Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/70u2jIYi8mK8hDLU_GEIHSSFnUk.roa
File:                     70u2jIYi8mK8hDLU_GEIHSSFnUk.roa (raw, json)
Hash identifier:          Lma/CIQS92MLjjPTIfTq6EfRFsgMwsAv71KrENTz7Rs=
Subject key identifier:   EF:4B:B6:8C:86:22:F2:62:BC:84:32:D4:FC:61:08:1D:24:85:9D:49
Certificate issuer:       /CN=9d8f112756f1458dcf3e387a4be890f30ea949b3
Certificate serial:       01856E1415C41301C386CD8B17E95691A0DA
Authority key identifier: 9D:8F:11:27:56:F1:45:8D:CF:3E:38:7A:4B:E8:90:F3:0E:A9:49:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/70u2jIYi8mK8hDLU_GEIHSSFnUk.roa
Signing time:             Sun 01 Jan 2023 16:04:48 +0000
ROA not before:           Sun 01 Jan 2023 16:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60243
IP address blocks:        185.34.49.0/24 maxlen: 24
                          185.34.50.0/24 maxlen: 24
                          185.34.48.0/24 maxlen: 24
                          185.34.51.0/24 maxlen: 24
                          2a04:5e80::/32 maxlen: 32
                          2a04:5e86::/32 maxlen: 32
                          2a04:5e85::/32 maxlen: 32
                          2a04:5e82::/32 maxlen: 32
                          2a04:5e81::/32 maxlen: 32
                          2a04:5e83::/32 maxlen: 32
                          2a04:5e84::/32 maxlen: 32
                          2a04:5e87::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:14:15:c4:13:01:c3:86:cd:8b:17:e9:56:91:a0:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d8f112756f1458dcf3e387a4be890f30ea949b3
        Validity
            Not Before: Jan  1 16:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef4bb68c8622f262bc8432d4fc61081d24859d49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:d2:d2:b0:43:66:ca:48:1a:95:60:18:57:eb:
                    b7:87:09:f3:9b:74:e0:cd:51:c8:ea:35:ef:6f:39:
                    51:1e:6d:6b:69:96:1d:81:92:79:ef:05:13:c1:67:
                    9e:6a:a1:99:ca:31:62:52:37:4b:2b:25:ab:48:09:
                    52:2a:61:17:98:8c:16:a2:23:0e:da:8b:3e:85:09:
                    b2:95:c7:4f:48:5a:c3:60:8c:08:4a:4b:be:b2:ad:
                    c6:42:dc:84:ef:19:3e:df:b6:f5:85:00:e0:16:9d:
                    31:45:a1:f3:5e:00:aa:d8:94:4d:53:d7:48:43:e6:
                    0b:6c:b8:80:c2:31:fb:3e:18:05:ea:79:83:53:05:
                    8f:65:41:f1:06:e5:bd:c2:7f:06:e5:0b:b6:8d:da:
                    5c:3b:39:3d:ad:70:54:de:d3:31:66:01:92:cb:ce:
                    14:50:3b:bd:69:5a:f8:e7:4d:0e:ab:bb:de:97:8c:
                    78:4d:fd:0b:b7:5a:c0:41:57:77:8d:4b:66:c8:ec:
                    72:28:e1:4d:35:36:e7:7e:e6:02:d8:e8:a7:63:06:
                    07:f3:be:70:7d:ad:96:6c:a1:c6:b1:54:3e:d5:93:
                    ee:5c:a4:74:e3:67:8e:b0:e8:40:93:3d:3b:ef:c5:
                    94:73:86:db:36:10:26:cb:8d:9d:4a:2e:b4:26:ed:
                    7f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:4B:B6:8C:86:22:F2:62:BC:84:32:D4:FC:61:08:1D:24:85:9D:49
            X509v3 Authority Key Identifier:
                keyid:9D:8F:11:27:56:F1:45:8D:CF:3E:38:7A:4B:E8:90:F3:0E:A9:49:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/70u2jIYi8mK8hDLU_GEIHSSFnUk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/7a6e21-d40b-4eeb-b3cb-00ed90269bb4/1/nY8RJ1bxRY3PPjh6S-iQ8w6pSbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.34.48.0/22
                IPv6:
                  2a04:5e80::/29

    Signature Algorithm: sha256WithRSAEncryption
         7e:f7:d6:dd:20:ec:e7:48:28:ed:4c:39:23:2b:d3:eb:c1:95:
         fa:e7:a8:e4:55:d4:e7:26:0d:b1:cf:b0:df:5f:ae:a0:0e:59:
         0c:bf:c1:d0:3c:c4:36:52:75:dc:cd:0f:76:b7:49:f9:b3:70:
         3e:c5:2e:ba:b8:b2:c8:11:59:b5:5b:6a:7f:e6:d0:80:b6:a7:
         8b:27:37:8c:d5:29:29:8b:6c:c9:ed:4e:fa:4c:c7:48:71:30:
         73:96:93:a6:9b:67:d4:50:10:26:57:04:f5:26:a9:e7:f2:62:
         b9:22:59:b6:04:67:51:f4:eb:c2:71:ce:cd:71:28:a6:dd:78:
         b4:a2:77:49:5c:59:0c:9e:db:37:fd:fb:e1:a8:da:05:fe:aa:
         8c:5f:ff:42:72:72:7d:17:ff:bb:a6:7f:86:8e:9a:65:36:f6:
         22:ad:d9:af:6d:00:8e:07:32:7d:db:20:63:88:6e:ad:58:4f:
         8d:7d:6d:b1:1f:b6:f8:fa:4c:7c:31:b9:72:79:50:3f:b5:74:
         cd:5d:40:af:ee:4d:e7:b2:5a:1e:bc:cb:72:a9:af:b1:15:b7:
         d0:93:bf:19:86:fd:c3:12:3a:b1:2f:25:f9:68:8c:ed:15:db:
         6b:d5:54:d5:b3:2c:46:bb:78:10:0d:cc:12:5c:7b:31:00:60:
         72:ad:8e:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuFBXEEwHDhs2LF+lWkaDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGYxMTI3NTZmMTQ1OGRjZjNlMzg3YTRiZTg5MGYzMGVh
OTQ5YjMwHhcNMjMwMTAxMTYwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjRiYjY4Yzg2MjJmMjYyYmM4NDMyZDRmYzYxMDgxZDI0ODU5ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitLSsENmykgalWAYV+u3hwnzm3Tg
zVHI6jXvbzlRHm1raZYdgZJ57wUTwWeeaqGZyjFiUjdLKyWrSAlSKmEXmIwWoiMO
2os+hQmylcdPSFrDYIwISku+sq3GQtyE7xk+37b1hQDgFp0xRaHzXgCq2JRNU9dI
Q+YLbLiAwjH7PhgF6nmDUwWPZUHxBuW9wn8G5Qu2jdpcOzk9rXBU3tMxZgGSy84U
UDu9aVr4500Oq7vel4x4Tf0Lt1rAQVd3jUtmyOxyKOFNNTbnfuYC2OinYwYH875w
fa2WbKHGsVQ+1ZPuXKR042eOsOhAkz0778WUc4bbNhAmy42dSi60Ju1/SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO9LtoyGIvJivIQy1PxhCB0khZ1JMB8GA1UdIwQY
MBaAFJ2PESdW8UWNzz44ekvokPMOqUmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblk4UkoxYnhSWTNQUGpoNlMtaVE4dzZwU2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC83YTZlMjEtZDQwYi00ZWViLWIzY2It
MDBlZDkwMjY5YmI0LzEvNzB1MmpJWWk4bUs4aERMVV9HRUlIU1NGblVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC83YTZlMjEtZDQwYi00ZWViLWIzY2ItMDBlZDkwMjY5YmI0
LzEvblk4UkoxYnhSWTNQUGpoNlMtaVE4dzZwU2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSIwMA0E
AgACMAcDBQMqBF6AMA0GCSqGSIb3DQEBCwUAA4IBAQB+99bdIOznSCjtTDkjK9Pr
wZX656jkVdTnJg2xz7DfX66gDlkMv8HQPMQ2UnXczQ92t0n5s3A+xS66uLLIEVm1
W2p/5tCAtqeLJzeM1Skpi2zJ7U76TMdIcTBzlpOmm2fUUBAmVwT1Jqnn8mK5Ilm2
BGdR9OvCcc7NcSim3Xi0ondJXFkMnts3/fvhqNoF/qqMX/9CcnJ9F/+7pn+Gjppl
NvYirdmvbQCOBzJ92yBjiG6tWE+NfW2xH7b4+kx8MblyeVA/tXTNXUCv7k3nsloe
vMtyqa+xFbfQk78Zhv3DEjqxLyX5aIztFdtr1VTVsyxGu3gQDcwSXHsxAGByrY66
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:53 2024 by rpki-client on console-fra.rpki-client.org