Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/tiZWpq6wcStNWfpQVMbc_2xaKpk.roa
File:                     tiZWpq6wcStNWfpQVMbc_2xaKpk.roa (raw, json)
Hash identifier:          onHPBzNL8J9H4TTJeAvslLGg3fbq1599x6Wt2amWDhs=
Subject key identifier:   B6:26:56:A6:AE:B0:71:2B:4D:59:FA:50:54:C6:DC:FF:6C:5A:2A:99
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       018CC500F0A7A3E0E7DB783B6F80A0FAF999
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/tiZWpq6wcStNWfpQVMbc_2xaKpk.roa
Signing time:             Mon 01 Jan 2024 12:30:22 +0000
ROA not before:           Mon 01 Jan 2024 12:30:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42846
IP address blocks:        104.247.162.0/24 maxlen: 24
                          104.247.161.0/24 maxlen: 24
                          104.247.160.0/24 maxlen: 24
                          104.247.165.0/24 maxlen: 24
                          104.247.164.0/24 maxlen: 24
                          104.247.163.0/24 maxlen: 24
                          104.247.166.0/24 maxlen: 24
                          104.247.169.0/24 maxlen: 24
                          104.247.168.0/24 maxlen: 24
                          104.247.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 09:53:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:f0:a7:a3:e0:e7:db:78:3b:6f:80:a0:fa:f9:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Jan  1 12:30:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b62656a6aeb0712b4d59fa5054c6dcff6c5a2a99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:7c:05:4f:74:5b:d7:21:d4:ae:b8:80:02:8c:
                    a0:9f:ab:74:be:7b:8a:57:5a:01:81:78:68:49:9e:
                    0d:a5:4c:d8:a3:b5:d1:66:fa:ec:c2:42:f8:d3:7c:
                    79:72:8e:19:3e:f7:17:1d:1a:7b:ce:f4:2a:b2:96:
                    24:bd:8e:36:4e:bd:69:55:08:5c:3c:9e:0d:8a:46:
                    7e:30:f1:66:88:e8:07:48:18:73:0a:b0:5b:50:d0:
                    54:ee:f3:69:8f:67:0b:e4:52:3c:e1:19:e8:7e:9a:
                    3d:55:d2:d6:6e:f8:d3:5f:1f:b1:17:df:6f:37:13:
                    85:c8:e2:cb:17:d6:6c:71:9d:f2:5e:ef:7b:7c:64:
                    c2:75:b0:5d:a9:56:32:6f:a9:b5:47:9c:36:12:8f:
                    6a:f4:5c:65:e6:dc:f7:ba:84:ef:e8:f2:98:2d:14:
                    40:9f:39:ae:60:5f:24:2b:69:c1:36:a1:af:fc:a2:
                    89:b7:0e:4f:d5:3d:17:a5:3f:f2:db:94:cc:5b:6e:
                    58:ed:3f:73:2b:f3:cd:5f:32:79:59:92:9f:05:e7:
                    df:6f:bb:b0:20:8f:0c:55:cf:34:c7:64:66:c5:e8:
                    bb:ed:49:9e:e0:ef:99:58:a4:a1:99:78:b0:d0:23:
                    e3:01:4b:1a:7b:cb:ab:eb:f6:b1:1b:53:1f:7a:e3:
                    3f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:26:56:A6:AE:B0:71:2B:4D:59:FA:50:54:C6:DC:FF:6C:5A:2A:99
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/tiZWpq6wcStNWfpQVMbc_2xaKpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.160.0-104.247.169.255

    Signature Algorithm: sha256WithRSAEncryption
         7c:28:c3:1b:2a:7f:05:13:1f:85:70:26:0d:32:6e:7c:81:9c:
         dc:d8:e4:2d:77:44:e2:60:25:70:12:68:e5:af:eb:d5:0e:4c:
         73:ba:5a:59:40:d5:67:2c:1a:5f:d0:2b:f7:b6:79:2a:ac:b4:
         33:eb:23:e0:57:24:9d:9c:29:8f:7e:cc:e6:12:49:71:1e:91:
         1f:80:5f:27:05:1b:99:be:c9:a4:d1:29:33:2b:bc:c1:96:a5:
         7a:e1:76:21:d9:2d:1b:97:e1:43:fa:11:9c:01:20:5e:72:0c:
         36:96:81:b9:7f:2f:9d:27:c5:05:c4:c8:95:6c:d9:8d:ac:f4:
         38:79:59:e0:22:b1:9e:a9:3b:05:31:df:1e:d6:3a:1b:8d:d0:
         ab:07:99:f5:e3:df:2e:fc:c0:37:f0:7c:b0:21:0a:99:02:84:
         50:c8:a4:2e:73:6a:ef:7a:13:00:e7:9c:a2:83:3b:b7:52:96:
         5f:ec:0e:11:3e:cc:22:04:ee:a8:9c:f9:58:45:3d:22:e5:db:
         f9:64:bc:8c:5c:48:b3:ac:80:db:d9:5e:17:14:f4:15:db:4b:
         14:36:ec:0e:7c:fc:06:dd:84:47:2a:6c:0d:ed:0b:8e:fe:44:
         56:1e:8f:94:2d:52:3f:ed:b0:8b:a5:60:ad:a0:2e:e9:1f:b6:
         cf:90:54:31
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFAPCno+Dn23g7b4Cg+vmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjQwMTAxMTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI2NTZhNmFlYjA3MTJiNGQ1OWZhNTA1NGM2ZGNmZjZjNWEyYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinwFT3Rb1yHUrriAAoygn6t0vnuK
V1oBgXhoSZ4NpUzYo7XRZvrswkL403x5co4ZPvcXHRp7zvQqspYkvY42Tr1pVQhc
PJ4NikZ+MPFmiOgHSBhzCrBbUNBU7vNpj2cL5FI84Rnofpo9VdLWbvjTXx+xF99v
NxOFyOLLF9ZscZ3yXu97fGTCdbBdqVYyb6m1R5w2Eo9q9Fxl5tz3uoTv6PKYLRRA
nzmuYF8kK2nBNqGv/KKJtw5P1T0XpT/y25TMW25Y7T9zK/PNXzJ5WZKfBeffb7uw
II8MVc80x2Rmxei77Ume4O+ZWKShmXiw0CPjAUsae8ur6/axG1MfeuM/aQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLYmVqausHErTVn6UFTG3P9sWiqZMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvdGlaV3BxNndjU3ROV2ZwUVZNYmNfMnhhS3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVo96AD
BAFo96gwDQYJKoZIhvcNAQELBQADggEBAHwowxsqfwUTH4VwJg0ybnyBnNzY5C13
ROJgJXASaOWv69UOTHO6WllA1WcsGl/QK/e2eSqstDPrI+BXJJ2cKY9+zOYSSXEe
kR+AXycFG5m+yaTRKTMrvMGWpXrhdiHZLRuX4UP6EZwBIF5yDDaWgbl/L50nxQXE
yJVs2Y2s9Dh5WeAisZ6pOwUx3x7WOhuN0KsHmfXj3y78wDfwfLAhCpkChFDIpC5z
au96EwDnnKKDO7dSll/sDhE+zCIE7qic+VhFPSLl2/lkvIxcSLOsgNvZXhcU9BXb
SxQ27A58/AbdhEcqbA3tC47+RFYej5QtUj/tsIulYK2gLukfts+QVDE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:09 2024 by rpki-client on console-fra.rpki-client.org