Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/nXJxpciI9ChJf-WCGRN4WB4sFmg.roa
File:                     nXJxpciI9ChJf-WCGRN4WB4sFmg.roa (raw, json)
Hash identifier:          6kOYOVok/6zbJB2EwxaRvDtFGgbNznKeI5VWGkEbNLI=
Subject key identifier:   9D:72:71:A5:C8:88:F4:28:49:7F:E5:82:19:13:78:58:1E:2C:16:68
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       018CC500F1F2206AB8753F3963C8278BB8E3
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/nXJxpciI9ChJf-WCGRN4WB4sFmg.roa
Signing time:             Mon 01 Jan 2024 12:30:22 +0000
ROA not before:           Mon 01 Jan 2024 12:30:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208002
IP address blocks:        185.137.213.0/24 maxlen: 24
                          185.137.212.0/24 maxlen: 24
                          185.137.214.0/24 maxlen: 24
                          185.137.215.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 11:49:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:f1:f2:20:6a:b8:75:3f:39:63:c8:27:8b:b8:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Jan  1 12:30:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9d7271a5c888f428497fe582191378581e2c1668
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:8f:bc:61:8c:40:bb:1c:d1:66:2a:dd:cd:5b:
                    f0:9b:b0:47:62:3c:43:5b:a3:af:c0:7a:9d:14:16:
                    f7:07:61:30:38:96:d7:4c:be:fc:3f:d1:28:df:df:
                    03:a7:49:84:eb:10:b4:2f:53:3b:6e:7f:45:ee:59:
                    c8:5a:44:97:c6:cf:9e:04:c2:8b:6d:6a:90:60:6c:
                    aa:61:df:7d:6f:b7:ea:30:bf:9d:37:24:0d:92:96:
                    f3:40:a9:36:03:61:40:ce:da:f4:14:14:8c:b8:3e:
                    8e:3c:2f:ad:e6:c1:79:93:d0:51:ce:bd:fc:fe:3d:
                    1d:83:8f:f0:14:27:07:77:b5:47:6f:0b:5c:c2:fb:
                    e2:f6:03:c7:e1:97:50:92:21:5d:42:8e:96:b7:b8:
                    46:26:3d:48:9b:a5:01:4b:a1:b8:a4:aa:79:a3:f5:
                    b1:02:d8:6f:44:15:95:d8:3a:dc:70:c1:63:cf:75:
                    c8:94:ff:78:03:1d:6e:d6:93:e5:e5:49:12:08:d5:
                    2b:c6:29:a1:5f:76:ee:fa:db:06:48:27:5d:7d:e9:
                    35:7c:6a:ef:2a:02:20:1f:5e:90:8c:91:d0:bd:71:
                    fe:05:75:33:aa:75:96:6a:5e:09:98:f4:28:2f:07:
                    7f:08:e1:1f:1c:a4:29:7e:a4:49:da:75:2a:9d:91:
                    9f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:72:71:A5:C8:88:F4:28:49:7F:E5:82:19:13:78:58:1E:2C:16:68
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/nXJxpciI9ChJf-WCGRN4WB4sFmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:0b:0c:b9:ee:8f:f3:3a:cd:bc:19:50:61:84:6e:88:35:f8:
         4b:9a:13:11:8e:14:8c:2f:a6:af:e4:32:e0:de:61:2a:f1:75:
         87:c0:58:91:f3:62:24:6a:6d:6e:db:5c:f0:93:ee:4f:25:ad:
         7f:83:73:29:86:40:db:ad:31:66:3b:e3:9f:57:d6:ee:42:e3:
         b3:ad:93:13:6a:aa:63:d0:f1:29:b7:05:a4:ec:25:e7:3e:fb:
         50:cc:c2:99:73:83:b6:9e:fa:14:ac:43:bf:7e:69:a8:2c:35:
         01:d6:7f:d8:de:09:99:4c:90:8e:9f:f9:6d:cb:5a:86:99:27:
         a7:75:ee:68:11:07:ec:01:51:96:25:45:56:bb:3b:11:a2:30:
         f3:ff:25:ce:69:50:ae:72:c9:3f:2e:b5:0e:15:98:0c:43:fa:
         a0:1b:06:2d:e4:eb:ea:3c:ba:91:e2:30:30:d9:ec:f7:69:35:
         a7:00:85:d4:83:d3:cc:96:ea:9f:63:57:d6:c7:e5:78:6c:90:
         e1:55:6f:cd:64:23:31:6f:a5:43:24:ea:df:b4:54:7b:e0:a3:
         85:96:a8:a5:5b:fd:25:7d:e5:9f:7f:0a:66:4f:ed:9e:af:b4:
         72:b8:0c:c3:1f:a1:1e:f6:34:f2:94:ee:2f:d9:91:d6:13:32:
         97:d3:f0:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAPHyIGq4dT85Y8gni7jjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjQwMTAxMTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDcyNzFhNWM4ODhmNDI4NDk3ZmU1ODIxOTEzNzg1ODFlMmMxNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY+8YYxAuxzRZirdzVvwm7BHYjxD
W6OvwHqdFBb3B2EwOJbXTL78P9Eo398Dp0mE6xC0L1M7bn9F7lnIWkSXxs+eBMKL
bWqQYGyqYd99b7fqML+dNyQNkpbzQKk2A2FAztr0FBSMuD6OPC+t5sF5k9BRzr38
/j0dg4/wFCcHd7VHbwtcwvvi9gPH4ZdQkiFdQo6Wt7hGJj1Im6UBS6G4pKp5o/Wx
AthvRBWV2DrccMFjz3XIlP94Ax1u1pPl5UkSCNUrximhX3bu+tsGSCddfek1fGrv
KgIgH16QjJHQvXH+BXUzqnWWal4JmPQoLwd/COEfHKQpfqRJ2nUqnZGfEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1ycaXIiPQoSX/lghkTeFgeLBZoMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvblhKeHBjaUk5Q2hKZi1XQ0dSTjRXQjRzRm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYnUMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Cwy57o/zOs28GVBhhG6INfhLmhMRjhSML6av5DLg
3mEq8XWHwFiR82Ikam1u21zwk+5PJa1/g3MphkDbrTFmO+OfV9buQuOzrZMTaqpj
0PEptwWk7CXnPvtQzMKZc4O2nvoUrEO/fmmoLDUB1n/Y3gmZTJCOn/lty1qGmSen
de5oEQfsAVGWJUVWuzsRojDz/yXOaVCucsk/LrUOFZgMQ/qgGwYt5OvqPLqR4jAw
2ez3aTWnAIXUg9PMluqfY1fWx+V4bJDhVW/NZCMxb6VDJOrftFR74KOFlqilW/0l
feWffwpmT+2er7RyuAzDH6Ee9jTylO4v2ZHWEzKX0/Ai
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:55 2024 by rpki-client on console-ams.rpki-client.org