Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/eUSfmNDWjHLVVdw2r1oYYvPXN08.roa
File:                     eUSfmNDWjHLVVdw2r1oYYvPXN08.roa (raw, json)
Hash identifier:          wjUpQXjoOwVRcBLrtwJ7cIh5s10FP0VnMW8ObbXxUXM=
Subject key identifier:   79:44:9F:98:D0:D6:8C:72:D5:55:DC:36:AF:5A:18:62:F3:D7:37:4F
Certificate issuer:       /CN=66259dea3e9cae6e819588c5c913f02d4410398b
Certificate serial:       01862B5274B8FE88C31CCE21C06762B65BA6
Authority key identifier: 66:25:9D:EA:3E:9C:AE:6E:81:95:88:C5:C9:13:F0:2D:44:10:39:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/eUSfmNDWjHLVVdw2r1oYYvPXN08.roa
Signing time:             Tue 07 Feb 2023 10:01:09 +0000
ROA not before:           Tue 07 Feb 2023 10:01:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41114
IP address blocks:        213.232.108.0/22 maxlen: 24
                          185.145.72.0/22 maxlen: 24
                          2a09:5180::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:2b:52:74:b8:fe:88:c3:1c:ce:21:c0:67:62:b6:5b:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66259dea3e9cae6e819588c5c913f02d4410398b
        Validity
            Not Before: Feb  7 10:01:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=79449f98d0d68c72d555dc36af5a1862f3d7374f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:f3:50:ea:3e:55:e8:ec:dc:6a:68:b3:05:c5:
                    df:48:cc:c1:ea:3e:92:23:cc:71:d8:19:d4:a2:e3:
                    a5:23:ce:00:53:71:ca:0f:71:fe:77:19:c4:09:3f:
                    13:d6:03:f1:0c:8d:b3:cd:71:83:73:20:bb:f0:e8:
                    58:6e:db:d7:33:4e:2d:01:38:18:a1:61:e0:be:7f:
                    63:23:1b:ca:7c:41:55:42:6c:ae:80:28:a6:d1:b4:
                    21:18:b8:a7:5d:b3:93:05:be:12:af:f2:a1:34:9b:
                    b9:42:24:bb:f3:2e:65:34:2a:7a:ed:dd:ff:0d:6b:
                    ac:a8:26:ed:fb:96:16:ef:10:2f:cf:b3:43:c9:99:
                    a8:49:0b:81:a6:c8:4e:23:da:46:92:90:06:63:cf:
                    a1:3e:d7:1c:76:18:e8:2a:00:dc:2f:30:39:4f:ec:
                    55:3f:cc:46:3e:58:d2:03:f9:f4:64:62:75:d6:4d:
                    38:81:ab:db:ac:d0:3a:75:ab:ad:c7:92:ab:f2:39:
                    6d:91:ab:8a:8a:89:cd:97:e1:da:1f:73:d6:3a:8c:
                    e9:d2:1c:ac:85:cc:8b:9b:9d:6e:08:67:33:67:96:
                    f7:3d:26:53:10:40:33:4d:cf:45:e2:af:90:fa:cc:
                    c2:0a:53:2f:2e:cb:3e:84:e8:45:f8:8a:76:d9:4a:
                    06:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:44:9F:98:D0:D6:8C:72:D5:55:DC:36:AF:5A:18:62:F3:D7:37:4F
            X509v3 Authority Key Identifier:
                keyid:66:25:9D:EA:3E:9C:AE:6E:81:95:88:C5:C9:13:F0:2D:44:10:39:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/eUSfmNDWjHLVVdw2r1oYYvPXN08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ZiWd6j6crm6BlYjFyRPwLUQQOYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.72.0/22
                  213.232.108.0/22
                IPv6:
                  2a09:5180::/29

    Signature Algorithm: sha256WithRSAEncryption
         59:67:2f:41:bf:df:d4:e6:6b:9f:7f:de:66:ef:d1:90:48:88:
         e0:e9:a1:7a:9b:74:ab:8e:59:75:0d:fe:6e:f9:95:30:a9:f4:
         e4:ba:4b:9e:66:16:09:cd:a5:42:ec:e9:08:43:66:80:56:26:
         e6:fb:63:4c:8a:b4:2e:fc:c8:6e:01:b6:98:34:fa:15:0e:22:
         d9:86:3f:89:e0:b5:4b:63:6f:75:22:cb:96:54:95:e0:de:a4:
         95:4c:a0:8d:43:50:2a:53:af:3b:96:45:27:f6:f6:e7:1d:dd:
         26:c7:c8:6c:4b:17:2f:31:04:00:6d:84:4c:a0:81:b4:39:6a:
         87:be:5c:0f:ee:be:ab:a8:3a:75:f8:6f:21:15:a1:27:d3:21:
         d4:b7:d5:94:1d:4a:67:f3:fa:f5:14:2c:ee:c4:7d:82:f5:36:
         be:d3:5e:7b:68:e1:28:5b:83:d6:a9:5a:c1:ee:a5:1e:d2:16:
         e4:ca:05:15:f9:7b:8d:0e:18:53:a7:1d:6e:99:4a:62:5a:58:
         bb:f1:94:22:5e:3a:e5:9e:a5:6f:98:80:9d:46:7d:ff:b9:65:
         fc:8c:50:9d:9f:84:67:96:14:ec:40:2e:37:71:8a:9a:dd:24:
         4d:17:55:84:85:63:c3:3f:62:9d:f2:61:69:32:a6:2b:e3:7f:
         89:4f:75:88
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYYrUnS4/ojDHM4hwGditlumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MjU5ZGVhM2U5Y2FlNmU4MTk1ODhjNWM5MTNmMDJkNDQx
MDM5OGIwHhcNMjMwMjA3MTAwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTQ0OWY5OGQwZDY4YzcyZDU1NWRjMzZhZjVhMTg2MmYzZDczNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvNQ6j5V6OzcamizBcXfSMzB6j6S
I8xx2BnUouOlI84AU3HKD3H+dxnECT8T1gPxDI2zzXGDcyC78OhYbtvXM04tATgY
oWHgvn9jIxvKfEFVQmyugCim0bQhGLinXbOTBb4Sr/KhNJu5QiS78y5lNCp67d3/
DWusqCbt+5YW7xAvz7NDyZmoSQuBpshOI9pGkpAGY8+hPtccdhjoKgDcLzA5T+xV
P8xGPljSA/n0ZGJ11k04gavbrNA6dautx5Kr8jltkauKionNl+HaH3PWOozp0hys
hcyLm51uCGczZ5b3PSZTEEAzTc9F4q+Q+szCClMvLss+hOhF+Ip22UoG+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHlEn5jQ1oxy1VXcNq9aGGLz1zdPMB8GA1UdIwQY
MBaAFGYlneo+nK5ugZWIxckT8C1EEDmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmlXZDZqNmNybTZCbFlqRnlSUHdMVVFRT1lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wYjMyNDktZmQ0OS00NTY3LWIzNmQt
Y2JiZTMyNDJjMmJkLzEvZVVTZm1ORFdqSExWVmR3MnIxb1lZdlBYTjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wYjMyNDktZmQ0OS00NTY3LWIzNmQtY2JiZTMyNDJjMmJk
LzEvWmlXZDZqNmNybTZCbFlqRnlSUHdMVVFRT1lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZFIAwQC
1ehsMA0EAgACMAcDBQMqCVGAMA0GCSqGSIb3DQEBCwUAA4IBAQBZZy9Bv9/U5muf
f95m79GQSIjg6aF6m3Srjll1Df5u+ZUwqfTkukueZhYJzaVC7OkIQ2aAVibm+2NM
irQu/MhuAbaYNPoVDiLZhj+J4LVLY291IsuWVJXg3qSVTKCNQ1AqU687lkUn9vbn
Hd0mx8hsSxcvMQQAbYRMoIG0OWqHvlwP7r6rqDp1+G8hFaEn0yHUt9WUHUpn8/r1
FCzuxH2C9Ta+0157aOEoW4PWqVrB7qUe0hbkygUV+XuNDhhTpx1umUpiWli78ZQi
XjrlnqVvmICdRn3/uWX8jFCdn4RnlhTsQC43cYqa3SRNF1WEhWPDP2Kd8mFpMqYr
43+JT3WI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:46 2024 by rpki-client on console-fra.rpki-client.org