Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/63bb79-93b0-499f-978d-10fe44726908/1/EECVga4dwYbA27xuBHcRbkt-pWQ.roa
File:                     EECVga4dwYbA27xuBHcRbkt-pWQ.roa (raw, json)
Hash identifier:          GGw+G2KgrCjR3tQfdu/ut4ah7bfWN6xLBg+zUS/mNMw=
Subject key identifier:   10:40:95:81:AE:1D:C1:86:C0:DB:BC:6E:04:77:11:6E:4B:7E:A5:64
Certificate issuer:       /CN=3ead19096b0ee080fe43810500b718a947fed229
Certificate serial:       01856F42C06F0D5212E76E9B3BDE82726AE3
Authority key identifier: 3E:AD:19:09:6B:0E:E0:80:FE:43:81:05:00:B7:18:A9:47:FE:D2:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pq0ZCWsO4ID-Q4EFALcYqUf-0ik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/63bb79-93b0-499f-978d-10fe44726908/1/EECVga4dwYbA27xuBHcRbkt-pWQ.roa
Signing time:             Sun 01 Jan 2023 21:35:23 +0000
ROA not before:           Sun 01 Jan 2023 21:35:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1299
IP address blocks:        193.108.136.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:c0:6f:0d:52:12:e7:6e:9b:3b:de:82:72:6a:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ead19096b0ee080fe43810500b718a947fed229
        Validity
            Not Before: Jan  1 21:35:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10409581ae1dc186c0dbbc6e0477116e4b7ea564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:34:2f:f6:f8:97:03:62:13:f4:12:47:05:ed:
                    90:f9:b1:fb:30:0d:90:42:27:1a:09:e7:60:79:ea:
                    99:e7:bf:37:c5:7b:a6:f1:c0:c9:e1:65:61:3a:11:
                    a9:77:83:51:bd:0f:ec:db:61:c3:25:61:72:13:67:
                    77:cf:57:67:9b:43:ae:52:49:96:3b:c6:ac:eb:18:
                    6b:8d:c9:50:99:b0:2f:f6:c1:01:06:b1:c1:9b:0a:
                    8a:07:c4:6e:a7:00:dc:fb:d6:ca:3a:4c:f4:1f:3e:
                    3d:a4:05:8f:95:a3:b1:03:e8:60:b1:ac:c4:d8:b2:
                    c3:80:61:f0:22:55:e7:ec:1f:13:1e:40:06:99:63:
                    75:ed:5c:99:9b:3c:a3:e7:a5:4e:b6:0a:d8:c1:b1:
                    54:aa:0d:31:1a:54:98:68:7b:1f:77:cb:68:2c:56:
                    eb:89:c7:72:70:45:4b:b9:5a:ce:37:6d:5d:8e:76:
                    4e:85:30:39:d4:b0:a0:60:1b:1c:f9:bf:9c:b0:f3:
                    d3:29:bd:a4:1c:7d:1c:80:2d:98:ce:75:28:e9:e1:
                    6b:21:01:b4:7c:b4:8d:71:d0:b6:ab:c7:1f:b8:af:
                    35:ad:be:b0:fb:a0:64:7b:6f:c5:d6:6d:70:32:1a:
                    09:c7:07:18:a8:c7:23:07:9e:26:b1:c4:1e:65:a7:
                    b1:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:40:95:81:AE:1D:C1:86:C0:DB:BC:6E:04:77:11:6E:4B:7E:A5:64
            X509v3 Authority Key Identifier:
                keyid:3E:AD:19:09:6B:0E:E0:80:FE:43:81:05:00:B7:18:A9:47:FE:D2:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq0ZCWsO4ID-Q4EFALcYqUf-0ik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/63bb79-93b0-499f-978d-10fe44726908/1/EECVga4dwYbA27xuBHcRbkt-pWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/63bb79-93b0-499f-978d-10fe44726908/1/Pq0ZCWsO4ID-Q4EFALcYqUf-0ik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c1:f5:f9:e2:93:75:56:e4:09:b3:33:3c:95:87:c3:dc:66:6e:
         de:dc:70:ce:8b:06:73:a7:ac:96:fb:9d:2a:c5:6f:75:5f:e0:
         b9:b7:ca:02:21:f4:1c:be:2d:39:9a:ae:d4:42:ab:b6:a5:50:
         7b:35:76:a2:e5:a8:df:be:22:4c:75:d9:9f:08:11:90:da:05:
         b3:f5:f4:b8:ca:88:78:26:38:55:b8:a0:12:5d:69:d4:00:7d:
         ec:bb:1c:9a:3d:f6:45:47:bb:0d:33:9e:26:1e:03:bd:bd:ce:
         b0:06:db:8b:af:f7:40:6e:df:10:16:1c:7b:ac:2f:93:01:26:
         9e:bc:fb:a4:91:90:8a:5c:99:0f:8b:61:93:08:7f:4d:b6:b1:
         26:b5:52:d3:96:75:8b:22:d1:39:3d:d6:97:b2:99:9a:5d:ec:
         62:c0:db:6f:50:c3:89:56:f6:9a:1f:e7:0c:6e:cf:e4:63:c0:
         29:f4:5b:32:eb:7d:f4:da:15:fe:7e:ec:e9:f4:a6:95:31:c2:
         98:8f:14:19:51:02:06:b3:bc:73:d0:53:bf:40:d9:9d:3a:08:
         0e:6a:2a:0d:9c:1f:9f:c4:b5:c4:4e:a0:fa:57:d0:b8:2e:02:
         9a:0c:be:7a:c8:63:79:3f:60:9f:48:49:a7:f9:a3:fb:54:ad:
         22:45:90:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQsBvDVIS526bO96CcmrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWQxOTA5NmIwZWUwODBmZTQzODEwNTAwYjcxOGE5NDdm
ZWQyMjkwHhcNMjMwMTAxMjEzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDQwOTU4MWFlMWRjMTg2YzBkYmJjNmUwNDc3MTE2ZTRiN2VhNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjQv9viXA2IT9BJHBe2Q+bH7MA2Q
QicaCedgeeqZ5783xXum8cDJ4WVhOhGpd4NRvQ/s22HDJWFyE2d3z1dnm0OuUkmW
O8as6xhrjclQmbAv9sEBBrHBmwqKB8RupwDc+9bKOkz0Hz49pAWPlaOxA+hgsazE
2LLDgGHwIlXn7B8THkAGmWN17VyZmzyj56VOtgrYwbFUqg0xGlSYaHsfd8toLFbr
icdycEVLuVrON21djnZOhTA51LCgYBsc+b+csPPTKb2kHH0cgC2YznUo6eFrIQG0
fLSNcdC2q8cfuK81rb6w+6Bke2/F1m1wMhoJxwcYqMcjB54mscQeZaexwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBBAlYGuHcGGwNu8bgR3EW5LfqVkMB8GA1UdIwQY
MBaAFD6tGQlrDuCA/kOBBQC3GKlH/tIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHEwWkNXc080SUQtUTRFRkFMY1lxVWYtMGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82M2JiNzktOTNiMC00OTlmLTk3OGQt
MTBmZTQ0NzI2OTA4LzEvRUVDVmdhNGR3WWJBMjd4dUJIY1Jia3QtcFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82M2JiNzktOTNiMC00OTlmLTk3OGQtMTBmZTQ0NzI2OTA4
LzEvUHEwWkNXc080SUQtUTRFRkFMY1lxVWYtMGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWyIMA0G
CSqGSIb3DQEBCwUAA4IBAQDB9fnik3VW5AmzMzyVh8PcZm7e3HDOiwZzp6yW+50q
xW91X+C5t8oCIfQcvi05mq7UQqu2pVB7NXai5ajfviJMddmfCBGQ2gWz9fS4yoh4
JjhVuKASXWnUAH3suxyaPfZFR7sNM54mHgO9vc6wBtuLr/dAbt8QFhx7rC+TASae
vPukkZCKXJkPi2GTCH9NtrEmtVLTlnWLItE5PdaXspmaXexiwNtvUMOJVvaaH+cM
bs/kY8Ap9Fsy63302hX+fuzp9KaVMcKYjxQZUQIGs7xz0FO/QNmdOggOaioNnB+f
xLXETqD6V9C4LgKaDL56yGN5P2CfSEmn+aP7VK0iRZBF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:57 2024 by rpki-client on console-fra.rpki-client.org