Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/EOSaVzDmCs2UtEPS1rQSmIcOTaw.roa
File:                     EOSaVzDmCs2UtEPS1rQSmIcOTaw.roa (raw, json)
Hash identifier:          9LVeXi58ukUIyG/t6nrrCq1w0u8NkGRIToG2FqbdXrQ=
Subject key identifier:   10:E4:9A:57:30:E6:0A:CD:94:B4:43:D2:D6:B4:12:98:87:0E:4D:AC
Certificate issuer:       /CN=c950d7b1975a3703ae27b31ad2f932ae46a4cc94
Certificate serial:       01856F42E729CEB07BC593E8AFDEFF4B66F9
Authority key identifier: C9:50:D7:B1:97:5A:37:03:AE:27:B3:1A:D2:F9:32:AE:46:A4:CC:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/EOSaVzDmCs2UtEPS1rQSmIcOTaw.roa
Signing time:             Sun 01 Jan 2023 21:35:33 +0000
ROA not before:           Sun 01 Jan 2023 21:35:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50304
IP address blocks:        185.136.128.0/22 maxlen: 24
                          2a03:a4e0::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:e7:29:ce:b0:7b:c5:93:e8:af:de:ff:4b:66:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c950d7b1975a3703ae27b31ad2f932ae46a4cc94
        Validity
            Not Before: Jan  1 21:35:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10e49a5730e60acd94b443d2d6b41298870e4dac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cd:8a:2d:0b:18:02:ea:30:99:c3:ba:1b:4c:
                    1e:22:49:37:fa:0c:08:e1:fa:14:d5:6b:04:97:6d:
                    6d:52:9d:8a:94:f6:78:7e:dd:9c:a4:1d:62:ce:fc:
                    15:cf:a0:cc:f9:4b:e8:53:bf:e3:10:18:cc:2e:7f:
                    3b:aa:0c:6c:3b:44:92:8f:95:92:93:cd:cc:4d:47:
                    0a:b2:d2:10:9b:87:11:1d:7d:81:89:b8:ad:a5:a4:
                    ad:98:3b:38:0a:0e:1e:9d:bc:44:50:60:1c:a2:84:
                    53:77:e0:c6:b5:59:75:bd:8d:f2:e6:7d:0b:c5:17:
                    e1:7c:fc:74:35:d4:d5:8b:7c:09:cc:43:84:13:40:
                    aa:e5:d0:3e:7d:2a:6b:e0:87:7e:89:c1:e1:d6:77:
                    74:18:51:5b:6b:e4:e6:81:89:23:0f:20:5a:8b:05:
                    ae:dc:a7:2e:0a:36:0b:a5:19:47:4f:2b:2c:e8:a3:
                    7d:69:c0:fb:52:b4:b5:84:ec:a3:7b:41:0c:67:46:
                    1a:71:d2:60:47:a3:13:c2:3f:61:8b:52:a0:8b:14:
                    2a:fd:0a:c8:34:67:f0:45:a0:66:fb:64:10:89:cc:
                    ef:67:32:ec:1f:e8:ad:20:58:86:37:c6:b4:3f:5c:
                    60:26:ac:cf:67:a5:05:c8:d4:37:71:b2:c9:5d:9c:
                    5a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:E4:9A:57:30:E6:0A:CD:94:B4:43:D2:D6:B4:12:98:87:0E:4D:AC
            X509v3 Authority Key Identifier:
                keyid:C9:50:D7:B1:97:5A:37:03:AE:27:B3:1A:D2:F9:32:AE:46:A4:CC:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/EOSaVzDmCs2UtEPS1rQSmIcOTaw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.136.128.0/22
                IPv6:
                  2a03:a4e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:65:38:25:85:a4:fe:60:91:b7:b7:87:e9:e2:b7:e1:2d:bb:
         57:37:a4:bc:b6:cc:9c:08:4d:1d:09:01:8a:6d:07:0c:5d:6e:
         d8:05:23:c9:e9:11:52:8d:5a:be:20:ca:61:23:51:fd:d8:d3:
         2c:d7:a9:2b:9c:ef:e2:4e:ad:2f:d2:a7:b9:fb:e2:91:f7:08:
         5b:ec:ea:b6:18:01:96:18:b5:8c:24:25:5b:a1:96:49:39:3e:
         af:d1:33:1d:cf:b9:24:88:83:87:fd:0c:fc:62:a3:16:91:81:
         fc:34:09:27:da:95:7f:58:c3:88:2f:27:93:ec:0e:15:21:5e:
         8a:14:c8:21:40:f4:d4:cd:ba:9c:f4:25:c8:76:08:5e:b1:1f:
         88:ee:4e:41:94:37:6e:d4:ed:b1:d8:89:d3:93:30:f7:e1:f4:
         c7:67:66:87:8e:7c:4b:95:41:e0:f9:17:3c:ee:95:78:3b:45:
         97:30:f7:82:b7:32:34:ed:c8:5e:92:73:80:65:f8:bb:76:ec:
         84:23:0f:84:e8:2d:0e:63:61:59:44:1d:2f:46:0b:c3:c5:27:
         2b:6c:12:61:72:dc:fc:b0:8f:6d:c9:74:5a:f4:40:34:4d:f3:
         de:34:78:ec:a1:04:9d:63:f9:dc:9f:9e:31:35:d7:32:d7:b4:
         44:a6:28:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQucpzrB7xZPor97/S2b5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NTBkN2IxOTc1YTM3MDNhZTI3YjMxYWQyZjkzMmFlNDZh
NGNjOTQwHhcNMjMwMTAxMjEzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGU0OWE1NzMwZTYwYWNkOTRiNDQzZDJkNmI0MTI5ODg3MGU0ZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs2KLQsYAuowmcO6G0weIkk3+gwI
4foU1WsEl21tUp2KlPZ4ft2cpB1izvwVz6DM+UvoU7/jEBjMLn87qgxsO0SSj5WS
k83MTUcKstIQm4cRHX2BibitpaStmDs4Cg4enbxEUGAcooRTd+DGtVl1vY3y5n0L
xRfhfPx0NdTVi3wJzEOEE0Cq5dA+fSpr4Id+icHh1nd0GFFba+TmgYkjDyBaiwWu
3KcuCjYLpRlHTyss6KN9acD7UrS1hOyje0EMZ0YacdJgR6MTwj9hi1KgixQq/QrI
NGfwRaBm+2QQiczvZzLsH+itIFiGN8a0P1xgJqzPZ6UFyNQ3cbLJXZxazwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBDkmlcw5grNlLRD0ta0EpiHDk2sMB8GA1UdIwQY
MBaAFMlQ17GXWjcDriezGtL5Mq5GpMyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVZEWHNaZGFOd091SjdNYTB2a3lya2FrekpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wYzczMTgtYjM0OC00YjI0LWI5ZTUt
YzZhODgyMWFkZWE5LzEvRU9TYVZ6RG1DczJVdEVQUzFyUVNtSWNPVGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wYzczMTgtYjM0OC00YjI0LWI5ZTUtYzZhODgyMWFkZWE5
LzEveVZEWHNaZGFOd091SjdNYTB2a3lya2FrekpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYiAMA0E
AgACMAcDBQAqA6TgMA0GCSqGSIb3DQEBCwUAA4IBAQANZTglhaT+YJG3t4fp4rfh
LbtXN6S8tsycCE0dCQGKbQcMXW7YBSPJ6RFSjVq+IMphI1H92NMs16krnO/iTq0v
0qe5++KR9whb7Oq2GAGWGLWMJCVboZZJOT6v0TMdz7kkiIOH/Qz8YqMWkYH8NAkn
2pV/WMOILyeT7A4VIV6KFMghQPTUzbqc9CXIdghesR+I7k5BlDdu1O2x2InTkzD3
4fTHZ2aHjnxLlUHg+Rc87pV4O0WXMPeCtzI07cheknOAZfi7duyEIw+E6C0OY2FZ
RB0vRgvDxScrbBJhctz8sI9tyXRa9EA0TfPeNHjsoQSdY/ncn54xNdcy17REpihX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:46 2024 by rpki-client on console-fra.rpki-client.org