Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/c2ce9RZgSRBaOOTlZqwjDD3E6Ko.roa
File:                     c2ce9RZgSRBaOOTlZqwjDD3E6Ko.roa (raw, json)
Hash identifier:          eThQYFvVb/nsic/jqrvOmSeWZKVptfHIH9tgNQgTKhc=
Subject key identifier:   73:67:1E:F5:16:60:49:10:5A:38:E4:E5:66:AC:23:0C:3D:C4:E8:AA
Certificate issuer:       /CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Certificate serial:       01856F66F972EA7F3025FCFCFDFE45684D14
Authority key identifier: 5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/c2ce9RZgSRBaOOTlZqwjDD3E6Ko.roa
Signing time:             Sun 01 Jan 2023 22:14:57 +0000
ROA not before:           Sun 01 Jan 2023 22:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20609
IP address blocks:        185.108.120.0/22 maxlen: 24
                          91.202.52.0/22 maxlen: 24
                          2a06:4ac0::/32 maxlen: 33

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:f9:72:ea:7f:30:25:fc:fc:fd:fe:45:68:4d:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
        Validity
            Not Before: Jan  1 22:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=73671ef5166049105a38e4e566ac230c3dc4e8aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:de:04:f6:3d:70:c7:25:04:52:9b:7f:46:03:
                    37:90:b3:dc:0d:4b:ad:20:20:00:e5:8b:4c:19:da:
                    02:76:8b:d8:26:08:bc:5f:46:1d:0b:2e:ba:5f:29:
                    08:61:57:0b:7a:fa:88:8a:bd:d2:80:ff:66:63:31:
                    53:a0:36:d9:5e:65:88:87:c5:85:23:da:04:47:3a:
                    50:f6:73:66:dd:d1:49:63:dd:7e:4c:ab:3b:32:28:
                    82:65:26:79:e6:76:21:37:82:f5:31:7d:ad:d9:65:
                    3d:2d:1d:30:1d:54:a0:33:a6:a5:a4:56:ce:2b:12:
                    e0:15:2c:18:04:39:83:c2:8c:ed:b9:c3:93:ae:c3:
                    99:8b:58:b5:3c:59:e5:d1:64:6f:6e:52:1d:7b:70:
                    6b:49:85:c2:c2:37:f1:d5:4d:f3:45:5e:ae:a6:f8:
                    7c:9a:64:d8:37:f5:ca:10:11:50:8c:35:6f:1f:5d:
                    46:89:cb:db:cb:89:bc:f7:63:f2:6d:25:f3:f2:a9:
                    7f:39:2c:08:e9:ef:41:f3:0e:6a:83:69:ac:d0:92:
                    88:9f:2c:88:2f:fb:71:ff:26:b4:65:34:02:d0:5c:
                    95:b3:7a:f7:5c:7e:e9:a3:b4:95:e4:b0:b7:12:14:
                    8f:87:50:95:b1:96:0c:87:7d:25:ac:7d:05:ae:18:
                    64:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:67:1E:F5:16:60:49:10:5A:38:E4:E5:66:AC:23:0C:3D:C4:E8:AA
            X509v3 Authority Key Identifier:
                keyid:5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/c2ce9RZgSRBaOOTlZqwjDD3E6Ko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.202.52.0/22
                  185.108.120.0/22
                IPv6:
                  2a06:4ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:0f:1f:64:9e:85:a7:da:09:9e:76:c0:90:ff:b7:ef:dc:2c:
         f2:9f:ad:60:da:dc:37:0b:9f:cf:23:e2:c3:1c:79:0d:77:76:
         44:c8:87:fb:d8:a8:5f:f9:b4:c6:0e:01:e4:5b:ed:ec:14:ad:
         22:28:b5:df:0d:37:33:2b:d5:98:3f:32:5b:68:4f:38:b6:59:
         3f:5d:71:24:9d:66:3f:49:6d:a8:b9:53:6a:c8:9f:a1:f6:57:
         e9:9e:6a:a5:4a:90:24:8e:4c:8a:49:37:a7:0b:75:27:5d:8a:
         48:c0:c7:8e:b3:d8:a2:2d:f9:0f:8b:65:18:fd:d5:33:07:7e:
         3a:02:cb:18:2a:26:27:f7:46:d7:5d:56:a4:9d:b8:2a:9a:27:
         41:66:39:8e:6e:69:c9:63:66:57:5d:cb:78:ee:f9:ef:f2:b5:
         a6:bd:bb:48:14:72:09:4c:82:af:01:6a:77:e4:47:b3:98:40:
         87:90:68:ae:09:44:5a:96:15:6d:c0:93:2d:ef:d1:34:d7:ca:
         96:62:16:cf:91:ee:90:e9:48:b9:cd:9c:25:b6:27:8d:1c:29:
         13:b7:bf:41:61:64:e5:65:c8:90:b9:6e:68:1e:62:90:a9:66:
         4e:21:ba:1d:3d:73:f2:ea:8a:31:c0:de:e5:98:c5:39:27:db:
         39:83:19:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvZvly6n8wJfz8/f5FaE0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWQ0MDYwZmQ1MDFlYmFlOTNlZDQ0ZGE2YjdhNzllNjY3
MDViMmYwHhcNMjMwMTAxMjIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzY3MWVmNTE2NjA0OTEwNWEzOGU0ZTU2NmFjMjMwYzNkYzRlOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3d4E9j1wxyUEUpt/RgM3kLPcDUut
ICAA5YtMGdoCdovYJgi8X0YdCy66XykIYVcLevqIir3SgP9mYzFToDbZXmWIh8WF
I9oERzpQ9nNm3dFJY91+TKs7MiiCZSZ55nYhN4L1MX2t2WU9LR0wHVSgM6alpFbO
KxLgFSwYBDmDwoztucOTrsOZi1i1PFnl0WRvblIde3BrSYXCwjfx1U3zRV6upvh8
mmTYN/XKEBFQjDVvH11Gicvby4m892PybSXz8ql/OSwI6e9B8w5qg2ms0JKInyyI
L/tx/ya0ZTQC0FyVs3r3XH7po7SV5LC3EhSPh1CVsZYMh30lrH0FrhhkOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHNnHvUWYEkQWjjk5WasIww9xOiqMB8GA1UdIwQY
MBaAFF4dQGD9UB666T7UTaa3p55mcFsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQt
MGUxZGI5OGFkMjMxLzEvYzJjZTlSWmdTUkJhT09UbFpxd2pERDNFNktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQtMGUxZGI5OGFkMjMx
LzEvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8o0AwQC
uWx4MA0EAgACMAcDBQAqBkrAMA0GCSqGSIb3DQEBCwUAA4IBAQAdDx9knoWn2gme
dsCQ/7fv3Czyn61g2tw3C5/PI+LDHHkNd3ZEyIf72Khf+bTGDgHkW+3sFK0iKLXf
DTczK9WYPzJbaE84tlk/XXEknWY/SW2ouVNqyJ+h9lfpnmqlSpAkjkyKSTenC3Un
XYpIwMeOs9iiLfkPi2UY/dUzB346AssYKiYn90bXXVaknbgqmidBZjmObmnJY2ZX
Xct47vnv8rWmvbtIFHIJTIKvAWp35EezmECHkGiuCURalhVtwJMt79E018qWYhbP
ke6Q6Ui5zZwltieNHCkTt79BYWTlZciQuW5oHmKQqWZOIbodPXPy6ooxwN7lmMU5
J9s5gxl/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:12 2024 by rpki-client on console-fra.rpki-client.org