Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EaZ3zEXqwWrv2YAAFi94Xy5Q64I.roa
File:                     EaZ3zEXqwWrv2YAAFi94Xy5Q64I.roa (raw, json)
Hash identifier:          /DnjhqjNh+JxwDubHu4wNzZlTHP9vh659siDmlF9V+o=
Subject key identifier:   11:A6:77:CC:45:EA:C1:6A:EF:D9:80:00:16:2F:78:5F:2E:50:EB:82
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7A28E7081015483979967519D7D75
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EaZ3zEXqwWrv2YAAFi94Xy5Q64I.roa
Signing time:             Mon 02 Jan 2023 08:44:49 +0000
ROA not before:           Mon 02 Jan 2023 08:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43094
IP address blocks:        91.242.84.0/23 maxlen: 23
                          91.242.104.0/21 maxlen: 21
                          91.242.108.0/22 maxlen: 22
                          91.242.112.0/20 maxlen: 24
                          194.114.144.0/24 maxlen: 25
                          194.114.144.128/27 maxlen: 27
                          91.242.78.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 11:36:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:a2:8e:70:81:01:54:83:97:99:67:51:9d:7d:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=11a677cc45eac16aefd98000162f785f2e50eb82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:5b:d6:49:b3:79:9b:80:47:b9:8d:73:8d:bd:
                    3c:41:e0:1c:f3:d9:9c:e2:ca:b4:ca:16:f4:10:f2:
                    60:21:d9:53:6e:38:e5:11:f9:bf:b6:5e:a2:40:57:
                    cc:e5:d9:a3:40:ca:50:68:17:30:ac:3a:f2:de:b8:
                    ce:fb:ae:73:71:7a:e4:1c:2a:d2:0f:9c:15:d2:b9:
                    ee:d8:d8:9c:61:cf:65:60:38:0f:2d:0b:20:12:e9:
                    ca:3d:c5:f9:4f:48:89:fc:f7:f9:d3:83:b5:47:3d:
                    8f:c0:6b:71:6e:94:20:ab:c0:97:03:52:fd:8e:6e:
                    04:1b:c5:4f:fb:a6:6b:ca:02:52:7e:bd:40:e9:e1:
                    8a:3e:eb:68:b9:7b:52:f7:24:4f:dc:43:1d:a2:d1:
                    97:0e:54:be:b6:e2:03:ab:dc:d2:98:a9:24:0d:b8:
                    c1:7f:ab:65:d6:e2:aa:bf:de:fb:b2:fd:af:a3:f7:
                    88:73:96:e5:32:2f:49:f5:32:57:24:68:dc:c5:59:
                    f8:aa:8b:8c:69:df:c1:a8:37:80:a6:53:72:f8:a6:
                    db:d9:48:30:09:57:0f:f2:10:dd:26:da:a6:78:5b:
                    70:9b:ca:a8:ca:7d:39:b9:56:6a:57:b1:f6:23:c4:
                    09:96:7f:4f:c0:9d:01:d5:ea:60:a3:a8:7e:e1:01:
                    56:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:A6:77:CC:45:EA:C1:6A:EF:D9:80:00:16:2F:78:5F:2E:50:EB:82
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EaZ3zEXqwWrv2YAAFi94Xy5Q64I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.78.0/23
                  91.242.84.0/23
                  91.242.104.0-91.242.127.255
                  194.114.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:29:f3:87:82:a4:3d:0b:3c:0c:35:63:de:f4:4c:40:a0:64:
         40:2f:2a:9b:2a:ca:b9:9e:4a:74:82:5d:ac:40:a0:4d:2c:b6:
         6a:6a:91:15:b0:60:45:b1:5d:78:19:8a:b9:a7:96:8a:ee:43:
         f2:21:87:d5:0d:41:5e:f8:2d:c8:0a:3d:70:24:78:36:9b:56:
         ac:a9:96:cf:8d:6e:24:4c:36:1b:e6:fc:b7:c1:4d:7b:b9:ea:
         bb:2b:55:5c:40:aa:4b:25:1c:f2:f8:d4:db:c0:b8:04:96:85:
         98:5a:d8:a4:5d:1c:22:db:5e:91:33:ac:91:6c:19:a2:ff:82:
         19:93:12:ba:20:57:85:ac:d0:fe:45:de:9a:6b:5f:a7:c8:ef:
         2b:d8:dc:0c:9d:13:ff:37:97:2c:64:e4:21:1b:f7:dc:ec:91:
         2d:2e:cf:b9:1e:28:54:54:a1:24:78:f3:be:4d:46:33:3b:a4:
         5f:43:0c:15:90:ba:a0:03:24:55:20:39:83:bc:d6:99:ff:f3:
         8c:9c:ce:3d:02:9f:91:81:93:f4:a3:e6:ea:03:c3:f3:85:70:
         2a:55:d1:ec:e6:9f:3d:6c:39:51:9d:7d:12:09:e6:eb:45:35:
         77:3a:a9:68:8e:98:a3:a8:10:eb:1d:84:d0:91:4a:7c:4d:52:
         35:2e:c5:9a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVxp6KOcIEBVIOXmWdRnX11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWE2NzdjYzQ1ZWFjMTZhZWZkOTgwMDAxNjJmNzg1ZjJlNTBlYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolvWSbN5m4BHuY1zjb08QeAc89mc
4sq0yhb0EPJgIdlTbjjlEfm/tl6iQFfM5dmjQMpQaBcwrDry3rjO+65zcXrkHCrS
D5wV0rnu2NicYc9lYDgPLQsgEunKPcX5T0iJ/Pf504O1Rz2PwGtxbpQgq8CXA1L9
jm4EG8VP+6ZrygJSfr1A6eGKPutouXtS9yRP3EMdotGXDlS+tuIDq9zSmKkkDbjB
f6tl1uKqv977sv2vo/eIc5blMi9J9TJXJGjcxVn4qouMad/BqDeAplNy+Kbb2Ugw
CVcP8hDdJtqmeFtwm8qoyn05uVZqV7H2I8QJln9PwJ0B1epgo6h+4QFWNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBGmd8xF6sFq79mAABYveF8uUOuCMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRWFaM3pFWHF3V3J2MllBQUZpOTRYeTVRNjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBW/JOAwQB
W/JUMAwDBANb8mgDBAdb8gADBADCcpAwDQYJKoZIhvcNAQELBQADggEBAHMp84eC
pD0LPAw1Y970TECgZEAvKpsqyrmeSnSCXaxAoE0stmpqkRWwYEWxXXgZirmnloru
Q/Ihh9UNQV74LcgKPXAkeDabVqypls+NbiRMNhvm/LfBTXu56rsrVVxAqkslHPL4
1NvAuASWhZha2KRdHCLbXpEzrJFsGaL/ghmTErogV4Ws0P5F3pprX6fI7yvY3Ayd
E/83lyxk5CEb99zskS0uz7keKFRUoSR4875NRjM7pF9DDBWQuqADJFUgOYO81pn/
84yczj0Cn5GBk/Sj5uoDw/OFcCpV0ezmnz1sOVGdfRIJ5utFNXc6qWiOmKOoEOsd
hNCRSnxNUjUuxZo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org