Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/ey0sG2ujmJouMuEdVwdPF-43418.roa
File:                     ey0sG2ujmJouMuEdVwdPF-43418.roa (raw, json)
Hash identifier:          nKIzF5wUW5eAa6nj+XVQmHXADsxULMeYqzf+C0pr7dI=
Subject key identifier:   7B:2D:2C:1B:6B:A3:98:9A:2E:32:E1:1D:57:07:4F:17:EE:37:E3:5F
Certificate issuer:       /CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Certificate serial:       01857CA898A7EB3B7959117D6D9CC6182A95
Authority key identifier: 74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/ey0sG2ujmJouMuEdVwdPF-43418.roa
Signing time:             Wed 04 Jan 2023 12:01:41 +0000
ROA not before:           Wed 04 Jan 2023 12:01:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        88.212.158.0/24 maxlen: 24
                          88.212.157.0/24 maxlen: 24
                          88.212.156.0/24 maxlen: 24
                          88.212.159.0/24 maxlen: 24
                          185.8.135.0/24 maxlen: 24
                          185.8.134.0/24 maxlen: 24
                          185.8.133.0/24 maxlen: 24
                          83.151.192.0/24 maxlen: 24
                          83.151.193.0/24 maxlen: 24
                          83.151.195.0/24 maxlen: 24
                          83.151.194.0/24 maxlen: 24
                          88.202.210.0/24 maxlen: 24
                          88.202.208.0/24 maxlen: 24
                          88.202.208.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 08:57:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:7c:a8:98:a7:eb:3b:79:59:11:7d:6d:9c:c6:18:2a:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
        Validity
            Not Before: Jan  4 12:01:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b2d2c1b6ba3989a2e32e11d57074f17ee37e35f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a3:87:c2:7e:60:ad:f7:4f:72:dd:52:19:a3:
                    ba:0c:fa:f7:0d:f6:8f:e1:73:76:e6:d5:96:cf:72:
                    4d:44:e8:35:5e:e6:da:ac:32:9b:c6:8b:7b:45:5a:
                    f3:ea:fb:9a:fe:af:43:5d:8e:df:6d:b0:f4:e9:cc:
                    3b:94:51:ff:e7:fd:d6:99:0c:aa:93:98:bf:2a:7f:
                    66:11:27:b7:1d:5a:99:28:32:d5:ba:21:0e:27:7e:
                    ef:46:08:08:69:3c:ea:b8:55:a1:73:d6:7b:db:ec:
                    98:2e:1a:a2:0f:43:a5:d2:34:ac:7b:62:be:b5:fb:
                    3e:03:1a:c7:64:20:e1:b9:a7:3a:bc:29:27:ee:bd:
                    69:36:e9:23:b0:a1:ec:94:b2:05:a8:94:f6:4c:58:
                    08:1e:2f:8e:37:ed:08:a0:28:d2:8e:10:0b:d4:e0:
                    1d:ed:41:0c:59:85:19:60:1f:9a:22:97:19:79:11:
                    72:f6:28:ce:e9:ad:73:c7:0f:11:12:ea:b8:d3:38:
                    7d:29:07:16:23:b9:f3:54:8d:f0:93:8b:10:5b:00:
                    77:90:97:7d:36:85:42:16:35:64:37:33:a9:cf:2a:
                    d5:e2:e7:48:52:39:0a:e5:45:87:ae:59:49:d0:05:
                    a8:64:77:5a:8c:7d:13:25:a4:e4:c0:38:33:66:9b:
                    32:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:2D:2C:1B:6B:A3:98:9A:2E:32:E1:1D:57:07:4F:17:EE:37:E3:5F
            X509v3 Authority Key Identifier:
                keyid:74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/ey0sG2ujmJouMuEdVwdPF-43418.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/dEXd7t-9ctMT6e6MzuroQDzDQUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.151.192.0/22
                  88.202.208.0-88.202.210.255
                  88.212.156.0/22
                  185.8.133.0-185.8.135.255

    Signature Algorithm: sha256WithRSAEncryption
         2c:23:d3:64:3f:db:ba:05:59:40:e1:57:ff:8c:fc:2a:87:d0:
         5a:48:10:e1:81:ad:ff:2d:19:88:bd:93:59:88:4c:ad:86:03:
         78:e9:24:cf:8a:26:6f:cc:3a:a4:00:d3:7e:99:24:c3:87:b3:
         a9:0e:fe:97:c3:d1:33:df:df:fd:db:90:e8:2a:ae:12:c9:3b:
         04:e7:cb:2d:e4:e5:c8:ae:3d:1a:51:14:b8:23:6d:ad:80:d0:
         53:ef:f9:ac:1f:7d:53:02:c2:a5:37:15:bf:5a:a4:e5:e8:c3:
         67:5b:56:5a:ac:77:5a:1a:a9:12:04:f9:9a:59:75:90:16:43:
         7d:74:bd:e7:d7:64:b8:ef:00:fa:e7:ff:29:1f:10:fa:36:5a:
         f7:17:20:40:3d:86:51:04:73:e5:63:a5:1e:57:d2:b4:56:ed:
         0e:74:7f:90:cd:9b:bc:50:c9:12:84:be:48:52:15:96:ff:5c:
         2b:85:31:d9:79:3b:fe:44:ce:11:23:f3:01:e6:f4:dd:19:6c:
         7c:9a:78:f3:c8:d6:ae:2f:a9:66:a3:80:ad:42:89:ae:6e:88:
         93:17:48:cf:2f:f5:e2:bd:2b:7b:af:4a:f1:fe:ad:8d:4b:6c:
         dd:ef:c1:53:39:01:3f:66:43:fc:fa:b3:b4:40:ba:79:aa:de:
         6f:c5:65:85
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYV8qJin6zt5WRF9bZzGGCqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDVkZGVlZGZiZDcyZDMxM2U5ZWU4Y2NlZWFlODQwM2Nj
MzQxNDYwHhcNMjMwMTA0MTIwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJkMmMxYjZiYTM5ODlhMmUzMmUxMWQ1NzA3NGYxN2VlMzdlMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaOHwn5grfdPct1SGaO6DPr3DfaP
4XN25tWWz3JNROg1XubarDKbxot7RVrz6vua/q9DXY7fbbD06cw7lFH/5/3WmQyq
k5i/Kn9mESe3HVqZKDLVuiEOJ37vRggIaTzquFWhc9Z72+yYLhqiD0Ol0jSse2K+
tfs+AxrHZCDhuac6vCkn7r1pNukjsKHslLIFqJT2TFgIHi+ON+0IoCjSjhAL1OAd
7UEMWYUZYB+aIpcZeRFy9ijO6a1zxw8REuq40zh9KQcWI7nzVI3wk4sQWwB3kJd9
NoVCFjVkNzOpzyrV4udIUjkK5UWHrllJ0AWoZHdajH0TJaTkwDgzZpsytQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHstLBtro5iaLjLhHVcHTxfuN+NfMB8GA1UdIwQY
MBaAFHRF3e7fvXLTE+nujM7q6EA8w0FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMt
NmNhMzQwZmE3NDkzLzEvZXkwc0cydWptSm91TXVFZFZ3ZFBGLTQzNDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMtNmNhMzQwZmE3NDkz
LzEvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCU5fAMAwD
BARYytADBABYytIDBAJY1JwwDAMEALkIhQMEA7kIgDANBgkqhkiG9w0BAQsFAAOC
AQEALCPTZD/bugVZQOFX/4z8KofQWkgQ4YGt/y0ZiL2TWYhMrYYDeOkkz4omb8w6
pADTfpkkw4ezqQ7+l8PRM9/f/duQ6CquEsk7BOfLLeTlyK49GlEUuCNtrYDQU+/5
rB99UwLCpTcVv1qk5ejDZ1tWWqx3WhqpEgT5mll1kBZDfXS959dkuO8A+uf/KR8Q
+jZa9xcgQD2GUQRz5WOlHlfStFbtDnR/kM2bvFDJEoS+SFIVlv9cK4Ux2Xk7/kTO
ESPzAeb03RlsfJp488jWri+pZqOArUKJrm6IkxdIzy/14r0re69K8f6tjUts3e/B
UzkBP2ZD/PqztEC6eareb8VlhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:39 2024 by rpki-client on console-fra.rpki-client.org