Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/E1R7drgLQA30s7byEuNNb3gKq4E.roa
File:                     E1R7drgLQA30s7byEuNNb3gKq4E.roa (raw, json)
Hash identifier:          H98M43VppiWnRIbGBSGZV204R7TrbKu7bpDEEFZ/D60=
Subject key identifier:   13:54:7B:76:B8:0B:40:0D:F4:B3:B6:F2:12:E3:4D:6F:78:0A:AB:81
Certificate issuer:       /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial:       01856B9361DB897321B5A927A6ACA8592531
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/E1R7drgLQA30s7byEuNNb3gKq4E.roa
Signing time:             Sun 01 Jan 2023 04:24:58 +0000
ROA not before:           Sun 01 Jan 2023 04:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1299
IP address blocks:        193.56.168.0/22 maxlen: 24
                          91.92.18.0/23 maxlen: 24
                          45.152.184.0/22 maxlen: 24
                          45.129.48.0/22 maxlen: 24
                          185.107.84.0/22 maxlen: 24
                          185.61.144.0/22 maxlen: 24
                          109.70.16.0/21 maxlen: 24
                          45.11.148.0/22 maxlen: 24
                          45.85.176.0/22 maxlen: 24
                          80.240.176.0/20 maxlen: 24
                          185.163.60.0/22 maxlen: 24
                          185.203.180.0/22 maxlen: 24
                          45.90.224.0/22 maxlen: 24
                          5.252.60.0/22 maxlen: 24
                          188.92.64.0/21 maxlen: 24
                          5.252.88.0/22 maxlen: 24
                          45.65.104.0/21 maxlen: 24
                          185.13.180.0/22 maxlen: 24
                          95.214.44.0/22 maxlen: 24
                          2.59.68.0/22 maxlen: 24
                          2.59.72.0/22 maxlen: 24
                          193.8.116.0/22 maxlen: 24
                          185.229.176.0/22 maxlen: 24
                          128.127.16.0/21 maxlen: 24
                          185.189.20.0/22 maxlen: 24
                          185.253.36.0/22 maxlen: 24
                          212.104.240.0/20 maxlen: 24
                          185.128.140.0/22 maxlen: 24
                          194.182.112.0/20 maxlen: 24
                          2a06:4280::/29 maxlen: 48
                          2a02:cfc0::/29 maxlen: 48
                          2a02:79e0::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:93:61:db:89:73:21:b5:a9:27:a6:ac:a8:59:25:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
        Validity
            Not Before: Jan  1 04:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13547b76b80b400df4b3b6f212e34d6f780aab81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:48:fb:71:89:fd:76:44:95:d5:dd:55:ca:09:
                    3c:5d:34:03:ab:f3:9e:df:09:bb:32:00:79:bf:ee:
                    27:f1:88:8f:0e:9e:a8:76:35:52:f9:a4:50:98:82:
                    c3:50:a9:4f:86:5e:71:11:64:c2:2f:3a:31:d1:74:
                    e7:85:16:07:c4:f5:ef:3a:3b:ce:63:df:d1:c7:05:
                    dd:2a:92:ce:e8:1f:ed:f7:c8:38:7d:8c:fb:63:3a:
                    72:62:2c:9a:f0:2d:6e:bf:dc:9d:37:86:4b:10:36:
                    c3:a9:99:7d:2b:9e:f2:99:c4:92:9d:2b:4e:02:7f:
                    a0:55:49:6f:e0:e9:45:c5:f6:d5:a2:80:8b:16:e5:
                    ed:74:61:99:e9:76:12:fe:7a:e1:25:bf:fb:ac:e9:
                    5c:0c:a7:0c:c0:f4:a4:f5:d6:b4:52:93:c9:0e:74:
                    33:8f:69:2c:39:37:5b:00:d1:57:48:76:49:56:b1:
                    cb:13:f1:f4:9d:16:04:94:20:81:43:96:d5:e1:2b:
                    85:e7:5d:5a:56:0e:d5:e2:14:88:44:6d:48:8f:42:
                    5f:b2:c1:61:75:40:7a:8a:22:f3:1b:a4:52:ff:54:
                    38:01:f1:e6:fb:1e:55:26:56:0c:0a:1b:e7:56:f1:
                    68:6a:21:04:90:21:33:8f:c2:ec:72:a2:4d:2b:af:
                    2e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:54:7B:76:B8:0B:40:0D:F4:B3:B6:F2:12:E3:4D:6F:78:0A:AB:81
            X509v3 Authority Key Identifier:
                keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/E1R7drgLQA30s7byEuNNb3gKq4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.68.0-2.59.75.255
                  5.252.60.0/22
                  5.252.88.0/22
                  45.11.148.0/22
                  45.65.104.0/21
                  45.85.176.0/22
                  45.90.224.0/22
                  45.129.48.0/22
                  45.152.184.0/22
                  80.240.176.0/20
                  91.92.18.0/23
                  95.214.44.0/22
                  109.70.16.0/21
                  128.127.16.0/21
                  185.13.180.0/22
                  185.61.144.0/22
                  185.107.84.0/22
                  185.128.140.0/22
                  185.163.60.0/22
                  185.189.20.0/22
                  185.203.180.0/22
                  185.229.176.0/22
                  185.253.36.0/22
                  188.92.64.0/21
                  193.8.116.0/22
                  193.56.168.0/22
                  194.182.112.0/20
                  212.104.240.0/20
                IPv6:
                  2a02:79e0::/32
                  2a02:cfc0::/29
                  2a06:4280::/29

    Signature Algorithm: sha256WithRSAEncryption
         55:a4:bd:66:3d:66:9b:f8:db:32:e1:66:60:a2:b5:0e:98:ae:
         66:f9:25:ed:93:9c:3c:2f:ef:a4:cd:7f:e2:26:3e:48:dd:ab:
         57:b7:38:c7:8d:f7:6f:a0:a2:ca:71:5b:59:56:bb:fc:33:dc:
         8a:5e:2a:bb:52:35:b9:03:be:89:c2:41:6e:01:8b:ce:3e:76:
         35:9f:bd:12:6e:49:59:aa:71:a4:74:10:6d:d8:49:ee:a5:f1:
         4f:60:df:c9:1c:2e:8b:38:7b:00:de:ef:69:b1:6d:44:34:23:
         69:f1:8f:7a:87:90:9c:63:10:2d:d0:c1:07:c6:0f:36:8a:4f:
         dc:63:87:51:c8:e7:db:dd:21:25:b2:53:1d:20:51:12:60:7b:
         74:80:ff:22:d8:a4:f5:10:ad:ce:a0:8a:6a:c2:89:be:ea:62:
         a2:c1:d5:d5:1b:da:56:7c:84:fe:d6:55:2e:66:0b:84:4a:31:
         71:18:d2:00:57:c7:86:77:93:a8:74:99:53:c8:d2:85:63:00:
         19:d7:f9:aa:ce:98:98:25:aa:8a:49:93:ae:c2:2b:3c:01:db:
         b3:85:6b:ff:e2:40:0c:1a:85:9c:d3:29:c2:be:87:ab:19:b8:
         43:16:03:a8:27:b5:b5:c2:d9:51:ce:43:9e:f1:a1:c2:89:47:
         41:92:b5:18
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYVrk2HbiXMhtaknpqyoWSUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjMwMTAxMDQyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzU0N2I3NmI4MGI0MDBkZjRiM2I2ZjIxMmUzNGQ2Zjc4MGFhYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkj7cYn9dkSV1d1Vygk8XTQDq/Oe
3wm7MgB5v+4n8YiPDp6odjVS+aRQmILDUKlPhl5xEWTCLzox0XTnhRYHxPXvOjvO
Y9/RxwXdKpLO6B/t98g4fYz7YzpyYiya8C1uv9ydN4ZLEDbDqZl9K57ymcSSnStO
An+gVUlv4OlFxfbVooCLFuXtdGGZ6XYS/nrhJb/7rOlcDKcMwPSk9da0UpPJDnQz
j2ksOTdbANFXSHZJVrHLE/H0nRYElCCBQ5bV4SuF511aVg7V4hSIRG1Ij0JfssFh
dUB6iiLzG6RS/1Q4AfHm+x5VJlYMChvnVvFoaiEEkCEzj8LscqJNK68uMwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFBNUe3a4C0AN9LO28hLjTW94CquBMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvRTFSN2RyZ0xRQTMwczdieUV1Tk5iM2dLcTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbAwDAME
AgI7RAMEAgI7SAMEAgX8PAMEAgX8WAMEAi0LlAMEAy1BaAMEAi1VsAMEAi1a4AME
Ai2BMAMEAi2YuAMEBFDwsAMEAVtcEgMEAl/WLAMEA21GEAMEA4B/EAMEArkNtAME
Ark9kAMEArlrVAMEArmAjAMEArmjPAMEArm9FAMEArnLtAMEArnlsAMEArn9JAME
A7xcQAMEAsEIdAMEAsE4qAMEBMK2cAMEBNRo8DAbBAIAAjAVAwUAKgJ54AMFAyoC
z8ADBQMqBkKAMA0GCSqGSIb3DQEBCwUAA4IBAQBVpL1mPWab+Nsy4WZgorUOmK5m
+SXtk5w8L++kzX/iJj5I3atXtzjHjfdvoKLKcVtZVrv8M9yKXiq7UjW5A76JwkFu
AYvOPnY1n70SbklZqnGkdBBt2EnupfFPYN/JHC6LOHsA3u9psW1ENCNp8Y96h5Cc
YxAt0MEHxg82ik/cY4dRyOfb3SElslMdIFESYHt0gP8i2KT1EK3OoIpqwom+6mKi
wdXVG9pWfIT+1lUuZguESjFxGNIAV8eGd5OodJlTyNKFYwAZ1/mqzpiYJaqKSZOu
wis8AduzhWv/4kAMGoWc0ynCvoerGbhDFgOoJ7W1wtlRzkOe8aHCiUdBkrUY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:13 2024 by rpki-client on console-ams.rpki-client.org