Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/74MCM6nziMkhyD65AKruqzlgO6U.roa
File:                     74MCM6nziMkhyD65AKruqzlgO6U.roa (raw, json)
Hash identifier:          6DreR7jOrftZeFM3fr3+h/JTkGMnGfLE0ZkOuN3V4rI=
Subject key identifier:   EF:83:02:33:A9:F3:88:C9:21:C8:3E:B9:00:AA:EE:AB:39:60:3B:A5
Certificate issuer:       /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial:       018CEDF402433E5AC3661910B82B60AAA661
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/74MCM6nziMkhyD65AKruqzlgO6U.roa
Signing time:             Tue 09 Jan 2024 11:20:40 +0000
ROA not before:           Tue 09 Jan 2024 11:20:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210107
IP address blocks:        2a05:d745::/32 maxlen: 32
                          2a06:e900::/32 maxlen: 32
                          2a05:d741::/32 maxlen: 32
                          2a05:d744::/32 maxlen: 32
                          2a06:e905::/32 maxlen: 32
                          2a05:d742::/32 maxlen: 32
                          2a06:e903::/32 maxlen: 32
                          2a06:e902::/32 maxlen: 32
                          2a05:d743::/32 maxlen: 32
                          2a05:d747::/32 maxlen: 32
                          2a06:e906::/32 maxlen: 32
                          2a06:e901::/32 maxlen: 32
                          2a05:d740::/32 maxlen: 32
                          2a06:e907::/32 maxlen: 32
                          2a05:d746::/32 maxlen: 32
                          2a06:e904::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 07 Mar 2024 09:49:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ed:f4:02:43:3e:5a:c3:66:19:10:b8:2b:60:aa:a6:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
        Validity
            Not Before: Jan  9 11:20:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ef830233a9f388c921c83eb900aaeeab39603ba5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:91:d1:64:20:c3:3b:28:e0:67:e4:5c:4b:14:
                    ca:ce:74:f6:2a:50:78:cb:f2:7d:41:68:13:b0:6b:
                    4c:7c:50:04:7b:c0:45:29:80:f4:37:d9:f8:c4:2f:
                    b8:5c:33:c6:d8:e4:e1:89:ca:67:51:01:4e:d5:4d:
                    70:e5:1e:a0:a3:84:ea:3f:53:3b:28:49:d9:9c:66:
                    c2:8a:a2:6f:91:0e:70:97:15:01:91:b2:0a:28:42:
                    f3:ab:89:d4:f9:2e:a4:7f:ba:95:f2:7f:69:e3:85:
                    c7:c0:90:28:12:94:e2:4e:81:db:43:53:60:9b:1f:
                    df:99:66:78:bf:14:56:93:e3:4c:29:35:cf:76:b0:
                    df:7c:47:de:01:59:8f:2a:b5:ca:ca:72:98:51:95:
                    bc:cb:45:af:67:e2:04:e9:95:98:f2:1a:7b:75:00:
                    ee:25:69:c1:99:9f:11:ce:6a:45:a4:01:2f:fa:f5:
                    85:3b:43:2a:5b:e7:ea:b8:0d:ea:12:45:f2:f8:b8:
                    37:cb:66:fd:6c:ba:89:1b:17:ed:91:0f:79:c2:7d:
                    53:08:ae:65:4f:06:40:2a:32:8e:da:46:6d:1a:5f:
                    b5:49:cb:ef:c9:74:3b:ab:3f:c2:32:72:ad:1c:79:
                    65:d4:96:05:f2:3c:3b:53:fd:92:61:2a:ce:5d:6b:
                    df:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:83:02:33:A9:F3:88:C9:21:C8:3E:B9:00:AA:EE:AB:39:60:3B:A5
            X509v3 Authority Key Identifier:
                keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/74MCM6nziMkhyD65AKruqzlgO6U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:d740::/29
                  2a06:e900::/29

    Signature Algorithm: sha256WithRSAEncryption
         23:e1:aa:05:5e:05:0a:aa:8a:eb:f1:1d:4b:d5:f7:76:91:f9:
         36:1c:b1:80:c8:b6:a0:e2:0c:5e:9b:30:95:9c:75:bf:9b:2f:
         c0:93:8d:63:1d:31:00:66:3e:d5:91:88:b8:d4:ed:00:1c:0e:
         e3:16:bb:1a:6a:1e:a8:7f:82:39:43:41:6d:74:0a:8e:98:95:
         b9:d1:e7:23:17:83:5e:cd:fd:bc:80:48:ab:db:64:4c:d4:26:
         ef:e8:bf:e3:8e:50:5a:74:0f:1d:01:06:ea:21:c2:e9:96:e6:
         1a:fd:e3:85:ca:06:c9:27:2a:aa:6f:64:21:8a:1b:b7:f0:cf:
         4e:b6:e8:20:d7:a1:b8:53:40:61:c1:27:36:7f:59:5d:b7:16:
         a9:eb:74:2e:82:37:01:d5:22:94:69:d1:44:63:24:7a:98:a5:
         ac:9d:ff:0d:d9:97:a4:f3:7f:95:27:5a:13:b4:01:59:89:4e:
         fc:eb:df:6b:cc:3a:5d:75:f9:89:38:19:3e:36:bf:f0:18:17:
         62:57:9c:cd:60:eb:dd:74:1e:d7:5a:6a:36:c1:6c:50:c9:63:
         cb:6e:74:2e:d2:dc:e5:52:c7:d0:0e:32:33:f2:d2:0c:36:68:
         07:e9:6f:8f:c3:33:ea:74:dd:12:37:ff:dc:e2:a8:5d:fd:d0:
         9f:bb:71:4c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzt9AJDPlrDZhkQuCtgqqZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwMTA5MTEyMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjgzMDIzM2E5ZjM4OGM5MjFjODNlYjkwMGFhZWVhYjM5NjAzYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05HRZCDDOyjgZ+RcSxTKznT2KlB4
y/J9QWgTsGtMfFAEe8BFKYD0N9n4xC+4XDPG2OThicpnUQFO1U1w5R6go4TqP1M7
KEnZnGbCiqJvkQ5wlxUBkbIKKELzq4nU+S6kf7qV8n9p44XHwJAoEpTiToHbQ1Ng
mx/fmWZ4vxRWk+NMKTXPdrDffEfeAVmPKrXKynKYUZW8y0WvZ+IE6ZWY8hp7dQDu
JWnBmZ8RzmpFpAEv+vWFO0MqW+fquA3qEkXy+Lg3y2b9bLqJGxftkQ95wn1TCK5l
TwZAKjKO2kZtGl+1ScvvyXQ7qz/CMnKtHHll1JYF8jw7U/2SYSrOXWvfHQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFO+DAjOp84jJIcg+uQCq7qs5YDulMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvNzRNQ002bnppTWtoeUQ2NUFLcnVxemxnTzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgXXQAMF
AyoG6QAwDQYJKoZIhvcNAQELBQADggEBACPhqgVeBQqqiuvxHUvV93aR+TYcsYDI
tqDiDF6bMJWcdb+bL8CTjWMdMQBmPtWRiLjU7QAcDuMWuxpqHqh/gjlDQW10Co6Y
lbnR5yMXg17N/byASKvbZEzUJu/ov+OOUFp0Dx0BBuohwumW5hr944XKBsknKqpv
ZCGKG7fwz0626CDXobhTQGHBJzZ/WV23FqnrdC6CNwHVIpRp0URjJHqYpayd/w3Z
l6Tzf5UnWhO0AVmJTvzr32vMOl11+Yk4GT42v/AYF2JXnM1g6910HtdaajbBbFDJ
Y8tudC7S3OVSx9AOMjPy0gw2aAfpb4/DM+p03RI3/9ziqF390J+7cUw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:30 2024 by rpki-client on console-fra.rpki-client.org