EsdAKZe4jHoNFAYn7aypvLy3XVLBFLea7Ozx5Xd1iQnXDKOixKuIR8oJDwoM
j7msNkbT+q/L9myZy5qJJYhT718IMZ5Ovwm5+kSE10ZOkxtHsBaNtluCmn6Ztoa6
eUyTlVKj4FhE8j3RREHqoXx/nxGTaqE4WV+OM8Ptp8q5/0nODCA1qg8IJagiee4L
iu36wxppCpDkLZ/lp2z6NGrSP9EQfIt+dxEOZZGX7BcHWRevktXaQ9YvUQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF46yAc+mATNUZLbeVreDFFvxL3oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWGpySUJ6NllCTTFSa3R0NVd0NE1VV19FdmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAV3lFAwQAXmd8AwQAjWIEAwQAk05mAwQAwSMSMA0G
CSqGSIb3DQEBCwUAA4IBAQCEvGqMGKlzFB4y/2aRVZpdNz2j4nvZwHmcfFC8x23Q
KyIimbIaT0Hw/WhZKkFqqnivBawGiGWyzZpGQBoT9XDpS0Nox73l9B6Y3q4PFRF6
fY7VSCgwhGk/1VmUgpNebJFpxOpkmH3wdIX27IX76xMYP0GV6V6dcR5vcBnQGBZE
vn3NCah/m0GOvfz8B+wIVa2Cy5V7rEV2465XDDBskhyy/qodMt7OJzUpNFm0D7sk
PGDK2/V4zVEkK43edwStVa4HcfN2EzBlzvjeEFF4Zo7n7irodpoYMgrixuiWB2Pv
g+Q/s5TOAjkcUtkcdh8zygNvFl2Q7gNOdRa/o3vlQAYG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org