Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/AnFHcI0mcAIeFGGRSkiNONBEVUM.roa
File:                     AnFHcI0mcAIeFGGRSkiNONBEVUM.roa (raw, json)
Hash identifier:          vao1MnRRoXqvI538PEfo3v86VCm9noTnjQwMKy/qMC0=
Subject key identifier:   02:71:47:70:8D:26:70:02:1E:14:61:91:4A:48:8D:38:D0:44:55:43
Certificate issuer:       /CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Certificate serial:       0185735616530603B0937048BB6E7A1B63B5
Authority key identifier: 7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/AnFHcI0mcAIeFGGRSkiNONBEVUM.roa
Signing time:             Mon 02 Jan 2023 16:34:59 +0000
ROA not before:           Mon 02 Jan 2023 16:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        94.143.105.0/24 maxlen: 24
                          94.143.108.0/24 maxlen: 24
                          185.236.125.0/24 maxlen: 24
                          185.236.124.0/24 maxlen: 24
                          94.143.107.0/24 maxlen: 24
                          94.143.106.0/24 maxlen: 24
                          185.236.126.0/24 maxlen: 24
                          185.236.127.0/24 maxlen: 24
                          212.1.219.0/24 maxlen: 24
                          212.1.218.0/24 maxlen: 24
                          212.1.222.0/24 maxlen: 24
                          212.1.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:56:16:53:06:03:b0:93:70:48:bb:6e:7a:1b:63:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
        Validity
            Not Before: Jan  2 16:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=027147708d2670021e1461914a488d38d0445543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:a2:ca:50:3c:0e:ca:e0:33:cf:ac:0d:c5:a1:
                    ef:9a:78:79:20:c9:cb:7f:48:91:45:cf:ad:80:4c:
                    53:eb:54:e6:4b:d1:77:29:ad:4d:3a:d2:97:70:7f:
                    d6:1a:53:76:84:62:44:df:7f:b2:f7:4a:bf:f5:7c:
                    48:b4:ba:24:d8:75:ba:f3:3b:d2:b2:f5:b7:e7:cc:
                    bd:5c:3c:f6:10:ad:b1:4b:cf:d6:34:b1:ce:a0:a5:
                    e2:84:0a:b5:7a:5e:a7:c0:59:49:80:b8:11:7e:6f:
                    71:9e:a6:07:96:ef:9c:3a:af:5d:bc:a8:36:de:3c:
                    df:18:8e:68:ef:fc:07:28:8b:65:46:52:60:c0:ac:
                    42:35:e0:7a:b2:f2:e7:aa:bb:c4:ce:cc:02:06:3e:
                    6e:46:11:03:4c:02:77:2c:ba:79:0a:73:bd:32:5b:
                    a7:73:e7:a4:00:00:4f:23:d5:df:bb:a0:6e:3a:e8:
                    7d:a5:fa:45:ff:69:de:44:2a:42:1e:f2:04:52:82:
                    e4:8f:a9:fb:92:45:9e:45:19:91:37:e7:d6:98:87:
                    cd:f3:5d:bb:27:fa:95:dd:ec:28:36:48:54:7e:31:
                    55:e2:79:5b:7a:da:0d:32:f1:51:f9:9b:d3:28:4d:
                    2d:62:b0:5e:cf:53:86:ad:db:d5:4c:13:7f:b2:05:
                    10:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:71:47:70:8D:26:70:02:1E:14:61:91:4A:48:8D:38:D0:44:55:43
            X509v3 Authority Key Identifier:
                keyid:7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/AnFHcI0mcAIeFGGRSkiNONBEVUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.143.105.0-94.143.108.255
                  185.236.124.0/22
                  212.1.218.0/23
                  212.1.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         65:51:fc:12:c8:ee:6a:55:86:d5:71:0c:0c:7d:53:cb:47:34:
         2b:58:92:42:84:55:d7:78:66:f8:ac:3e:aa:6b:86:5a:0f:ff:
         23:21:54:05:2b:03:8f:ff:7b:11:10:9e:c3:4b:7b:7a:df:47:
         9d:68:48:29:22:e1:40:d0:24:7c:5c:c4:cc:f4:61:e2:21:c0:
         d8:52:92:9e:5e:d4:3f:8a:4f:4e:76:71:83:7a:06:8d:f3:96:
         50:a9:53:12:76:ab:cf:0a:92:ea:62:d4:33:fa:54:b4:d4:b9:
         8c:47:b0:51:ac:57:a2:70:0b:4c:c5:bb:f6:74:9d:4d:cb:a0:
         74:cd:8e:3a:2e:1d:14:8a:cf:28:ef:4b:d3:28:4d:5f:b4:1a:
         84:36:5e:86:16:7a:27:27:9d:06:5d:31:47:04:38:54:05:a3:
         9a:62:8d:5b:f4:71:06:12:dc:b8:ed:ef:ea:4f:8f:39:50:97:
         0f:e1:45:73:e5:ca:6d:6e:00:4c:f0:d8:3a:5d:c8:aa:80:e5:
         8f:60:59:03:a1:2d:03:3e:3d:1e:0c:33:a6:41:fa:43:72:d7:
         5d:f9:90:30:e7:43:f3:cb:89:9b:7d:68:de:f6:8a:0c:20:4c:
         01:d2:e1:cf:10:bd:18:0c:24:76:33:e1:ad:ee:76:59:31:b2:
         34:61:02:f9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVzVhZTBgOwk3BIu256G2O1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNDc4YzVhYTIyNmEyNzhlOGIxOTA2ZjM3MWM2MGNmYzdk
ODdlOGUwHhcNMjMwMTAyMTYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjcxNDc3MDhkMjY3MDAyMWUxNDYxOTE0YTQ4OGQzOGQwNDQ1NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqLKUDwOyuAzz6wNxaHvmnh5IMnL
f0iRRc+tgExT61TmS9F3Ka1NOtKXcH/WGlN2hGJE33+y90q/9XxItLok2HW68zvS
svW358y9XDz2EK2xS8/WNLHOoKXihAq1el6nwFlJgLgRfm9xnqYHlu+cOq9dvKg2
3jzfGI5o7/wHKItlRlJgwKxCNeB6svLnqrvEzswCBj5uRhEDTAJ3LLp5CnO9Mlun
c+ekAABPI9Xfu6BuOuh9pfpF/2neRCpCHvIEUoLkj6n7kkWeRRmRN+fWmIfN8127
J/qV3ewoNkhUfjFV4nlbetoNMvFR+ZvTKE0tYrBez1OGrdvVTBN/sgUQ2wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAJxR3CNJnACHhRhkUpIjTjQRFVDMB8GA1UdIwQY
MBaAFHpHjFqiJqJ46LGQbzccYM/H2H6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWtlTVdxSW1vbmpvc1pCdk54eGd6OGZZZm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81MWE1MjAtZTA4ZC00M2IzLWE2YjAt
ZDc2ZWM5Y2MwZDI4LzEvQW5GSGNJMG1jQUllRkdHUlNraU5PTkJFVlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81MWE1MjAtZTA4ZC00M2IzLWE2YjAtZDc2ZWM5Y2MwZDI4
LzEvZWtlTVdxSW1vbmpvc1pCdk54eGd6OGZZZm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABej2kD
BABej2wDBAK57HwDBAHUAdoDBAHUAd4wDQYJKoZIhvcNAQELBQADggEBAGVR/BLI
7mpVhtVxDAx9U8tHNCtYkkKEVdd4ZvisPqprhloP/yMhVAUrA4//exEQnsNLe3rf
R51oSCki4UDQJHxcxMz0YeIhwNhSkp5e1D+KT052cYN6Bo3zllCpUxJ2q88Kkupi
1DP6VLTUuYxHsFGsV6JwC0zFu/Z0nU3LoHTNjjouHRSKzyjvS9MoTV+0GoQ2XoYW
eicnnQZdMUcEOFQFo5pijVv0cQYS3Ljt7+pPjzlQlw/hRXPlym1uAEzw2DpdyKqA
5Y9gWQOhLQM+PR4MM6ZB+kNy1135kDDnQ/PLiZt9aN72igwgTAHS4c8QvRgMJHYz
4a3udlkxsjRhAvk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:38 2024 by rpki-client on console-ams.rpki-client.org