Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/eivihqEwWpFAEcmrREVutYWa47Q.roa
File:                     eivihqEwWpFAEcmrREVutYWa47Q.roa (raw, json)
Hash identifier:          83M2v7Q6QChCE2vBCxad2e8TaYtzMfD8tecJDVW4yMw=
Subject key identifier:   7A:2B:E2:86:A1:30:5A:91:40:11:C9:AB:44:45:6E:B5:85:9A:E3:B4
Certificate issuer:       /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial:       018C3E4D2F3A311C96F8B7AFDB262E3F77D6
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/eivihqEwWpFAEcmrREVutYWa47Q.roa
Signing time:             Wed 06 Dec 2023 08:44:54 +0000
ROA not before:           Wed 06 Dec 2023 08:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8814
IP address blocks:        212.47.132.0/22 maxlen: 22
                          212.47.128.0/22 maxlen: 22
                          212.47.144.0/22 maxlen: 22
                          212.47.140.0/22 maxlen: 22
                          212.47.148.0/22 maxlen: 22
                          158.181.44.0/22 maxlen: 22
                          158.181.40.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 10 Dec 2023 21:58:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3e:4d:2f:3a:31:1c:96:f8:b7:af:db:26:2e:3f:77:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
        Validity
            Not Before: Dec  6 08:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7a2be286a1305a914011c9ab44456eb5859ae3b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:bf:7d:5f:1a:66:6f:40:2d:d6:2e:d5:94:3a:
                    c7:83:6a:d6:cc:f9:ac:9b:14:66:da:68:41:ea:58:
                    d3:08:11:d3:07:97:97:4f:67:74:fb:4c:2a:ce:cb:
                    92:e5:96:e7:0a:ab:f4:86:c8:f6:bf:a5:c2:14:9b:
                    07:6c:7c:76:0a:0f:cd:63:96:fd:31:cc:d1:67:42:
                    95:6f:40:9d:54:c7:4d:74:16:cc:ee:f6:20:0e:72:
                    4c:2b:b0:23:ab:ef:5e:00:f2:8c:b6:b6:60:12:a8:
                    00:06:f2:f4:ba:2c:ac:42:01:ab:49:71:4a:d2:c4:
                    a2:c3:34:e4:f4:fd:19:b2:e0:ea:86:3e:0f:53:84:
                    fb:7f:27:eb:0a:c4:bd:20:23:88:ef:2a:63:45:0f:
                    1e:4e:ed:fb:5c:35:0f:db:e1:26:e8:ac:1f:9d:a7:
                    22:08:d4:64:0f:9b:46:05:cf:78:e8:9e:03:40:cd:
                    51:28:b4:25:20:47:b9:36:79:82:c5:e2:1c:57:18:
                    91:f6:8d:73:8d:df:e6:ba:24:43:87:56:76:a2:b4:
                    ef:5e:06:27:11:21:2a:53:1b:13:fa:6e:68:6c:cc:
                    09:82:50:33:8b:a7:5b:cf:cf:ef:b8:ba:ba:01:bd:
                    cd:03:00:ad:2e:d1:60:62:55:dd:e8:b4:cf:07:d5:
                    8f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:2B:E2:86:A1:30:5A:91:40:11:C9:AB:44:45:6E:B5:85:9A:E3:B4
            X509v3 Authority Key Identifier:
                keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/eivihqEwWpFAEcmrREVutYWa47Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.181.40.0/21
                  212.47.128.0/21
                  212.47.140.0-212.47.151.255

    Signature Algorithm: sha256WithRSAEncryption
         48:d7:f2:8a:97:bb:87:be:ab:da:98:51:21:f4:1e:5d:03:35:
         ef:e9:36:e6:b3:22:d5:ee:65:1f:89:44:82:07:4a:1d:84:41:
         49:98:b4:f9:cf:a9:89:c4:8d:94:32:e0:59:3c:48:37:93:19:
         11:fc:8f:9b:fb:75:ff:34:97:59:b4:9c:e0:27:9f:a0:3d:e8:
         32:23:fd:50:65:64:78:56:58:fc:f3:ff:44:be:1b:36:27:89:
         17:ee:58:a1:4a:84:cc:56:d4:14:2e:30:94:40:aa:e0:c7:37:
         77:e4:63:57:90:59:1e:d8:93:b1:44:13:1a:23:c6:01:9f:c2:
         df:cd:af:92:a4:df:0e:0a:9d:90:dc:8f:4e:d2:18:2f:5b:df:
         c8:2f:83:08:9a:58:d9:59:bb:d4:46:ff:0e:44:66:ef:e5:26:
         60:ed:8b:42:96:ce:cc:9a:59:32:2c:0d:cf:e3:25:b3:42:d0:
         2f:fb:91:99:6f:ad:cf:83:c9:22:95:1e:c9:fd:99:35:bd:d6:
         d5:16:4f:30:06:6d:63:c5:84:53:c9:21:a4:e4:f9:17:87:40:
         f8:78:e5:66:b7:60:43:05:13:90:8e:6e:ef:86:a2:bf:80:99:
         85:67:4e:7c:1c:e4:c0:15:e4:7e:2e:71:28:8d:58:13:38:cd:
         1f:24:86:17
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYw+TS86MRyW+Lev2yYuP3fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjMxMjA2MDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTJiZTI4NmExMzA1YTkxNDAxMWM5YWI0NDQ1NmViNTg1OWFlM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL99Xxpmb0At1i7VlDrHg2rWzPms
mxRm2mhB6ljTCBHTB5eXT2d0+0wqzsuS5ZbnCqv0hsj2v6XCFJsHbHx2Cg/NY5b9
MczRZ0KVb0CdVMdNdBbM7vYgDnJMK7Ajq+9eAPKMtrZgEqgABvL0uiysQgGrSXFK
0sSiwzTk9P0ZsuDqhj4PU4T7fyfrCsS9ICOI7ypjRQ8eTu37XDUP2+Em6Kwfnaci
CNRkD5tGBc946J4DQM1RKLQlIEe5NnmCxeIcVxiR9o1zjd/muiRDh1Z2orTvXgYn
ESEqUxsT+m5obMwJglAzi6dbz8/vuLq6Ab3NAwCtLtFgYlXd6LTPB9WPKQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHor4oahMFqRQBHJq0RFbrWFmuO0MB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvZWl2aWhxRXdXcEZBRWNtclJFVnV0WVdhNDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDnrUoAwQD
1C+AMAwDBALUL4wDBAPUL5AwDQYJKoZIhvcNAQELBQADggEBAEjX8oqXu4e+q9qY
USH0Hl0DNe/pNuazItXuZR+JRIIHSh2EQUmYtPnPqYnEjZQy4Fk8SDeTGRH8j5v7
df80l1m0nOAnn6A96DIj/VBlZHhWWPzz/0S+GzYniRfuWKFKhMxW1BQuMJRAquDH
N3fkY1eQWR7Yk7FEExojxgGfwt/Nr5Kk3w4KnZDcj07SGC9b38gvgwiaWNlZu9RG
/w5EZu/lJmDti0KWzsyaWTIsDc/jJbNC0C/7kZlvrc+DySKVHsn9mTW91tUWTzAG
bWPFhFPJIaTk+ReHQPh45Wa3YEMFE5CObu+Gor+AmYVnTnwc5MAV5H4ucSiNWBM4
zR8khhc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:51 2024 by rpki-client on console-ams.rpki-client.org