Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/eeAIkBu3py8kAIiyJw6SqR8BFaM.roa
File:                     eeAIkBu3py8kAIiyJw6SqR8BFaM.roa (raw, json)
Hash identifier:          yrlgvGSGutVr9/9aDHewwsiPaYzHoZMIHyO45bKmlgM=
Subject key identifier:   79:E0:08:90:1B:B7:A7:2F:24:00:88:B2:27:0E:92:A9:1F:01:15:A3
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       018B8B5E05026472138F20B84EA61DF1BDF8
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/eeAIkBu3py8kAIiyJw6SqR8BFaM.roa
Signing time:             Wed 01 Nov 2023 14:51:16 +0000
ROA not before:           Wed 01 Nov 2023 14:51:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42303
IP address blocks:        185.55.8.0/22 maxlen: 22
                          5.35.184.0/21 maxlen: 21
                          46.182.200.0/24 maxlen: 24
                          46.182.200.0/21 maxlen: 24
                          46.182.204.0/24 maxlen: 24
                          46.182.203.0/24 maxlen: 24
                          46.182.202.0/24 maxlen: 24
                          46.182.201.0/24 maxlen: 24
                          46.182.206.0/24 maxlen: 24
                          46.182.205.0/24 maxlen: 24
                          151.236.200.0/21 maxlen: 24
                          193.149.178.0/24 maxlen: 24
                          77.72.96.0/21 maxlen: 21
                          94.127.32.0/21 maxlen: 21
                          185.153.212.0/22 maxlen: 24
                          2a02:470::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 02 Nov 2023 09:58:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8b:5e:05:02:64:72:13:8f:20:b8:4e:a6:1d:f1:bd:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Nov  1 14:51:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=79e008901bb7a72f240088b2270e92a91f0115a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:89:5d:94:9c:43:a1:fe:be:ca:ac:93:6d:9e:
                    3f:bf:7e:3d:ea:8f:0e:d2:49:42:67:24:72:36:21:
                    3f:b9:a2:4b:99:29:ab:83:ba:df:ef:9e:44:01:28:
                    69:09:07:a4:48:41:36:ec:a8:32:ec:80:fc:70:9d:
                    28:31:f8:ac:20:a5:6e:53:50:5a:c1:3a:57:13:b3:
                    6c:cb:fe:41:d8:11:3b:98:34:3e:17:ae:28:79:0c:
                    75:7c:d7:05:15:75:d6:a7:d6:41:c8:a8:34:6e:1f:
                    d6:27:41:b5:84:d0:de:aa:0c:a1:77:a1:71:0b:60:
                    99:4c:b0:fe:ac:d0:97:64:9a:0a:5c:26:4b:85:6e:
                    14:af:0e:65:65:c8:ba:91:87:5e:21:4b:98:d2:76:
                    66:61:97:55:e2:7f:12:b7:36:c3:ad:ab:dd:8c:e2:
                    c3:65:37:d6:97:07:70:11:90:ed:15:b4:32:bd:ed:
                    0c:6f:f9:a7:31:75:33:dc:15:7c:40:5f:a8:77:b2:
                    c1:c2:df:13:63:75:d4:df:ea:6b:6d:b9:7c:19:fd:
                    f4:0c:ee:26:c3:d8:21:bb:a2:9e:1f:13:90:5d:c0:
                    66:62:cd:b5:fb:d2:2f:36:7a:17:ce:de:e6:c0:9b:
                    c6:13:52:88:41:39:e9:d3:17:b8:85:17:44:fa:64:
                    d5:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:E0:08:90:1B:B7:A7:2F:24:00:88:B2:27:0E:92:A9:1F:01:15:A3
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/eeAIkBu3py8kAIiyJw6SqR8BFaM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.35.184.0/21
                  46.182.200.0/21
                  77.72.96.0/21
                  94.127.32.0/21
                  151.236.200.0/21
                  185.55.8.0/22
                  185.153.212.0/22
                  193.149.178.0/24
                IPv6:
                  2a02:470::/32

    Signature Algorithm: sha256WithRSAEncryption
         55:20:47:96:23:8e:79:73:0e:fc:f3:b7:8b:3a:53:97:22:3d:
         67:0c:31:03:b6:66:94:cb:ef:76:5a:4b:0e:17:60:2c:e1:64:
         54:5c:0d:7e:48:e8:8e:e2:f3:8a:ea:c1:06:f3:d2:5d:26:d7:
         ab:e8:54:83:48:77:ff:88:c4:36:94:e9:be:52:b3:f6:bd:bd:
         3d:b3:7b:b5:b6:50:99:94:0c:0c:0a:bd:59:35:62:f5:77:47:
         e6:74:b2:e9:f3:a9:eb:b0:86:8d:36:80:4e:58:73:06:09:88:
         27:dd:8b:c9:65:cd:50:d6:77:79:ad:38:ee:cd:21:9a:bd:69:
         b3:8f:54:c8:b2:44:34:c9:a2:46:85:fc:bc:3e:36:09:9c:d0:
         b8:6b:a9:40:4e:e7:37:2c:e3:74:cb:90:a3:d8:cb:20:0e:77:
         a0:13:a5:ee:cf:34:3a:61:3f:80:73:e9:2a:1c:54:90:8d:27:
         51:07:d2:10:57:26:27:a0:ac:f7:56:0c:5d:8a:a4:9c:d2:34:
         4f:5b:b1:6d:47:22:d9:e7:7a:d9:02:d0:90:0a:4f:43:61:db:
         4e:01:f1:b3:1b:fa:af:a4:8b:b8:0f:e2:7a:9f:17:ab:bf:55:
         ef:d0:52:af:7d:3f:3d:61:4e:ae:9c:f4:0d:cf:a7:c0:a6:2b:
         06:25:af:27
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYuLXgUCZHITjyC4TqYd8b34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjMxMTAxMTQ1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWUwMDg5MDFiYjdhNzJmMjQwMDg4YjIyNzBlOTJhOTFmMDExNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4ldlJxDof6+yqyTbZ4/v3496o8O
0klCZyRyNiE/uaJLmSmrg7rf755EAShpCQekSEE27Kgy7ID8cJ0oMfisIKVuU1Ba
wTpXE7Nsy/5B2BE7mDQ+F64oeQx1fNcFFXXWp9ZByKg0bh/WJ0G1hNDeqgyhd6Fx
C2CZTLD+rNCXZJoKXCZLhW4Urw5lZci6kYdeIUuY0nZmYZdV4n8StzbDravdjOLD
ZTfWlwdwEZDtFbQyve0Mb/mnMXUz3BV8QF+od7LBwt8TY3XU3+prbbl8Gf30DO4m
w9ghu6KeHxOQXcBmYs21+9IvNnoXzt7mwJvGE1KIQTnp0xe4hRdE+mTV6wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHngCJAbt6cvJACIsicOkqkfARWjMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvZWVBSWtCdTNweThrQUlpeUp3NlNxUjhCRmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBSO4AwQD
LrbIAwQDTUhgAwQDXn8gAwQDl+zIAwQCuTcIAwQCuZnUAwQAwZWyMA0EAgACMAcD
BQAqAgRwMA0GCSqGSIb3DQEBCwUAA4IBAQBVIEeWI455cw7887eLOlOXIj1nDDED
tmaUy+92WksOF2As4WRUXA1+SOiO4vOK6sEG89JdJter6FSDSHf/iMQ2lOm+UrP2
vb09s3u1tlCZlAwMCr1ZNWL1d0fmdLLp86nrsIaNNoBOWHMGCYgn3YvJZc1Q1nd5
rTjuzSGavWmzj1TIskQ0yaJGhfy8PjYJnNC4a6lATuc3LON0y5Cj2MsgDnegE6Xu
zzQ6YT+Ac+kqHFSQjSdRB9IQVyYnoKz3VgxdiqSc0jRPW7FtRyLZ53rZAtCQCk9D
YdtOAfGzG/qvpIu4D+J6nxerv1Xv0FKvfT89YU6unPQNz6fApisGJa8n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:23 2024 by rpki-client on console-ams.rpki-client.org