Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/D7_uwiv_swa2m1tpZi6WvjYot0Y.roa
File:                     D7_uwiv_swa2m1tpZi6WvjYot0Y.roa (raw, json)
Hash identifier:          dclCv5+ye1zkL3kKaQVWBB6zG4IMl85kVBCtSXdPuUw=
Subject key identifier:   0F:BF:EE:C2:2B:FF:B3:06:B6:9B:5B:69:66:2E:96:BE:36:28:B7:46
Certificate issuer:       /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial:       0187B2C4E704E87107360C0F3EFEAC778DD5
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/D7_uwiv_swa2m1tpZi6WvjYot0Y.roa
Signing time:             Mon 24 Apr 2023 10:17:41 +0000
ROA not before:           Mon 24 Apr 2023 10:17:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59745
IP address blocks:        80.66.96.0/20 maxlen: 24
                          80.66.108.0/23 maxlen: 24
                          185.198.200.0/22 maxlen: 24
                          2a02:340::/32 maxlen: 32
                          2a0a:8ec0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Fri 15 Sep 2023 09:25:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b2:c4:e7:04:e8:71:07:36:0c:0f:3e:fe:ac:77:8d:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
        Validity
            Not Before: Apr 24 10:17:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0fbfeec22bffb306b69b5b69662e96be3628b746
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5b:78:6c:74:1f:f2:f9:b2:14:0f:52:c6:56:
                    cd:53:56:ee:fa:a7:4a:5b:90:d9:fe:08:bf:e9:29:
                    ce:4a:d6:73:91:27:41:ed:78:cd:0e:ae:53:55:3d:
                    ad:c8:22:c2:1f:33:aa:d4:35:71:63:2c:1b:d9:20:
                    46:cd:e1:0c:09:b8:32:97:14:49:c8:7f:a7:49:59:
                    ab:5d:3f:cf:7d:5c:81:4b:4e:4e:f1:b2:3c:b6:f7:
                    2e:e2:17:99:fa:77:1f:1a:5e:73:2d:fe:d0:bc:ea:
                    58:49:c1:6f:4b:08:07:ec:06:39:c5:ef:75:7c:75:
                    7d:14:f3:e3:5d:27:b4:61:0e:68:26:e9:24:f1:e3:
                    c4:5e:cd:f8:69:2f:32:f4:a3:c5:29:c5:ab:0e:21:
                    b3:a9:f3:aa:e3:73:e4:ca:61:9c:ce:21:4b:26:2d:
                    0d:80:6a:55:f3:90:a0:76:0e:6e:7c:37:d8:7a:1e:
                    83:55:ab:16:8e:3f:bf:62:86:4e:06:ad:a4:90:63:
                    cf:b2:d0:5e:4d:04:01:09:c9:d3:7d:d5:d3:26:3e:
                    33:3e:d4:90:31:4a:ae:59:23:c1:a8:3c:13:71:35:
                    a1:ff:36:37:67:9e:67:7b:2f:b2:cd:f5:8e:0d:10:
                    63:bd:79:96:46:9e:be:ab:ae:9e:57:70:90:19:f1:
                    91:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:BF:EE:C2:2B:FF:B3:06:B6:9B:5B:69:66:2E:96:BE:36:28:B7:46
            X509v3 Authority Key Identifier:
                keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/D7_uwiv_swa2m1tpZi6WvjYot0Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.66.96.0/20
                  185.198.200.0/22
                IPv6:
                  2a02:340::/32
                  2a0a:8ec0::/29

    Signature Algorithm: sha256WithRSAEncryption
         7c:07:6e:aa:d4:61:b3:b8:9c:ab:2a:ec:d8:13:d2:88:8e:cd:
         e0:79:3d:71:a4:84:ad:3c:ef:3b:e2:3f:59:b6:77:bc:c2:51:
         34:a9:28:d7:ec:8f:0b:5a:ca:00:22:38:e5:48:00:c6:c4:65:
         1e:b3:94:09:15:09:f8:f7:37:31:37:b6:f9:be:36:04:94:f1:
         c8:87:9d:5e:d1:27:b9:24:a4:66:d9:87:e8:ec:a9:cb:3c:1c:
         a1:2f:ea:a2:ed:91:b7:f5:72:90:8c:95:0d:0f:23:dd:b3:52:
         67:a3:f9:f7:2f:40:38:45:82:f1:71:25:34:bc:23:d0:ba:d5:
         09:04:25:d8:24:72:e5:02:5f:c3:f6:24:9b:aa:37:65:61:d4:
         08:d4:2c:bc:ba:79:8f:16:42:34:91:37:93:39:a4:32:6e:51:
         44:81:ab:53:fd:da:8a:15:11:ff:8a:f0:58:3f:01:de:79:81:
         2f:bd:32:1a:1d:66:a3:09:18:3e:d3:b0:df:67:a7:22:a2:f0:
         26:8a:dc:00:18:de:7e:8b:7f:23:5f:6d:42:8c:1f:d3:93:c4:
         e7:f9:5d:84:dd:86:74:b1:b4:ad:0d:7e:69:23:1f:f6:b4:8c:
         5a:99:99:2b:01:1a:ef:0f:80:8f:0e:ec:d6:e0:03:2b:58:9a:
         cb:1e:43:e1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYeyxOcE6HEHNgwPPv6sd43VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjMwNDI0MTAxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmJmZWVjMjJiZmZiMzA2YjY5YjViNjk2NjJlOTZiZTM2MjhiNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlt4bHQf8vmyFA9SxlbNU1bu+qdK
W5DZ/gi/6SnOStZzkSdB7XjNDq5TVT2tyCLCHzOq1DVxYywb2SBGzeEMCbgylxRJ
yH+nSVmrXT/PfVyBS05O8bI8tvcu4heZ+ncfGl5zLf7QvOpYScFvSwgH7AY5xe91
fHV9FPPjXSe0YQ5oJukk8ePEXs34aS8y9KPFKcWrDiGzqfOq43PkymGcziFLJi0N
gGpV85Cgdg5ufDfYeh6DVasWjj+/YoZOBq2kkGPPstBeTQQBCcnTfdXTJj4zPtSQ
MUquWSPBqDwTcTWh/zY3Z55ney+yzfWODRBjvXmWRp6+q66eV3CQGfGRpwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA+/7sIr/7MGtptbaWYulr42KLdGMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvRDdfdXdpdl9zd2EybTF0cFppNld2allvdDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQEUEJgAwQC
ucbIMBQEAgACMA4DBQAqAgNAAwUDKgqOwDANBgkqhkiG9w0BAQsFAAOCAQEAfAdu
qtRhs7icqyrs2BPSiI7N4Hk9caSErTzvO+I/WbZ3vMJRNKko1+yPC1rKACI45UgA
xsRlHrOUCRUJ+Pc3MTe2+b42BJTxyIedXtEnuSSkZtmH6OypyzwcoS/qou2Rt/Vy
kIyVDQ8j3bNSZ6P59y9AOEWC8XElNLwj0LrVCQQl2CRy5QJfw/Ykm6o3ZWHUCNQs
vLp5jxZCNJE3kzmkMm5RRIGrU/3aihUR/4rwWD8B3nmBL70yGh1mowkYPtOw32en
IqLwJorcABjefot/I19tQowf05PE5/ldhN2GdLG0rQ1+aSMf9rSMWpmZKwEa7w+A
jw7s1uADK1iayx5D4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:23 2024 by rpki-client on console-fra.rpki-client.org