Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/EM8yIVooSuttuzD_M0FohUzzPzM.roa
File:                     EM8yIVooSuttuzD_M0FohUzzPzM.roa (raw, json)
Hash identifier:          5btapvQhGp3Gw+AXgTsLj6vWD+hYjuYBJR3YAeZUlsI=
Subject key identifier:   10:CF:32:21:5A:28:4A:EB:6D:BB:30:FF:33:41:68:85:4C:F3:3F:33
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       0187224A70A02946E334F916672F0AC6BDD7
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/EM8yIVooSuttuzD_M0FohUzzPzM.roa
Signing time:             Mon 27 Mar 2023 08:58:36 +0000
ROA not before:           Mon 27 Mar 2023 08:58:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        178.20.28.0/22 maxlen: 24
                          193.31.126.0/24 maxlen: 24
                          45.159.21.0/24 maxlen: 24
                          45.159.22.0/24 maxlen: 24
                          88.218.45.0/24 maxlen: 24
                          88.218.47.0/24 maxlen: 24
                          194.99.24.0/24 maxlen: 24
                          77.83.24.0/22 maxlen: 24
                          194.99.26.0/24 maxlen: 24
                          193.151.190.0/23 maxlen: 24
                          193.151.189.0/24 maxlen: 24
                          83.97.116.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 07 Jun 2023 17:37:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:22:4a:70:a0:29:46:e3:34:f9:16:67:2f:0a:c6:bd:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Mar 27 08:58:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10cf32215a284aeb6dbb30ff334168854cf33f33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:11:0f:a6:ca:a7:56:8e:6f:f9:ba:8a:f9:e3:
                    af:85:a4:07:4c:c3:e2:55:d2:25:be:9b:da:67:9d:
                    54:01:73:8a:ad:6d:c8:ed:d7:50:5f:f9:d2:05:7f:
                    88:7c:0e:f6:95:0b:a2:16:c2:7b:87:a6:48:a0:bf:
                    f9:00:ce:ba:3c:a1:56:c1:f1:39:dc:4d:46:69:55:
                    09:0a:4d:00:bc:5d:e3:f6:39:f4:a9:a2:4b:92:df:
                    79:be:3f:f7:7a:6b:64:f5:df:36:e5:06:0f:45:59:
                    52:8b:e0:49:05:52:d9:1e:5e:ab:3c:57:4b:2d:d0:
                    e5:ec:c0:f5:84:cf:9a:74:8e:b8:64:90:63:7d:71:
                    07:51:a3:4c:5a:3d:c5:19:b7:5a:f5:d0:39:cf:a7:
                    48:ff:74:e0:af:b7:84:34:1b:15:ee:d8:05:92:0a:
                    2a:28:39:9a:fe:ab:10:57:62:5a:33:00:df:96:dd:
                    c3:3c:5c:c8:e9:ba:6c:b4:c6:3f:44:29:0f:05:8b:
                    6a:51:55:38:34:20:61:7b:2e:d3:81:04:77:3e:82:
                    e8:b0:39:d7:9b:2d:65:8c:da:27:b8:b7:40:3a:8e:
                    09:0e:28:7e:3b:9e:44:e6:07:7a:d2:08:51:01:54:
                    46:1a:92:8a:3b:e4:e2:2a:a4:b7:6a:97:97:2f:ff:
                    3f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:CF:32:21:5A:28:4A:EB:6D:BB:30:FF:33:41:68:85:4C:F3:3F:33
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/EM8yIVooSuttuzD_M0FohUzzPzM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.21.0-45.159.22.255
                  77.83.24.0/22
                  83.97.116.0/22
                  88.218.45.0/24
                  88.218.47.0/24
                  178.20.28.0/22
                  193.31.126.0/24
                  193.151.189.0-193.151.191.255
                  194.99.24.0/24
                  194.99.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:8b:57:3a:5f:fa:37:99:29:38:9a:99:85:66:4d:79:b9:10:
         25:5c:61:85:44:bf:7f:f7:a2:f1:2e:aa:1b:0a:61:06:19:99:
         e6:d1:ba:28:46:9e:66:2c:29:a9:a7:61:22:bd:99:c9:e8:d3:
         26:ab:db:d6:20:0d:c3:c6:06:20:0d:45:c8:30:c4:4e:82:0a:
         83:dd:cb:7c:4e:70:d2:f1:6d:af:92:7e:4f:db:81:d0:ac:82:
         45:26:27:8a:03:5f:87:4d:bd:c3:a8:d3:48:ce:10:32:db:8e:
         3c:bd:fa:d6:bd:17:ed:96:ca:93:b1:a1:e3:dd:55:f1:63:42:
         e0:73:a5:27:28:df:90:5d:48:12:59:06:e5:eb:d8:9c:fa:63:
         7e:83:b0:da:c1:7f:4a:9b:16:d2:68:76:66:2f:9b:fc:2c:ef:
         55:8d:03:75:78:63:7c:17:98:a5:5a:a2:c7:45:56:20:76:d8:
         43:77:8e:c3:5d:25:0b:72:79:38:bc:0b:e0:ca:a5:6a:49:f9:
         be:92:97:ad:84:b9:57:87:c5:10:81:31:c7:29:b7:7b:65:7c:
         67:99:d3:55:ff:89:21:d2:32:0b:d6:35:4e:13:bc:01:d0:a5:
         a7:16:bf:8b:36:19:02:3d:64:b5:07:2d:05:60:20:8a:c2:6f:
         ce:13:4e:69
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYciSnCgKUbjNPkWZy8Kxr3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI3MDg1ODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNmMzIyMTVhMjg0YWViNmRiYjMwZmYzMzQxNjg4NTRjZjMzZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixEPpsqnVo5v+bqK+eOvhaQHTMPi
VdIlvpvaZ51UAXOKrW3I7ddQX/nSBX+IfA72lQuiFsJ7h6ZIoL/5AM66PKFWwfE5
3E1GaVUJCk0AvF3j9jn0qaJLkt95vj/3emtk9d825QYPRVlSi+BJBVLZHl6rPFdL
LdDl7MD1hM+adI64ZJBjfXEHUaNMWj3FGbda9dA5z6dI/3Tgr7eENBsV7tgFkgoq
KDma/qsQV2JaMwDflt3DPFzI6bpstMY/RCkPBYtqUVU4NCBhey7TgQR3PoLosDnX
my1ljNonuLdAOo4JDih+O55E5gd60ghRAVRGGpKKO+TiKqS3apeXL/8/XQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFBDPMiFaKErrbbsw/zNBaIVM8z8zMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvRU04eUlWb29TdXR0dXpEX00wRm9oVXp6UHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAAtnxUD
BAAtnxYDBAJNUxgDBAJTYXQDBABY2i0DBABY2i8DBAKyFBwDBADBH34wDAMEAMGX
vQMEBsGXgAMEAMJjGAMEAMJjGjANBgkqhkiG9w0BAQsFAAOCAQEAMYtXOl/6N5kp
OJqZhWZNebkQJVxhhUS/f/ei8S6qGwphBhmZ5tG6KEaeZiwpqadhIr2ZyejTJqvb
1iANw8YGIA1FyDDEToIKg93LfE5w0vFtr5J+T9uB0KyCRSYnigNfh029w6jTSM4Q
MtuOPL361r0X7ZbKk7Gh491V8WNC4HOlJyjfkF1IElkG5evYnPpjfoOw2sF/SpsW
0mh2Zi+b/CzvVY0DdXhjfBeYpVqix0VWIHbYQ3eOw10lC3J5OLwL4Mqlakn5vpKX
rYS5V4fFEIExxym3e2V8Z5nTVf+JIdIyC9Y1ThO8AdClpxa/izYZAj1ktQctBWAg
isJvzhNOaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org