Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/i7LSLsEWF3AxMCtaWE4iCk1ojAE.roa
File:                     i7LSLsEWF3AxMCtaWE4iCk1ojAE.roa (raw, json)
Hash identifier:          YN+WQnQfME3bso5X2k7eh7+1n97CGEBy/iC4GEoUlzE=
Subject key identifier:   8B:B2:D2:2E:C1:16:17:70:31:30:2B:5A:58:4E:22:0A:4D:68:8C:01
Certificate issuer:       /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial:       018D9E92DEFA852AF4F3EB5EE13B8A45ACF7
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/i7LSLsEWF3AxMCtaWE4iCk1ojAE.roa
Signing time:             Mon 12 Feb 2024 18:27:21 +0000
ROA not before:           Mon 12 Feb 2024 18:27:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216050
IP address blocks:        37.49.146.0/24 maxlen: 24
                          37.49.149.0/24 maxlen: 24
                          94.74.140.0/24 maxlen: 24
                          109.203.162.0/24 maxlen: 24
                          109.203.164.0/24 maxlen: 24
                          109.203.165.0/24 maxlen: 24
                          109.203.167.0/24 maxlen: 24
                          176.46.128.0/24 maxlen: 24
                          176.46.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 May 2024 09:07:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:9e:92:de:fa:85:2a:f4:f3:eb:5e:e1:3b:8a:45:ac:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
        Validity
            Not Before: Feb 12 18:27:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8bb2d22ec116177031302b5a584e220a4d688c01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:2e:d3:6b:82:7c:42:c4:13:37:6a:f8:11:35:
                    8d:1a:0d:97:86:85:20:56:91:26:c7:a8:e7:eb:38:
                    af:bb:66:00:76:b1:0e:fa:6b:16:ee:6b:27:2b:35:
                    e7:aa:50:bc:14:43:a6:1b:f7:c6:14:fa:e6:05:d8:
                    63:98:7d:f7:dd:7a:19:e3:87:ac:35:68:ce:be:98:
                    1a:14:9d:49:79:92:ab:ca:02:2f:f8:18:d5:20:61:
                    ee:81:5a:28:86:ae:6f:b3:2e:11:b3:5e:fc:bd:e4:
                    e1:11:b0:c0:a0:e9:84:51:1f:06:91:e0:de:0c:0b:
                    2a:62:1a:40:d7:bb:dc:d9:49:bb:9c:8e:c5:d1:7a:
                    25:b2:c5:b1:70:7d:19:b8:65:72:56:bd:7d:fb:ae:
                    25:be:67:e3:24:4f:18:61:5b:93:fb:ad:fe:3f:d1:
                    8f:0a:35:c5:82:01:a4:76:da:c3:2d:77:02:88:9d:
                    5e:49:70:b4:6b:26:e1:5b:53:e4:49:cc:41:40:86:
                    6c:ad:87:bd:c3:89:d2:d5:b7:b1:3b:c3:3c:19:4b:
                    fc:03:3e:fd:5c:c8:eb:b1:bf:22:95:eb:10:e7:c0:
                    21:d7:6d:64:ec:86:4c:c0:7a:9c:00:6f:aa:38:11:
                    1e:60:9b:f7:32:e2:cf:77:bb:6c:fd:a2:d6:ef:3f:
                    ef:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:B2:D2:2E:C1:16:17:70:31:30:2B:5A:58:4E:22:0A:4D:68:8C:01
            X509v3 Authority Key Identifier:
                keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/i7LSLsEWF3AxMCtaWE4iCk1ojAE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.49.146.0/24
                  37.49.149.0/24
                  94.74.140.0/24
                  109.203.162.0/24
                  109.203.164.0/23
                  109.203.167.0/24
                  176.46.128.0/24
                  176.46.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:c3:c1:f6:59:d6:a2:8e:72:44:64:d3:8b:d6:6f:6d:93:99:
         e8:bc:64:37:15:aa:8f:ce:d9:5d:30:5c:96:f9:82:3e:00:9d:
         19:a1:2b:1e:59:14:3b:a0:e5:1f:b9:55:b0:7a:4d:ec:7b:00:
         08:d3:d2:e3:c1:54:8d:69:f7:da:48:eb:de:c3:c7:23:dd:8b:
         2b:7c:e5:bb:5b:67:ca:2e:4e:26:2c:be:77:43:26:5a:52:21:
         08:c4:3c:29:5c:b9:7c:f6:b5:7f:b4:08:57:85:df:3b:ac:0c:
         ae:be:a2:c2:7d:16:c1:6c:75:7d:44:44:aa:98:f6:47:f1:d2:
         9a:18:8c:6b:d6:3a:f1:4e:93:ec:2c:1a:37:d8:40:2a:d7:d5:
         9d:00:be:a0:cb:6a:e4:d7:e4:15:79:22:c2:b5:9d:64:e6:a8:
         c7:36:3c:01:1d:4a:6a:f0:3c:c6:47:76:f7:cf:df:2a:e5:cb:
         18:74:c1:bc:fe:0b:24:43:5d:d1:c8:00:a7:a1:8a:9a:5b:2e:
         31:59:3f:04:99:8d:aa:d5:ce:14:2e:3b:a8:2e:b3:04:75:02:
         c6:3b:7e:2b:07:ce:54:34:d1:47:ad:61:b7:6f:d3:b6:de:01:
         64:b4:e0:61:a9:12:2a:68:95:71:35:30:b8:e4:6d:de:e0:a6:
         67:f6:8c:7c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY2ekt76hSr08+te4TuKRaz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMjEyMTgyNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIyZDIyZWMxMTYxNzcwMzEzMDJiNWE1ODRlMjIwYTRkNjg4YzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkS7Ta4J8QsQTN2r4ETWNGg2XhoUg
VpEmx6jn6zivu2YAdrEO+msW7msnKzXnqlC8FEOmG/fGFPrmBdhjmH333XoZ44es
NWjOvpgaFJ1JeZKrygIv+BjVIGHugVoohq5vsy4Rs178veThEbDAoOmEUR8GkeDe
DAsqYhpA17vc2Um7nI7F0XolssWxcH0ZuGVyVr19+64lvmfjJE8YYVuT+63+P9GP
CjXFggGkdtrDLXcCiJ1eSXC0aybhW1PkScxBQIZsrYe9w4nS1bexO8M8GUv8Az79
XMjrsb8ilesQ58Ah121k7IZMwHqcAG+qOBEeYJv3MuLPd7ts/aLW7z/v0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIuy0i7BFhdwMTArWlhOIgpNaIwBMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvaTdMU0xzRVdGM0F4TUN0YVdFNGlDazFvakFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAJTGSAwQA
JTGVAwQAXkqMAwQAbcuiAwQBbcukAwQAbcunAwQAsC6AAwQAsC6DMA0GCSqGSIb3
DQEBCwUAA4IBAQCfw8H2WdaijnJEZNOL1m9tk5novGQ3FaqPztldMFyW+YI+AJ0Z
oSseWRQ7oOUfuVWwek3sewAI09LjwVSNaffaSOvew8cj3YsrfOW7W2fKLk4mLL53
QyZaUiEIxDwpXLl89rV/tAhXhd87rAyuvqLCfRbBbHV9RESqmPZH8dKaGIxr1jrx
TpPsLBo32EAq19WdAL6gy2rk1+QVeSLCtZ1k5qjHNjwBHUpq8DzGR3b3z98q5csY
dMG8/gskQ13RyACnoYqaWy4xWT8EmY2q1c4ULjuoLrMEdQLGO34rB85UNNFHrWG3
b9O23gFktOBhqRIqaJVxNTC45G3e4KZn9ox8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:09 2024 by rpki-client on console-fra.rpki-client.org