Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/4EZvaA5r0G3vs89DSG9kKvQora4.roa
File:                     4EZvaA5r0G3vs89DSG9kKvQora4.roa (raw, json)
Hash identifier:          5FFv7fBIhw4g+WESn6NcUsvuhlBwSJLwgOvr8jJchwY=
Subject key identifier:   E0:46:6F:68:0E:6B:D0:6D:EF:B3:CF:43:48:6F:64:2A:F4:28:AD:AE
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       01860D1173B17D52C0B2DFFCCC4D9647F1E0
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/4EZvaA5r0G3vs89DSG9kKvQora4.roa
Signing time:             Wed 01 Feb 2023 13:01:32 +0000
ROA not before:           Wed 01 Feb 2023 13:01:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43444
IP address blocks:        5.188.216.0/24 maxlen: 24
                          5.188.218.0/24 maxlen: 24
                          5.188.219.0/24 maxlen: 24
                          37.9.40.0/24 maxlen: 24
                          37.9.41.0/24 maxlen: 24
                          37.9.42.0/24 maxlen: 24
                          37.9.43.0/24 maxlen: 24
                          37.9.44.0/24 maxlen: 24
                          37.9.45.0/24 maxlen: 24
                          37.9.46.0/24 maxlen: 24
                          37.9.47.0/24 maxlen: 24
                          146.185.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:0d:11:73:b1:7d:52:c0:b2:df:fc:cc:4d:96:47:f1:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Feb  1 13:01:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0466f680e6bd06defb3cf43486f642af428adae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:ce:13:5e:fc:75:d9:4d:a8:49:ff:1f:30:fc:
                    db:47:1f:06:58:f2:fe:64:54:1b:73:34:c2:37:33:
                    d8:30:aa:c9:88:eb:fc:cc:3e:25:37:09:42:92:95:
                    75:87:a4:a6:be:54:46:c2:74:ce:b5:3b:b9:8f:c6:
                    f5:01:b5:bb:40:a5:eb:79:03:46:22:72:4e:2b:48:
                    c6:6d:69:fc:f1:41:5d:4e:43:02:a4:f0:91:76:ab:
                    f8:4d:c7:7c:3c:12:5a:e2:5b:c9:ca:ca:1f:84:98:
                    76:0b:45:d9:6d:de:67:f0:80:b8:d9:d2:17:b4:56:
                    a0:f2:f4:71:07:11:2a:1d:e8:c2:02:3b:62:0f:15:
                    03:08:dd:f4:5b:3e:ce:1b:0c:fa:04:e6:40:49:a6:
                    74:eb:83:31:43:c8:54:a4:f7:02:01:79:52:c8:25:
                    00:44:23:67:07:e5:ea:7d:76:63:91:44:1b:a5:84:
                    d5:c1:32:ad:f6:05:e2:d9:ed:b0:59:54:c1:20:b6:
                    08:1e:3d:b9:66:95:53:71:a2:73:fe:57:16:24:04:
                    fb:72:f3:91:98:7a:58:49:4b:ea:93:47:7b:0a:d9:
                    92:b0:c7:18:6b:da:23:de:16:2c:a2:4f:46:43:27:
                    fc:bf:a5:57:4b:ae:9c:66:2d:59:4a:92:98:66:d6:
                    48:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:46:6F:68:0E:6B:D0:6D:EF:B3:CF:43:48:6F:64:2A:F4:28:AD:AE
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/4EZvaA5r0G3vs89DSG9kKvQora4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.188.216.0/24
                  5.188.218.0/23
                  37.9.40.0/21
                  146.185.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:f7:72:f9:2e:c4:13:b0:cf:1f:4a:e6:62:d6:47:85:d9:40:
         e3:ad:c5:fa:e5:82:ab:92:84:28:b9:3f:82:25:27:c8:16:be:
         57:a5:50:7b:d1:08:ac:76:c4:f2:bc:bd:91:65:7d:3a:b7:2b:
         32:c1:61:62:d7:25:3c:88:95:6c:7c:ff:44:6a:f1:8d:6d:12:
         56:3c:f6:97:68:14:13:2f:0b:ff:7d:9f:57:a5:e5:30:fd:f0:
         59:f9:02:7c:1c:bc:a0:db:f7:d9:cc:0c:70:5f:40:6e:a4:7b:
         93:12:90:b5:01:bf:8e:f6:66:2b:06:94:d5:51:56:1c:bd:29:
         46:9e:03:06:5e:86:cd:04:17:1c:aa:08:30:b4:ce:50:a8:62:
         ed:4f:64:9e:58:29:ff:ae:66:02:91:c8:7a:14:ee:93:9b:d9:
         7c:64:29:65:d2:19:97:a1:5a:36:8b:b4:7c:09:f7:d4:42:f7:
         d5:42:c0:da:8e:d9:3a:f4:f1:1a:41:54:c0:65:de:0b:fa:fc:
         d7:7b:1a:91:ff:62:e0:f2:3d:ee:ee:79:ad:29:b8:9c:94:c5:
         a7:96:2e:ed:14:5b:6b:dc:48:86:34:f9:cb:0e:62:e5:61:e8:
         a8:2c:74:07:a3:c5:d5:0e:9c:da:63:1c:df:e2:af:cf:84:fc:
         0e:bd:17:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYNEXOxfVLAst/8zE2WR/HgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMjAxMTMwMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDQ2NmY2ODBlNmJkMDZkZWZiM2NmNDM0ODZmNjQyYWY0MjhhZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM4TXvx12U2oSf8fMPzbRx8GWPL+
ZFQbczTCNzPYMKrJiOv8zD4lNwlCkpV1h6SmvlRGwnTOtTu5j8b1AbW7QKXreQNG
InJOK0jGbWn88UFdTkMCpPCRdqv4Tcd8PBJa4lvJysofhJh2C0XZbd5n8IC42dIX
tFag8vRxBxEqHejCAjtiDxUDCN30Wz7OGwz6BOZASaZ064MxQ8hUpPcCAXlSyCUA
RCNnB+XqfXZjkUQbpYTVwTKt9gXi2e2wWVTBILYIHj25ZpVTcaJz/lcWJAT7cvOR
mHpYSUvqk0d7CtmSsMcYa9oj3hYsok9GQyf8v6VXS66cZi1ZSpKYZtZIOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOBGb2gOa9Bt77PPQ0hvZCr0KK2uMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvNEVadmFBNXIwRzN2czg5RFNHOWtLdlFvcmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbzYAwQB
BbzaAwQDJQkoAwQAkrnPMA0GCSqGSIb3DQEBCwUAA4IBAQCQ93L5LsQTsM8fSuZi
1keF2UDjrcX65YKrkoQouT+CJSfIFr5XpVB70QisdsTyvL2RZX06tysywWFi1yU8
iJVsfP9EavGNbRJWPPaXaBQTLwv/fZ9XpeUw/fBZ+QJ8HLyg2/fZzAxwX0BupHuT
EpC1Ab+O9mYrBpTVUVYcvSlGngMGXobNBBccqggwtM5QqGLtT2SeWCn/rmYCkch6
FO6Tm9l8ZCll0hmXoVo2i7R8CffUQvfVQsDajtk69PEaQVTAZd4L+vzXexqR/2Lg
8j3u7nmtKbiclMWnli7tFFtr3EiGNPnLDmLlYeioLHQHo8XVDpzaYxzf4q/PhPwO
vReq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org