Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/ji7jbk1ze77CxUMA-TtIegO0vWY.roa
File:                     ji7jbk1ze77CxUMA-TtIegO0vWY.roa (raw, json)
Hash identifier:          vfNrfjILibOT/IFOasv/PshgIOtVuZ+4QRri7ANx95c=
Subject key identifier:   8E:2E:E3:6E:4D:73:7B:BE:C2:C5:43:00:F9:3B:48:7A:03:B4:BD:66
Certificate issuer:       /CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Certificate serial:       01869D68FF4252DE5A941AAD39360F32CA31
Authority key identifier: 9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/ji7jbk1ze77CxUMA-TtIegO0vWY.roa
Signing time:             Wed 01 Mar 2023 13:42:29 +0000
ROA not before:           Wed 01 Mar 2023 13:42:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213145
IP address blocks:        188.125.175.0/24 maxlen: 24
                          188.125.173.0/24 maxlen: 24
                          185.117.99.0/24 maxlen: 24
                          185.14.175.0/24 maxlen: 24
                          185.117.123.0/24 maxlen: 24
                          185.117.120.0/22 maxlen: 24
                          185.117.122.0/24 maxlen: 24
                          188.125.172.0/24 maxlen: 24
                          188.125.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 19 Apr 2023 09:41:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9d:68:ff:42:52:de:5a:94:1a:ad:39:36:0f:32:ca:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e9e6887ea7572a6411306c87b0cc089397a6354
        Validity
            Not Before: Mar  1 13:42:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e2ee36e4d737bbec2c54300f93b487a03b4bd66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:1a:0c:56:6a:3c:27:00:99:7a:08:e4:7f:91:
                    6d:3c:7e:88:3a:0e:eb:aa:d3:70:a1:fe:f0:6c:03:
                    a1:16:6a:62:5c:99:39:14:29:5e:36:0c:fd:33:81:
                    d5:c6:d0:e2:32:5b:57:7b:ca:ea:b1:a3:e3:26:86:
                    7d:99:7b:69:dc:3c:e2:cc:1d:be:ac:39:58:1d:27:
                    de:7b:99:17:95:d0:c1:1b:0f:9f:69:45:0e:0f:fa:
                    91:7e:6f:fb:7e:66:4b:5e:7c:6c:51:c2:94:07:d0:
                    9f:45:e7:10:11:0d:ca:fb:f3:95:98:82:b9:ac:f1:
                    ec:6d:be:12:3d:8f:1d:a9:0e:d7:14:f5:53:55:f9:
                    63:75:c0:1f:df:92:07:0e:d4:ea:2c:a7:1b:3c:fc:
                    70:e7:4e:dd:ff:61:7c:98:23:35:06:23:84:42:1a:
                    bc:09:cd:cf:3b:d1:32:b1:b9:2e:03:08:41:82:2e:
                    e9:46:33:11:00:3d:ba:35:ac:51:90:cf:73:0b:16:
                    8f:ac:66:12:93:af:8f:3e:43:0b:b3:70:76:32:d0:
                    82:0f:01:88:98:bb:01:0b:b9:b1:cb:7d:10:db:d1:
                    a6:83:52:ce:ac:d7:94:e4:ff:7a:10:95:13:6e:c2:
                    53:61:ca:b3:8d:37:c6:1f:9d:6e:18:c4:5c:26:71:
                    fb:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:2E:E3:6E:4D:73:7B:BE:C2:C5:43:00:F9:3B:48:7A:03:B4:BD:66
            X509v3 Authority Key Identifier:
                keyid:9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/ji7jbk1ze77CxUMA-TtIegO0vWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/np5oh-p1cqZBEwbIewzAiTl6Y1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.14.175.0/24
                  185.117.99.0/24
                  185.117.120.0/22
                  188.125.171.0-188.125.173.255
                  188.125.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:17:d6:1c:60:b5:98:71:1f:d7:b8:7d:f2:84:59:3d:6d:ed:
         96:2e:ff:e7:77:ae:31:6d:c8:32:50:eb:76:61:db:e5:b3:3b:
         fd:fa:cb:f2:79:1c:25:0c:12:1b:ef:98:b3:fe:15:86:8c:23:
         96:7d:1a:b8:d0:3b:70:b7:39:74:03:e0:0a:02:8f:b6:63:f4:
         c6:b8:fb:25:cf:85:60:95:08:12:66:e6:6c:4c:d8:42:fa:f1:
         33:3c:b2:f8:e4:d5:aa:9c:de:3a:6b:61:10:26:14:43:0a:4f:
         6f:9c:e6:b2:5c:0c:92:4c:ab:ee:b9:b1:9e:e2:0f:d8:c3:bf:
         78:84:64:73:9a:17:84:f3:d7:8f:50:b0:f5:33:db:61:8b:01:
         07:3e:42:20:74:a6:5a:5e:75:74:3e:ee:88:12:67:43:7c:5a:
         40:04:37:9e:19:8f:5f:68:08:9b:f5:f3:c6:7e:22:e1:51:c7:
         d1:7d:cc:33:9d:f9:eb:a1:f2:d2:29:6e:a6:e4:8a:fe:86:a0:
         57:32:d2:c6:95:84:52:a9:43:f2:83:b8:2d:15:dd:78:91:02:
         7b:37:b4:82:d9:05:0a:8c:4f:39:f2:12:e5:53:d4:74:a8:08:
         6e:18:ba:fd:b8:6b:e5:e5:3b:28:7c:0d:88:1e:f4:d0:f3:a9:
         3f:30:82:52
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYadaP9CUt5alBqtOTYPMsoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOWU2ODg3ZWE3NTcyYTY0MTEzMDZjODdiMGNjMDg5Mzk3
YTYzNTQwHhcNMjMwMzAxMTM0MjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTJlZTM2ZTRkNzM3YmJlYzJjNTQzMDBmOTNiNDg3YTAzYjRiZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxoMVmo8JwCZegjkf5FtPH6IOg7r
qtNwof7wbAOhFmpiXJk5FCleNgz9M4HVxtDiMltXe8rqsaPjJoZ9mXtp3DzizB2+
rDlYHSfee5kXldDBGw+faUUOD/qRfm/7fmZLXnxsUcKUB9CfRecQEQ3K+/OVmIK5
rPHsbb4SPY8dqQ7XFPVTVfljdcAf35IHDtTqLKcbPPxw507d/2F8mCM1BiOEQhq8
Cc3PO9EysbkuAwhBgi7pRjMRAD26NaxRkM9zCxaPrGYSk6+PPkMLs3B2MtCCDwGI
mLsBC7mxy30Q29Gmg1LOrNeU5P96EJUTbsJTYcqzjTfGH51uGMRcJnH7NwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI4u425Nc3u+wsVDAPk7SHoDtL1mMB8GA1UdIwQY
MBaAFJ6eaIfqdXKmQRMGyHsMwIk5emNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAt
ZWM1MDhkZWM3NzkzLzEvamk3amJrMXplNzdDeFVNQS1UdEllZ08wdldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAtZWM1MDhkZWM3Nzkz
LzEvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAuQ6vAwQA
uXVjAwQCuXV4MAwDBAC8fasDBAG8fawDBAC8fa8wDQYJKoZIhvcNAQELBQADggEB
ADkX1hxgtZhxH9e4ffKEWT1t7ZYu/+d3rjFtyDJQ63Zh2+WzO/36y/J5HCUMEhvv
mLP+FYaMI5Z9GrjQO3C3OXQD4AoCj7Zj9Ma4+yXPhWCVCBJm5mxM2EL68TM8svjk
1aqc3jprYRAmFEMKT2+c5rJcDJJMq+65sZ7iD9jDv3iEZHOaF4Tz149QsPUz22GL
AQc+QiB0plpedXQ+7ogSZ0N8WkAEN54Zj19oCJv188Z+IuFRx9F9zDOd+euh8tIp
bqbkiv6GoFcy0saVhFKpQ/KDuC0V3XiRAns3tILZBQqMTznyEuVT1HSoCG4Yuv24
a+XlOyh8DYge9NDzqT8wglI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:58 2024 by rpki-client on console-ams.rpki-client.org