Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/E8A-8E7kty-eRm7UxXV4PM8-EOs.roa
File:                     E8A-8E7kty-eRm7UxXV4PM8-EOs.roa (raw, json)
Hash identifier:          uBdRFRG57QagDHQEwZWbWgqjEBbGRI4l7N9r+UBT5gY=
Subject key identifier:   13:C0:3E:F0:4E:E4:B7:2F:9E:46:6E:D4:C5:75:78:3C:CF:3E:10:EB
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018B95D5C423F662FD211226A32EE037F1FE
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/E8A-8E7kty-eRm7UxXV4PM8-EOs.roa
Signing time:             Fri 03 Nov 2023 15:38:16 +0000
ROA not before:           Fri 03 Nov 2023 15:38:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204300
IP address blocks:        194.35.52.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:95:d5:c4:23:f6:62:fd:21:12:26:a3:2e:e0:37:f1:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Nov  3 15:38:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13c03ef04ee4b72f9e466ed4c575783ccf3e10eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:68:d0:8b:10:56:1f:b9:55:dd:92:2d:37:d6:
                    91:68:8e:30:37:9d:6a:cc:60:84:22:a8:b9:30:4f:
                    83:62:d3:0f:96:81:3d:83:dc:26:57:7f:f8:53:0f:
                    55:b0:d2:9e:dd:13:e2:7f:53:b3:1d:cf:b6:14:15:
                    c8:30:85:65:18:7a:b7:64:19:78:c9:be:d3:9d:0b:
                    3f:61:a2:b4:ea:44:6e:6c:60:d9:39:93:2a:a7:b7:
                    44:6b:63:5f:c8:9d:32:d2:12:89:c2:ec:ab:50:24:
                    7b:ea:76:ec:38:0c:a4:33:b7:7b:d0:b0:f0:d1:5c:
                    7a:40:c3:7c:aa:7c:d9:66:04:31:e7:50:68:76:e6:
                    97:79:97:1e:0f:74:bc:df:39:34:7b:5b:e5:df:a3:
                    54:c1:2e:47:e1:4b:ff:76:a9:f0:bf:23:99:47:af:
                    62:ba:ff:e8:9b:e2:7f:26:3b:f5:58:79:9d:bf:17:
                    8a:6d:1b:0e:52:ee:b4:55:0d:f8:47:3f:ad:5a:a1:
                    6e:3f:a1:60:fa:cb:54:0e:5a:06:3c:6d:89:a6:d2:
                    6a:d3:d6:58:7a:26:d1:98:ec:3c:49:e6:b7:5f:7a:
                    33:67:0f:fe:6a:b6:c4:73:2d:9d:66:c4:85:27:27:
                    88:10:68:dd:07:93:c7:5b:7f:93:7c:2c:6d:fd:2f:
                    bd:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:C0:3E:F0:4E:E4:B7:2F:9E:46:6E:D4:C5:75:78:3C:CF:3E:10:EB
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/E8A-8E7kty-eRm7UxXV4PM8-EOs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.35.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:97:5a:5c:18:5f:17:7d:af:be:64:53:10:a0:e6:17:93:6a:
         b4:77:58:a4:e5:f0:e1:58:5d:ee:58:2e:9d:a5:c5:98:59:e8:
         2a:17:55:53:21:72:00:3b:28:3c:f9:d0:a0:8a:3b:23:2a:a8:
         96:c9:e4:0f:71:b2:52:f8:b8:41:01:4c:b8:67:b8:ba:aa:a9:
         90:6e:27:17:df:8c:ef:00:fc:c9:98:43:4e:bd:e4:be:37:bc:
         4e:bc:60:fe:b0:2e:0c:68:1c:1e:f9:36:d4:79:e7:7f:5a:b4:
         64:d5:ea:5b:2f:6c:cc:67:1f:d1:26:54:ae:42:d3:0d:16:6f:
         18:84:2a:89:7f:39:c1:d3:05:15:3a:d6:b0:0d:9d:63:8f:9f:
         d2:42:75:bf:77:f6:99:d7:4b:62:f6:33:39:49:9b:02:1b:24:
         1b:2c:0c:f0:dd:f3:ef:6d:f3:21:72:b1:14:56:f2:8d:2c:f0:
         91:97:28:cb:a4:af:bd:ec:38:ae:f6:ae:01:71:a0:7c:ab:fa:
         6f:38:01:25:07:fe:e0:43:0c:ba:09:78:cf:34:55:30:15:df:
         1e:30:91:c4:30:5d:be:6a:ef:fb:b5:26:7a:14:56:c9:a9:94:
         ae:91:ca:88:48:30:21:f6:f4:21:36:92:ad:77:a0:42:40:87:
         7b:aa:49:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuV1cQj9mL9IRImoy7gN/H+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTAzMTUzODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2MwM2VmMDRlZTRiNzJmOWU0NjZlZDRjNTc1NzgzY2NmM2UxMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GjQixBWH7lV3ZItN9aRaI4wN51q
zGCEIqi5ME+DYtMPloE9g9wmV3/4Uw9VsNKe3RPif1OzHc+2FBXIMIVlGHq3ZBl4
yb7TnQs/YaK06kRubGDZOZMqp7dEa2NfyJ0y0hKJwuyrUCR76nbsOAykM7d70LDw
0Vx6QMN8qnzZZgQx51BoduaXeZceD3S83zk0e1vl36NUwS5H4Uv/dqnwvyOZR69i
uv/om+J/Jjv1WHmdvxeKbRsOUu60VQ34Rz+tWqFuP6Fg+stUDloGPG2JptJq09ZY
eibRmOw8Sea3X3ozZw/+arbEcy2dZsSFJyeIEGjdB5PHW3+TfCxt/S+9AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPAPvBO5LcvnkZu1MV1eDzPPhDrMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRThBLThFN2t0eS1lUm03VXhYVjRQTTgtRU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiM0MA0G
CSqGSIb3DQEBCwUAA4IBAQCcl1pcGF8Xfa++ZFMQoOYXk2q0d1ik5fDhWF3uWC6d
pcWYWegqF1VTIXIAOyg8+dCgijsjKqiWyeQPcbJS+LhBAUy4Z7i6qqmQbicX34zv
APzJmENOveS+N7xOvGD+sC4MaBwe+TbUeed/WrRk1epbL2zMZx/RJlSuQtMNFm8Y
hCqJfznB0wUVOtawDZ1jj5/SQnW/d/aZ10ti9jM5SZsCGyQbLAzw3fPvbfMhcrEU
VvKNLPCRlyjLpK+97Diu9q4BcaB8q/pvOAElB/7gQwy6CXjPNFUwFd8eMJHEMF2+
au/7tSZ6FFbJqZSukcqISDAh9vQhNpKtd6BCQId7qkmJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org