Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IJEEHQuk18wPN0eZnuqwIct7jWY.roa
File:                     IJEEHQuk18wPN0eZnuqwIct7jWY.roa (raw, json)
Hash identifier:          6LKhr1Yjq5ZzggKgX0TGsViZoG8XzYoAm76sIBI8SMg=
Subject key identifier:   20:91:04:1D:0B:A4:D7:CC:0F:37:47:99:9E:EA:B0:21:CB:7B:8D:66
Certificate issuer:       /CN=27e0f7bbbe4031a24ef1b9db196aab0642e84a06
Certificate serial:       0185734CD89EB85DB919DC6C7B52107E1A9D
Authority key identifier: 27:E0:F7:BB:BE:40:31:A2:4E:F1:B9:DB:19:6A:AB:06:42:E8:4A:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IJEEHQuk18wPN0eZnuqwIct7jWY.roa
Signing time:             Mon 02 Jan 2023 16:24:54 +0000
ROA not before:           Mon 02 Jan 2023 16:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8758
IP address blocks:        185.104.84.0/22 maxlen: 24
                          146.185.64.0/19 maxlen: 24
                          94.46.188.0/22 maxlen: 22
                          31.207.52.0/22 maxlen: 22
                          31.207.60.0/22 maxlen: 22
                          185.63.64.0/22 maxlen: 24
                          2a04:f340::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:4c:d8:9e:b8:5d:b9:19:dc:6c:7b:52:10:7e:1a:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27e0f7bbbe4031a24ef1b9db196aab0642e84a06
        Validity
            Not Before: Jan  2 16:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2091041d0ba4d7cc0f3747999eeab021cb7b8d66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d8:b8:5f:08:5c:c1:85:2d:34:bf:a4:cf:60:
                    0f:62:ec:8a:1e:de:6c:79:f6:01:83:e3:a1:21:15:
                    72:e9:e1:d2:44:c3:e3:62:ad:9b:cb:6a:75:eb:39:
                    8f:76:50:94:8b:5f:f0:d3:6f:e3:40:26:0d:3b:47:
                    bf:5b:92:84:92:04:59:fd:fe:63:8f:76:e5:89:69:
                    4f:97:6b:99:24:bb:67:c4:32:eb:df:40:13:bb:a4:
                    ba:e7:8f:82:2d:55:b7:11:d3:27:74:03:66:d9:86:
                    37:36:2d:77:ca:a0:8d:3b:d8:0f:8b:f1:20:ee:6c:
                    4e:ff:86:c0:58:d4:22:45:4c:b6:38:65:4d:05:ae:
                    88:f4:3c:62:39:0a:30:e3:3d:c9:c5:2d:27:88:6d:
                    ea:e4:ec:ba:35:9c:8e:4a:d5:46:18:0d:93:35:34:
                    42:0b:b1:33:b0:30:61:af:0b:14:67:23:31:8c:17:
                    af:e0:00:18:e1:2e:c9:45:38:5e:37:b0:f4:53:f7:
                    20:74:b7:c5:87:1d:7c:86:72:3d:00:3f:ad:bd:6b:
                    11:46:61:ce:28:39:60:2b:a9:a9:7d:86:68:6f:07:
                    ae:0c:f3:ae:2d:40:c8:6e:74:64:e2:e2:54:f8:7a:
                    7c:84:3a:9f:b5:69:a2:4b:5a:0b:b6:a1:1b:d8:eb:
                    37:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:91:04:1D:0B:A4:D7:CC:0F:37:47:99:9E:EA:B0:21:CB:7B:8D:66
            X509v3 Authority Key Identifier:
                keyid:27:E0:F7:BB:BE:40:31:A2:4E:F1:B9:DB:19:6A:AB:06:42:E8:4A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IJEEHQuk18wPN0eZnuqwIct7jWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/J-D3u75AMaJO8bnbGWqrBkLoSgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.207.52.0/22
                  31.207.60.0/22
                  94.46.188.0/22
                  146.185.64.0/19
                  185.63.64.0/22
                  185.104.84.0/22
                IPv6:
                  2a04:f340::/29

    Signature Algorithm: sha256WithRSAEncryption
         74:fb:c5:68:a2:5a:8b:e5:e4:0f:3c:c9:19:b8:89:22:53:08:
         19:62:48:93:7a:2d:ae:f6:87:a6:1b:14:19:82:d9:ee:1c:28:
         61:2e:89:49:78:cd:09:9f:34:34:57:51:2b:e7:44:8a:94:cf:
         74:b6:b1:5d:7b:76:f3:d5:50:75:80:f4:cf:31:0e:95:4d:a8:
         1e:de:fb:2c:46:76:d0:9f:59:84:4c:ab:05:46:f1:0e:02:9a:
         3f:de:5d:21:c0:9e:35:eb:8c:8f:4c:f3:68:a8:78:65:be:01:
         54:0c:0b:fc:eb:fa:d2:52:71:13:f2:e7:37:18:37:43:22:31:
         1f:82:84:41:a6:e3:5e:d5:7e:0f:64:ac:10:15:a6:ca:4a:e2:
         a5:d7:82:db:39:c8:78:8e:e2:43:0c:30:6d:80:ce:0b:63:23:
         56:73:f7:1a:7f:f6:d6:ff:fa:1a:c4:72:18:ac:e4:db:f7:6c:
         4b:2f:2e:86:ae:cb:db:b8:d7:97:f0:47:f5:aa:ee:ff:75:f7:
         71:e3:03:4b:e6:ad:6b:68:25:15:87:45:8f:d4:24:88:56:e8:
         3d:bc:a5:a7:d7:02:68:e5:84:18:dc:bb:d5:fb:f9:7f:70:a2:
         48:ab:e6:a7:bc:b2:7c:49:e5:5d:63:74:a4:d4:fb:0f:d7:2f:
         04:eb:42:6c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVzTNieuF25Gdxse1IQfhqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZTBmN2JiYmU0MDMxYTI0ZWYxYjlkYjE5NmFhYjA2NDJl
ODRhMDYwHhcNMjMwMTAyMTYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDkxMDQxZDBiYTRkN2NjMGYzNzQ3OTk5ZWVhYjAyMWNiN2I4ZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9i4XwhcwYUtNL+kz2APYuyKHt5s
efYBg+OhIRVy6eHSRMPjYq2by2p16zmPdlCUi1/w02/jQCYNO0e/W5KEkgRZ/f5j
j3bliWlPl2uZJLtnxDLr30ATu6S654+CLVW3EdMndANm2YY3Ni13yqCNO9gPi/Eg
7mxO/4bAWNQiRUy2OGVNBa6I9DxiOQow4z3JxS0niG3q5Oy6NZyOStVGGA2TNTRC
C7EzsDBhrwsUZyMxjBev4AAY4S7JRTheN7D0U/cgdLfFhx18hnI9AD+tvWsRRmHO
KDlgK6mpfYZobweuDPOuLUDIbnRk4uJU+Hp8hDqftWmiS1oLtqEb2Os3OwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCCRBB0LpNfMDzdHmZ7qsCHLe41mMB8GA1UdIwQY
MBaAFCfg97u+QDGiTvG52xlqqwZC6EoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSi1EM3U3NUFNYUpPOGJuYkdXcXJCa0xvU2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YWJhNzEtM2JhOC00YjhkLThlYjYt
MzQ2YTNlYzE4NjhjLzEvSUpFRUhRdWsxOHdQTjBlWm51cXdJY3Q3aldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YWJhNzEtM2JhOC00YjhkLThlYjYtMzQ2YTNlYzE4Njhj
LzEvSi1EM3U3NUFNYUpPOGJuYkdXcXJCa0xvU2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCH880AwQC
H888AwQCXi68AwQFkrlAAwQCuT9AAwQCuWhUMA0EAgACMAcDBQMqBPNAMA0GCSqG
SIb3DQEBCwUAA4IBAQB0+8VoolqL5eQPPMkZuIkiUwgZYkiTei2u9oemGxQZgtnu
HChhLolJeM0JnzQ0V1Er50SKlM90trFde3bz1VB1gPTPMQ6VTage3vssRnbQn1mE
TKsFRvEOApo/3l0hwJ4164yPTPNoqHhlvgFUDAv86/rSUnET8uc3GDdDIjEfgoRB
puNe1X4PZKwQFabKSuKl14LbOch4juJDDDBtgM4LYyNWc/caf/bW//oaxHIYrOTb
92xLLy6GrsvbuNeX8Ef1qu7/dfdx4wNL5q1raCUVh0WP1CSIVug9vKWn1wJo5YQY
3LvV+/l/cKJIq+anvLJ8SeVdY3Sk1PsP1y8E60Js
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:31 2024 by rpki-client on console-ams.rpki-client.org