Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/BeYK1CqemN1zYVqZo9PrqqJV1aU.roa
File:                     BeYK1CqemN1zYVqZo9PrqqJV1aU.roa (raw, json)
Hash identifier:          54C52S9lo0eqVT7matgDz8+n8Jy08WKCWO8hH6TISdI=
Subject key identifier:   05:E6:0A:D4:2A:9E:98:DD:73:61:5A:99:A3:D3:EB:AA:A2:55:D5:A5
Certificate issuer:       /CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Certificate serial:       018C83EDEB5DB5FC97C3C37D97709D5B13E8
Authority key identifier: EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/BeYK1CqemN1zYVqZo9PrqqJV1aU.roa
Signing time:             Tue 19 Dec 2023 21:14:16 +0000
ROA not before:           Tue 19 Dec 2023 21:14:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207167
IP address blocks:        85.209.28.0/22 maxlen: 22
                          185.234.132.0/22 maxlen: 22
                          185.179.33.0/24 maxlen: 24
                          185.179.32.0/24 maxlen: 24
                          185.59.144.0/22 maxlen: 22
                          2a0a:7780::/29 maxlen: 29
                          2a02:6c20::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:83:ed:eb:5d:b5:fc:97:c3:c3:7d:97:70:9d:5b:13:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eeb59b791c7a11d232a95c7ef169285caea695bc
        Validity
            Not Before: Dec 19 21:14:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05e60ad42a9e98dd73615a99a3d3ebaaa255d5a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:4c:5e:0a:39:42:5a:09:89:d8:30:b1:08:7d:
                    db:1f:24:9b:90:cc:88:a1:23:b3:2a:f4:2d:95:55:
                    b7:45:0c:2c:cf:3a:dc:f9:19:5b:c5:95:ac:65:de:
                    e1:5b:f3:da:f9:5f:43:b8:be:11:f4:ea:79:d9:c4:
                    34:e7:25:af:18:64:19:9b:97:a7:13:0c:eb:dd:84:
                    00:15:f5:63:02:64:95:b5:ff:68:41:46:ad:6e:4c:
                    f7:02:9e:8d:dd:1a:38:19:91:77:b8:87:ff:c2:a8:
                    ca:da:f7:ef:62:3e:fe:64:da:0c:30:0d:f0:2e:dc:
                    36:8d:4f:0d:78:f5:34:be:4f:a9:aa:24:5d:b6:0b:
                    01:8d:2e:cf:55:35:50:40:97:a9:31:56:33:89:db:
                    90:45:ee:e9:a4:d9:16:9f:3e:2b:c6:01:f6:96:1a:
                    cb:da:1e:80:54:af:fb:14:86:d9:77:30:91:8c:76:
                    91:25:c8:52:6c:55:11:ec:ef:15:6d:40:b4:c0:3c:
                    6e:1e:85:c7:13:43:33:a0:e2:20:b4:00:6c:49:f1:
                    18:3b:f5:92:09:94:5a:97:a6:df:dc:d6:3b:ab:fc:
                    ca:0e:22:59:e7:57:6d:5b:1e:7c:7b:b6:98:4c:b4:
                    0d:99:7d:0a:39:37:2f:05:f0:b1:b9:91:34:4f:75:
                    be:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:E6:0A:D4:2A:9E:98:DD:73:61:5A:99:A3:D3:EB:AA:A2:55:D5:A5
            X509v3 Authority Key Identifier:
                keyid:EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/BeYK1CqemN1zYVqZo9PrqqJV1aU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/7rWbeRx6EdIyqVx-8WkoXK6mlbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.28.0/22
                  185.59.144.0/22
                  185.179.32.0/23
                  185.234.132.0/22
                IPv6:
                  2a02:6c20::/32
                  2a0a:7780::/29

    Signature Algorithm: sha256WithRSAEncryption
         54:d9:16:32:a1:52:3e:23:2e:17:50:70:85:c8:df:bd:3f:12:
         17:41:a7:3e:c4:61:e6:9d:a7:65:d9:c9:51:72:5d:53:6a:ed:
         d8:e8:bf:88:55:59:0c:55:39:78:c8:66:9e:1f:39:d9:a0:6b:
         fb:10:9b:a5:17:4c:15:8e:61:da:38:86:3a:e5:5f:d0:7a:4b:
         ab:11:5b:57:5f:28:3e:90:89:fb:2e:19:59:de:8e:0b:ac:0a:
         a8:ef:f0:3c:f9:84:8f:4c:73:be:e0:d7:51:88:7f:b1:ec:7c:
         19:e9:ba:45:2a:ca:22:d2:30:df:c8:14:25:69:32:38:94:90:
         df:cb:31:f2:ad:3f:91:86:d7:ee:6c:e4:81:0c:8b:a4:21:dd:
         04:bf:91:59:b6:87:0a:ad:5d:ab:84:b0:4f:ec:a6:15:7b:70:
         05:9c:78:46:27:9a:80:36:65:9d:95:9f:21:d8:84:31:3d:0a:
         2d:83:1a:bd:39:c6:33:1c:94:8c:71:60:e2:80:d8:f8:6e:29:
         1d:64:44:0a:7a:9e:3e:b6:82:8d:52:d9:12:fa:90:f6:cb:1b:
         a0:19:bb:12:ce:66:14:0d:6b:b1:fb:6a:b1:38:fb:55:cd:87:
         a1:37:53:ba:fc:ef:bd:ce:af:cf:ad:41:51:e3:5a:bb:aa:a0:
         64:47:67:35
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYyD7etdtfyXw8N9l3CdWxPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYjU5Yjc5MWM3YTExZDIzMmE5NWM3ZWYxNjkyODVjYWVh
Njk1YmMwHhcNMjMxMjE5MjExNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWU2MGFkNDJhOWU5OGRkNzM2MTVhOTlhM2QzZWJhYWEyNTVkNWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtExeCjlCWgmJ2DCxCH3bHySbkMyI
oSOzKvQtlVW3RQwszzrc+RlbxZWsZd7hW/Pa+V9DuL4R9Op52cQ05yWvGGQZm5en
Ewzr3YQAFfVjAmSVtf9oQUatbkz3Ap6N3Ro4GZF3uIf/wqjK2vfvYj7+ZNoMMA3w
Ltw2jU8NePU0vk+pqiRdtgsBjS7PVTVQQJepMVYziduQRe7ppNkWnz4rxgH2lhrL
2h6AVK/7FIbZdzCRjHaRJchSbFUR7O8VbUC0wDxuHoXHE0MzoOIgtABsSfEYO/WS
CZRal6bf3NY7q/zKDiJZ51dtWx58e7aYTLQNmX0KOTcvBfCxuZE0T3W+EwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAXmCtQqnpjdc2FamaPT66qiVdWlMB8GA1UdIwQY
MBaAFO61m3kcehHSMqlcfvFpKFyuppW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMt
YTY3ZDhjN2VkN2NhLzEvQmVZSzFDcWVtTjF6WVZxWm85UHJxcUpWMWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMtYTY3ZDhjN2VkN2Nh
LzEvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCVdEcAwQC
uTuQAwQBubMgAwQCueqEMBQEAgACMA4DBQAqAmwgAwUDKgp3gDANBgkqhkiG9w0B
AQsFAAOCAQEAVNkWMqFSPiMuF1BwhcjfvT8SF0GnPsRh5p2nZdnJUXJdU2rt2Oi/
iFVZDFU5eMhmnh852aBr+xCbpRdMFY5h2jiGOuVf0HpLqxFbV18oPpCJ+y4ZWd6O
C6wKqO/wPPmEj0xzvuDXUYh/sex8Gem6RSrKItIw38gUJWkyOJSQ38sx8q0/kYbX
7mzkgQyLpCHdBL+RWbaHCq1dq4SwT+ymFXtwBZx4RieagDZlnZWfIdiEMT0KLYMa
vTnGMxyUjHFg4oDY+G4pHWRECnqePraCjVLZEvqQ9ssboBm7Es5mFA1rsftqsTj7
Vc2HoTdTuvzvvc6vz61BUeNau6qgZEdnNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:12 2024 by rpki-client on console-fra.rpki-client.org