Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/66BCwYNVFLO2Ki34ZNJmCbFmT10.roa
File:                     66BCwYNVFLO2Ki34ZNJmCbFmT10.roa (raw, json)
Hash identifier:          YLR7KeWe/rjb2pd0ywZhbQ5/jGPJGplrtzzeViYIDC4=
Subject key identifier:   EB:A0:42:C1:83:55:14:B3:B6:2A:2D:F8:64:D2:66:09:B1:66:4F:5D
Certificate issuer:       /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial:       018570027695D994F9E8E45C2231503E1428
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/66BCwYNVFLO2Ki34ZNJmCbFmT10.roa
Signing time:             Mon 02 Jan 2023 01:04:47 +0000
ROA not before:           Mon 02 Jan 2023 01:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35473
IP address blocks:        213.87.72.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:76:95:d9:94:f9:e8:e4:5c:22:31:50:3e:14:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
        Validity
            Not Before: Jan  2 01:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eba042c1835514b3b62a2df864d26609b1664f5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:40:4b:4d:24:12:81:4b:b9:51:2f:b7:b6:dc:
                    96:1e:e7:5e:4d:d3:f6:4d:5b:76:43:bd:3d:b5:d4:
                    aa:35:69:f0:22:1f:6e:3a:ce:f0:8d:c0:63:fe:1c:
                    81:f9:71:e4:6b:3a:4e:86:db:ad:35:05:52:5f:b8:
                    88:5e:a2:75:81:8e:a5:50:fd:be:d1:e2:34:43:60:
                    eb:3a:ad:e7:c2:bd:c2:87:68:69:cf:55:e7:ac:c3:
                    07:63:19:f3:dd:62:d3:c2:02:78:39:98:13:83:2d:
                    a4:58:4c:e0:66:ca:2e:9d:81:28:31:4e:e2:ca:5a:
                    1c:f9:97:41:b3:08:90:e2:d8:5d:db:dc:be:b0:87:
                    88:f6:1f:29:a4:0c:f3:ce:2d:27:29:ea:16:38:0f:
                    7e:f9:4e:49:12:04:03:66:05:3b:c1:cc:5b:9b:dd:
                    69:fe:90:32:f2:62:7a:8a:cf:66:3d:82:71:97:a5:
                    a0:66:0d:08:e7:3d:71:df:a7:df:20:3e:12:64:9d:
                    ec:db:0b:11:94:4c:f3:d0:cc:79:73:37:0e:8b:05:
                    3a:25:fc:ad:99:d4:8a:3d:b6:17:06:dc:b4:e4:45:
                    a8:54:65:67:70:cc:92:b6:dc:72:ff:c8:f1:f1:5e:
                    7c:27:0e:2e:51:f1:3d:4a:d6:9f:65:52:1f:98:db:
                    b9:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:A0:42:C1:83:55:14:B3:B6:2A:2D:F8:64:D2:66:09:B1:66:4F:5D
            X509v3 Authority Key Identifier:
                keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/66BCwYNVFLO2Ki34ZNJmCbFmT10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.87.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:29:e1:e0:a1:7a:2f:f8:bf:bd:60:6a:da:5b:2b:75:2c:28:
         89:76:bb:b2:c4:c9:5e:72:25:35:aa:c9:bd:18:3a:ab:a9:8a:
         5d:15:54:57:0c:96:b3:a5:8c:1f:26:a6:6c:e4:79:8b:95:08:
         32:48:ae:84:d6:ce:c2:1c:cf:76:35:0a:41:5b:c9:df:1a:29:
         cf:f9:55:bd:d6:86:8c:b8:50:fe:38:dd:4b:19:0d:47:50:fc:
         95:d1:1a:41:c6:15:f6:8b:9d:04:cc:08:09:9c:8b:dc:56:f6:
         85:8b:db:79:0e:2f:79:be:29:34:b9:3a:82:c2:5e:9d:a1:72:
         c7:42:06:97:e7:47:8b:10:32:3d:0e:2f:8c:67:49:85:44:e6:
         b1:94:3a:0e:8e:1e:a0:31:51:3d:d9:54:9c:05:1e:41:0e:5a:
         78:53:b5:6d:0d:93:b2:c8:ae:ea:b4:ef:24:c2:90:64:02:13:
         b6:66:29:ff:3c:0c:f2:23:85:b8:b6:53:cf:ba:cc:99:16:cb:
         e3:2e:b8:1c:c4:c3:7b:15:3d:86:10:64:69:04:f4:9c:a1:f6:
         1f:f9:77:a4:81:6e:08:72:5f:21:25:c6:6e:e1:85:00:9c:c2:
         00:e1:85:ab:c3:84:5f:89:49:12:b6:cb:6e:c5:a6:1c:92:e3:
         e0:20:6c:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAnaV2ZT56ORcIjFQPhQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTAyMDEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmEwNDJjMTgzNTUxNGIzYjYyYTJkZjg2NGQyNjYwOWIxNjY0ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEBLTSQSgUu5US+3ttyWHudeTdP2
TVt2Q709tdSqNWnwIh9uOs7wjcBj/hyB+XHkazpOhtutNQVSX7iIXqJ1gY6lUP2+
0eI0Q2DrOq3nwr3Ch2hpz1XnrMMHYxnz3WLTwgJ4OZgTgy2kWEzgZsounYEoMU7i
yloc+ZdBswiQ4thd29y+sIeI9h8ppAzzzi0nKeoWOA9++U5JEgQDZgU7wcxbm91p
/pAy8mJ6is9mPYJxl6WgZg0I5z1x36ffID4SZJ3s2wsRlEzz0Mx5czcOiwU6Jfyt
mdSKPbYXBty05EWoVGVncMySttxy/8jx8V58Jw4uUfE9StafZVIfmNu5zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOugQsGDVRSztiot+GTSZgmxZk9dMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvNjZCQ3dZTlZGTE8yS2kzNFpOSm1DYkZtVDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1VdIMA0G
CSqGSIb3DQEBCwUAA4IBAQA8KeHgoXov+L+9YGraWyt1LCiJdruyxMleciU1qsm9
GDqrqYpdFVRXDJazpYwfJqZs5HmLlQgySK6E1s7CHM92NQpBW8nfGinP+VW91oaM
uFD+ON1LGQ1HUPyV0RpBxhX2i50EzAgJnIvcVvaFi9t5Di95vik0uTqCwl6doXLH
QgaX50eLEDI9Di+MZ0mFROaxlDoOjh6gMVE92VScBR5BDlp4U7VtDZOyyK7qtO8k
wpBkAhO2Zin/PAzyI4W4tlPPusyZFsvjLrgcxMN7FT2GEGRpBPScofYf+XekgW4I
cl8hJcZu4YUAnMIA4YWrw4RfiUkStstuxaYckuPgIGzG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:30 2024 by rpki-client on console-ams.rpki-client.org