Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/evAefIT-5ivxFK3OeDxA8bVKH9U.roa
File:                     evAefIT-5ivxFK3OeDxA8bVKH9U.roa (raw, json)
Hash identifier:          Fgt8jkjfjHQnlZsyZ1jAIW3gkRZkXtyt6wn/Yak8EBw=
Subject key identifier:   7A:F0:1E:7C:84:FE:E6:2B:F1:14:AD:CE:78:3C:40:F1:B5:4A:1F:D5
Certificate issuer:       /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial:       018CC424F641A85BE858815097A25207BCED
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/evAefIT-5ivxFK3OeDxA8bVKH9U.roa
Signing time:             Mon 01 Jan 2024 08:30:05 +0000
ROA not before:           Mon 01 Jan 2024 08:30:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209371
IP address blocks:        193.35.152.0/24 maxlen: 24
                          193.35.155.0/24 maxlen: 24
                          185.88.175.0/24 maxlen: 24
                          193.223.106.0/24 maxlen: 24
                          185.243.181.0/24 maxlen: 24
                          185.184.24.0/24 maxlen: 24
                          185.249.200.0/24 maxlen: 24
                          185.249.203.0/24 maxlen: 24
                          185.249.201.0/24 maxlen: 24
                          193.160.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Aug 2024 16:34:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:f6:41:a8:5b:e8:58:81:50:97:a2:52:07:bc:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
        Validity
            Not Before: Jan  1 08:30:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7af01e7c84fee62bf114adce783c40f1b54a1fd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:28:5a:19:5c:ea:1b:cf:87:c4:ee:d7:38:81:
                    ab:34:f9:27:df:40:d2:e1:94:35:e0:0e:4d:af:1c:
                    7e:19:e8:e8:4c:ca:31:52:90:bf:71:91:a7:d2:d9:
                    e8:45:98:29:bf:65:8c:65:6a:d8:4f:47:78:df:1f:
                    61:a4:70:8c:cc:5e:6e:b4:41:72:d4:99:e4:d6:fa:
                    20:f0:17:f8:92:ab:48:42:8e:7a:b7:13:4f:2b:d8:
                    a2:d0:84:11:e9:07:3a:9c:9b:92:65:05:ce:a6:cb:
                    25:3c:d1:22:22:c9:0b:1f:c6:2d:75:ec:75:6c:d6:
                    8e:8b:1b:f0:b2:ad:df:88:21:ff:85:29:d1:0b:ee:
                    73:e7:e4:62:6a:1d:8c:28:2a:45:b5:0d:38:63:ef:
                    c0:c4:6d:02:62:89:db:7d:97:95:35:68:ee:40:36:
                    6e:dd:99:ba:c0:49:65:e7:6b:84:ac:3a:28:29:39:
                    16:60:bd:9a:71:4d:3a:81:4a:57:cb:95:da:60:f2:
                    cd:c2:d7:7d:0e:51:f2:0e:97:17:94:91:e6:db:4c:
                    14:41:9f:84:cf:df:8d:f2:9d:86:74:32:fa:7d:fe:
                    95:ea:d3:21:f0:82:cd:78:8a:bc:19:bd:54:cb:e7:
                    9a:84:68:0b:ba:e7:dd:7e:d8:f9:44:5a:ca:5a:25:
                    52:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:F0:1E:7C:84:FE:E6:2B:F1:14:AD:CE:78:3C:40:F1:B5:4A:1F:D5
            X509v3 Authority Key Identifier:
                keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/evAefIT-5ivxFK3OeDxA8bVKH9U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.88.175.0/24
                  185.184.24.0/24
                  185.243.181.0/24
                  185.249.200.0/23
                  185.249.203.0/24
                  193.35.152.0/24
                  193.35.155.0/24
                  193.160.140.0/24
                  193.223.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:72:a0:ee:09:2d:47:34:f3:a0:2e:6e:34:60:41:4d:c7:83:
         14:ad:ab:5e:d3:34:1e:f4:72:74:c9:1a:b3:71:0e:2f:12:7e:
         78:bf:73:d4:66:50:d1:3f:e0:0a:7a:e0:3e:23:03:c5:fe:17:
         28:b0:be:84:ea:52:17:7b:2d:bc:24:3e:88:ab:05:6a:41:24:
         8f:5f:7a:28:ea:d8:23:61:4d:35:76:e0:63:66:4c:8a:f6:9e:
         d2:67:04:7e:32:e0:3a:80:77:c5:d3:d3:87:d9:2e:f0:98:4b:
         39:fc:bb:0f:43:86:34:cb:c5:65:99:ee:b3:7c:76:32:70:19:
         f6:c5:97:20:4a:a6:72:cd:51:29:66:fb:29:6b:9a:5d:65:05:
         a2:54:b4:91:b5:51:8f:04:d6:75:dd:cb:b9:e1:81:2f:f3:e1:
         73:b6:e8:b3:ac:29:02:af:f3:95:8c:f1:f4:b9:3a:47:4f:e9:
         f7:83:bc:b4:30:be:12:57:1c:eb:aa:45:7e:4d:96:08:da:7a:
         a3:ff:7c:d7:11:fb:45:a7:4a:90:63:8d:14:cc:5b:79:e8:fb:
         88:dc:42:a4:6e:a0:21:6a:2b:58:b2:fb:e4:2f:38:e6:bc:fd:
         b9:2a:3a:74:07:59:30:e1:d8:87:7b:7a:4f:2a:6b:86:e1:37:
         e0:9f:09:2d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzEJPZBqFvoWIFQl6JSB7ztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWYwMWU3Yzg0ZmVlNjJiZjExNGFkY2U3ODNjNDBmMWI1NGExZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoihaGVzqG8+HxO7XOIGrNPkn30DS
4ZQ14A5Nrxx+GejoTMoxUpC/cZGn0tnoRZgpv2WMZWrYT0d43x9hpHCMzF5utEFy
1Jnk1vog8Bf4kqtIQo56txNPK9ii0IQR6Qc6nJuSZQXOpsslPNEiIskLH8Ytdex1
bNaOixvwsq3fiCH/hSnRC+5z5+Riah2MKCpFtQ04Y+/AxG0CYonbfZeVNWjuQDZu
3Zm6wEll52uErDooKTkWYL2acU06gUpXy5XaYPLNwtd9DlHyDpcXlJHm20wUQZ+E
z9+N8p2GdDL6ff6V6tMh8ILNeIq8Gb1Uy+eahGgLuufdftj5RFrKWiVSsQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHrwHnyE/uYr8RStzng8QPG1Sh/VMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZXZBZWZJVC01aXZ4RkszT2VEeEE4YlZLSDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAuVivAwQA
ubgYAwQAufO1AwQBufnIAwQAufnLAwQAwSOYAwQAwSObAwQAwaCMAwQAwd9qMA0G
CSqGSIb3DQEBCwUAA4IBAQCicqDuCS1HNPOgLm40YEFNx4MUrate0zQe9HJ0yRqz
cQ4vEn54v3PUZlDRP+AKeuA+IwPF/hcosL6E6lIXey28JD6IqwVqQSSPX3oo6tgj
YU01duBjZkyK9p7SZwR+MuA6gHfF09OH2S7wmEs5/LsPQ4Y0y8Vlme6zfHYycBn2
xZcgSqZyzVEpZvspa5pdZQWiVLSRtVGPBNZ13cu54YEv8+FztuizrCkCr/OVjPH0
uTpHT+n3g7y0ML4SVxzrqkV+TZYI2nqj/3zXEftFp0qQY40UzFt56PuI3EKkbqAh
aitYsvvkLzjmvP25Kjp0B1kw4diHe3pPKmuG4Tfgnwkt
-----END CERTIFICATE-----
Generated at Mon Aug 19 19:13:12 2024 by rpki-client on console-fra.rpki-client.org