Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/EqhcY2aJSCb4ZKUdP-1qxYI0ODk.roa
File:                     EqhcY2aJSCb4ZKUdP-1qxYI0ODk.roa (raw, json)
Hash identifier:          WGfONvdJDhW8j3+iShT00PKtsqyNf4ar1AnnpRVNO50=
Subject key identifier:   12:A8:5C:63:66:89:48:26:F8:64:A5:1D:3F:ED:6A:C5:82:34:38:39
Certificate issuer:       /CN=b039ab8298fa363ae837e530028969cc5cbf104e
Certificate serial:       018FE36DFE7F489473BF5ACEF5CCA806E22A
Authority key identifier: B0:39:AB:82:98:FA:36:3A:E8:37:E5:30:02:89:69:CC:5C:BF:10:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sDmrgpj6NjroN-UwAolpzFy_EE4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/EqhcY2aJSCb4ZKUdP-1qxYI0ODk.roa
Signing time:             Tue 04 Jun 2024 13:26:27 +0000
ROA not before:           Tue 04 Jun 2024 13:26:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214865
IP address blocks:        62.169.139.0/24 maxlen: 24
                          2a14:5140::/29 maxlen: 48

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 07:46:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:e3:6d:fe:7f:48:94:73:bf:5a:ce:f5:cc:a8:06:e2:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b039ab8298fa363ae837e530028969cc5cbf104e
        Validity
            Not Before: Jun  4 13:26:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=12a85c6366894826f864a51d3fed6ac582343839
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9b:b2:19:a1:8d:ac:b1:27:33:3c:6c:3b:e8:
                    c2:9b:21:d8:4e:38:3a:ce:b7:d8:f8:c5:c1:a7:35:
                    20:af:aa:7f:72:dd:37:11:5c:00:95:62:0a:64:fa:
                    f8:45:7a:71:a4:79:4a:3c:33:48:99:35:3d:96:5b:
                    f0:df:76:bc:a2:9e:0b:8e:c4:47:c4:d8:8c:85:93:
                    d1:d7:41:10:4e:30:ce:33:25:a1:25:bf:77:a6:c3:
                    3e:78:6f:c6:e6:cf:0d:2b:a7:bc:98:34:70:31:9f:
                    2c:61:28:bb:7e:23:96:bd:90:32:a6:8d:d6:24:85:
                    42:0b:ff:3b:45:52:81:00:7c:b7:b5:e1:80:77:c4:
                    2f:67:e4:1b:c7:2e:52:15:ac:09:8d:0a:65:b5:c1:
                    2f:b8:f6:e7:8a:42:a0:11:1f:da:fb:5e:24:44:58:
                    93:6a:3c:8a:41:a2:01:3a:9a:b1:79:93:e9:ee:19:
                    2f:0c:e0:ef:08:4c:b6:7f:cc:8e:e5:fa:9e:45:6b:
                    8e:fd:1a:cf:19:40:73:59:ee:7c:4b:1a:89:9d:4f:
                    84:e9:b9:d0:25:7e:f8:96:05:b3:e7:72:a7:81:aa:
                    8a:cd:52:92:ab:3f:e1:6d:0e:0d:72:a5:e5:85:1b:
                    08:c1:5e:33:50:61:19:6d:0f:aa:c9:53:a2:a1:dd:
                    8a:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:A8:5C:63:66:89:48:26:F8:64:A5:1D:3F:ED:6A:C5:82:34:38:39
            X509v3 Authority Key Identifier:
                keyid:B0:39:AB:82:98:FA:36:3A:E8:37:E5:30:02:89:69:CC:5C:BF:10:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDmrgpj6NjroN-UwAolpzFy_EE4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/EqhcY2aJSCb4ZKUdP-1qxYI0ODk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/sDmrgpj6NjroN-UwAolpzFy_EE4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.169.139.0/24
                IPv6:
                  2a14:5140::/29

    Signature Algorithm: sha256WithRSAEncryption
         31:39:53:33:41:f6:3e:2c:35:f9:f6:5c:b8:aa:3d:7a:fb:f0:
         88:2e:16:cf:5a:c6:0f:b9:3f:39:42:f9:91:f6:79:33:88:c6:
         f2:25:c4:ee:09:ba:08:67:a5:d5:c4:61:c7:81:72:10:5d:ee:
         fb:bb:f8:da:64:1d:59:75:c1:72:95:e6:76:f4:96:25:3a:03:
         cc:78:4a:f5:33:3a:12:7b:24:ab:5f:9d:b5:bb:ec:50:f3:bf:
         48:65:44:6f:80:57:61:3c:96:bd:37:7b:ee:59:26:d4:f4:c3:
         f2:d1:83:60:12:90:a4:8b:12:17:e0:38:c4:ac:81:f7:18:11:
         e0:26:0d:8e:be:af:d7:b1:93:72:5c:96:f0:c4:22:93:f9:97:
         04:b0:44:bd:a0:08:a3:a0:b5:02:8c:4e:13:92:75:85:bc:09:
         b0:88:68:8e:6a:ce:ff:11:51:d6:56:e8:3b:b9:4e:15:db:d0:
         61:da:34:ad:ff:8d:6d:23:d4:67:8f:29:2f:d5:23:e6:9a:4c:
         d2:39:99:1a:8c:8d:ea:90:18:a6:72:79:9d:89:2b:4f:4a:78:
         93:41:e1:99:25:9e:01:b5:75:9a:56:ea:64:0e:04:63:7b:fb:
         e9:f3:f2:f7:d1:ba:ef:47:30:65:62:f0:d5:f8:10:1b:aa:57:
         0c:10:f8:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/jbf5/SJRzv1rO9cyoBuIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMzlhYjgyOThmYTM2M2FlODM3ZTUzMDAyODk2OWNjNWNi
ZjEwNGUwHhcNMjQwNjA0MTMyNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmE4NWM2MzY2ODk0ODI2Zjg2NGE1MWQzZmVkNmFjNTgyMzQzODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJuyGaGNrLEnMzxsO+jCmyHYTjg6
zrfY+MXBpzUgr6p/ct03EVwAlWIKZPr4RXpxpHlKPDNImTU9llvw33a8op4LjsRH
xNiMhZPR10EQTjDOMyWhJb93psM+eG/G5s8NK6e8mDRwMZ8sYSi7fiOWvZAypo3W
JIVCC/87RVKBAHy3teGAd8QvZ+Qbxy5SFawJjQpltcEvuPbnikKgER/a+14kRFiT
ajyKQaIBOpqxeZPp7hkvDODvCEy2f8yO5fqeRWuO/RrPGUBzWe58SxqJnU+E6bnQ
JX74lgWz53KngaqKzVKSqz/hbQ4NcqXlhRsIwV4zUGEZbQ+qyVOiod2K/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBKoXGNmiUgm+GSlHT/tasWCNDg5MB8GA1UdIwQY
MBaAFLA5q4KY+jY66DflMAKJacxcvxBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0RtcmdwajZOanJvTi1Vd0FvbHB6RnlfRUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZmQ3MmYtZWY3Ny00NTM3LTg5ZTkt
OWZiZDk2M2E1MTNjLzEvRXFoY1kyYUpTQ2I0WktVZFAtMXF4WUkwT0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZmQ3MmYtZWY3Ny00NTM3LTg5ZTktOWZiZDk2M2E1MTNj
LzEvc0RtcmdwajZOanJvTi1Vd0FvbHB6RnlfRUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPqmLMA0E
AgACMAcDBQMqFFFAMA0GCSqGSIb3DQEBCwUAA4IBAQAxOVMzQfY+LDX59ly4qj16
+/CILhbPWsYPuT85QvmR9nkziMbyJcTuCboIZ6XVxGHHgXIQXe77u/jaZB1ZdcFy
leZ29JYlOgPMeEr1MzoSeySrX521u+xQ879IZURvgFdhPJa9N3vuWSbU9MPy0YNg
EpCkixIX4DjErIH3GBHgJg2Ovq/XsZNyXJbwxCKT+ZcEsES9oAijoLUCjE4TknWF
vAmwiGiOas7/EVHWVug7uU4V29Bh2jSt/41tI9Rnjykv1SPmmkzSOZkajI3qkBim
cnmdiStPSniTQeGZJZ4BtXWaVupkDgRje/vp8/L30brvRzBlYvDV+BAbqlcMEPhv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:37 2024 by rpki-client on console-fra.rpki-client.org