Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/EYUHFS_5tOiU8TaXqmSnkF1hVi8.roa
File:                     EYUHFS_5tOiU8TaXqmSnkF1hVi8.roa (raw, json)
Hash identifier:          dkaewVW7YAqRchy9gIoCskcSP6oFgwF2IChr5xbaeGg=
Subject key identifier:   11:85:07:15:2F:F9:B4:E8:94:F1:36:97:AA:64:A7:90:5D:61:56:2F
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018ACB6B3C93DB256BA04373E719D027F406
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/EYUHFS_5tOiU8TaXqmSnkF1hVi8.roa
Signing time:             Mon 25 Sep 2023 08:18:37 +0000
ROA not before:           Mon 25 Sep 2023 08:18:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30938
IP address blocks:        45.12.216.0/24 maxlen: 24
                          45.12.217.0/24 maxlen: 24
                          45.12.219.0/24 maxlen: 24
                          45.12.218.0/24 maxlen: 24
                          5.39.248.0/24 maxlen: 24
                          5.39.251.0/24 maxlen: 24
                          5.39.252.0/24 maxlen: 24
                          5.39.250.0/24 maxlen: 24
                          5.39.253.0/24 maxlen: 24
                          31.192.240.0/21 maxlen: 21
                          5.178.98.0/24 maxlen: 24
                          5.178.97.0/24 maxlen: 24
                          5.178.96.0/24 maxlen: 24
                          5.178.99.0/24 maxlen: 24
                          5.144.183.0/24 maxlen: 24
                          5.178.103.0/24 maxlen: 24
                          5.178.100.0/24 maxlen: 24
                          5.178.105.0/24 maxlen: 24
                          5.178.104.0/24 maxlen: 24
                          5.178.106.0/24 maxlen: 24
                          5.178.109.0/24 maxlen: 24
                          5.178.110.0/24 maxlen: 24
                          5.39.254.0/24 maxlen: 24
                          5.39.255.0/24 maxlen: 24
                          185.5.36.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 22:49:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:cb:6b:3c:93:db:25:6b:a0:43:73:e7:19:d0:27:f4:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Sep 25 08:18:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=118507152ff9b4e894f13697aa64a7905d61562f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b6:06:5d:dd:8e:1d:36:e6:8c:48:46:cf:ad:
                    85:15:0a:ce:75:8e:5c:0f:6c:47:31:b9:70:67:32:
                    e2:0e:18:d8:35:26:59:d3:a3:c8:e3:5a:57:fc:a5:
                    82:26:0f:c5:93:c9:30:0f:a1:15:31:7f:5f:03:ab:
                    13:ea:d7:d5:6d:c3:87:52:9a:bd:e1:3f:74:40:76:
                    7d:be:88:db:b6:5a:29:4d:6d:80:b1:50:d7:0d:6d:
                    12:a0:74:f2:03:16:4c:37:b7:c6:e5:f8:61:ad:c8:
                    60:0e:3f:e5:eb:54:6e:44:df:22:56:e4:84:39:58:
                    74:7b:1d:09:ab:6b:53:71:40:43:2d:de:fe:c6:a1:
                    44:d3:8f:db:81:09:44:ff:69:55:1d:6b:18:49:d4:
                    4c:8f:31:92:cb:a5:fa:e0:db:69:e9:f6:45:da:c9:
                    71:03:ac:ae:87:80:bb:74:dd:ba:89:2b:a5:86:fa:
                    e0:1e:16:bd:15:f7:35:64:ea:68:28:d8:bc:4a:8b:
                    2d:00:7b:03:f3:76:61:69:ca:6b:15:7b:a2:ca:01:
                    d8:06:f3:b4:bb:c5:c8:ed:2e:5e:35:60:c2:ee:0d:
                    61:4c:66:85:86:ee:78:77:76:ce:71:ba:0a:60:e0:
                    ef:fe:a1:ce:c5:ff:d7:c7:f4:65:2c:81:7b:88:b4:
                    df:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:85:07:15:2F:F9:B4:E8:94:F1:36:97:AA:64:A7:90:5D:61:56:2F
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/EYUHFS_5tOiU8TaXqmSnkF1hVi8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.39.248.0/24
                  5.39.250.0-5.39.255.255
                  5.144.183.0/24
                  5.178.96.0-5.178.100.255
                  5.178.103.0-5.178.106.255
                  5.178.109.0-5.178.110.255
                  31.192.240.0/21
                  45.12.216.0/22
                  185.5.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         cf:2d:dc:da:fd:15:4c:fb:ee:2f:d8:0a:81:a5:cb:29:78:b2:
         45:78:bb:c1:da:db:3c:31:6e:35:14:94:f4:74:da:30:88:8b:
         d8:e5:22:cb:08:d2:30:a3:06:2a:36:c4:3c:3e:d0:8d:79:b5:
         db:ae:93:0f:7b:53:50:77:0a:e0:f9:f0:c6:9c:ca:ad:80:9a:
         f0:b8:8f:59:04:c4:9c:5c:a8:f5:b2:fe:c6:c4:47:8e:04:43:
         a5:b9:38:28:85:f6:75:c2:1a:52:9b:03:f1:23:9c:85:88:35:
         02:6a:db:fa:d8:51:5c:27:98:a8:5e:67:1e:58:39:57:1a:a1:
         eb:58:ac:d4:41:f1:c2:dc:1c:9e:81:7b:5a:52:cf:34:91:15:
         e0:88:7d:a7:9a:57:1b:df:46:fb:80:a2:9d:62:22:20:99:44:
         95:20:91:e3:af:cc:ec:08:41:01:92:14:d1:04:11:86:18:2a:
         de:b9:f3:61:68:67:8f:a8:15:ed:6b:7f:92:27:62:5a:a7:22:
         7f:6c:f1:5e:db:2e:4c:3a:f2:ea:25:03:3c:12:71:e8:5c:99:
         45:3b:86:6e:be:bb:d1:80:e6:28:f9:26:6f:3f:4d:ae:57:ae:
         eb:88:9e:f9:a3:e3:e2:46:59:c5:7e:2b:61:30:a5:c0:3a:34:
         38:71:09:2d
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYrLazyT2yVroENz5xnQJ/QGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwOTI1MDgxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTg1MDcxNTJmZjliNGU4OTRmMTM2OTdhYTY0YTc5MDVkNjE1NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLYGXd2OHTbmjEhGz62FFQrOdY5c
D2xHMblwZzLiDhjYNSZZ06PI41pX/KWCJg/Fk8kwD6EVMX9fA6sT6tfVbcOHUpq9
4T90QHZ9vojbtlopTW2AsVDXDW0SoHTyAxZMN7fG5fhhrchgDj/l61RuRN8iVuSE
OVh0ex0Jq2tTcUBDLd7+xqFE04/bgQlE/2lVHWsYSdRMjzGSy6X64Ntp6fZF2slx
A6yuh4C7dN26iSulhvrgHha9Ffc1ZOpoKNi8SostAHsD83ZhacprFXuiygHYBvO0
u8XI7S5eNWDC7g1hTGaFhu54d3bOcboKYODv/qHOxf/Xx/RlLIF7iLTf/wIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFBGFBxUv+bTolPE2l6pkp5BdYVYvMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvRVlVSEZTXzV0T2lVOFRhWHFtU25rRjFoVmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAATBVAwQABSf4MAsD
BAEFJ/oDAwMFIAMEAAWQtzAMAwQFBbJgAwQABbJkMAwDBAAFsmcDBAAFsmowDAME
AAWybQMEAAWybgMEAx/A8AMEAi0M2AMEArkFJDANBgkqhkiG9w0BAQsFAAOCAQEA
zy3c2v0VTPvuL9gKgaXLKXiyRXi7wdrbPDFuNRSU9HTaMIiL2OUiywjSMKMGKjbE
PD7QjXm1266TD3tTUHcK4PnwxpzKrYCa8LiPWQTEnFyo9bL+xsRHjgRDpbk4KIX2
dcIaUpsD8SOchYg1Amrb+thRXCeYqF5nHlg5Vxqh61is1EHxwtwcnoF7WlLPNJEV
4Ih9p5pXG99G+4CinWIiIJlElSCR46/M7AhBAZIU0QQRhhgq3rnzYWhnj6gV7Wt/
kidiWqcif2zxXtsuTDry6iUDPBJx6FyZRTuGbr670YDmKPkmbz9Nrleu64ie+aPj
4kZZxX4rYTClwDo0OHEJLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:14 2024 by rpki-client on console-ams.rpki-client.org