Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/aAN4Y6aFeNiyrXmF66Che-v2j9A.roa
File:                     aAN4Y6aFeNiyrXmF66Che-v2j9A.roa (raw, json)
Hash identifier:          /zEIr9qB0nwoKE+O55vAncKCcwXsb3mN1frosczDNiE=
Subject key identifier:   68:03:78:63:A6:85:78:D8:B2:AD:79:85:EB:A0:A1:7B:EB:F6:8F:D0
Certificate issuer:       /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial:       018CC86F7325C0FADA053A9B70D6DF6E34A8
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/aAN4Y6aFeNiyrXmF66Che-v2j9A.roa
Signing time:             Tue 02 Jan 2024 04:29:56 +0000
ROA not before:           Tue 02 Jan 2024 04:29:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20853
IP address blocks:        178.236.246.0/24 maxlen: 24
                          178.236.247.0/24 maxlen: 24
                          194.59.186.0/24 maxlen: 24
                          178.236.254.0/24 maxlen: 24
                          94.228.162.0/24 maxlen: 24
                          94.228.163.0/24 maxlen: 24
                          94.228.165.0/24 maxlen: 24
                          94.228.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 29 Aug 2024 13:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:73:25:c0:fa:da:05:3a:9b:70:d6:df:6e:34:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
        Validity
            Not Before: Jan  2 04:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=68037863a68578d8b2ad7985eba0a17bebf68fd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ae:84:d4:e8:3d:2a:51:52:a3:38:19:f6:ee:
                    98:a6:af:8b:51:87:94:b1:c1:6e:15:53:79:ec:bd:
                    a0:46:cc:6a:c0:e3:30:4d:87:e0:76:2c:4b:81:2d:
                    ac:e2:43:67:a8:ac:c2:ab:10:2c:db:d2:69:38:94:
                    16:54:2c:a8:2a:b6:2b:0d:a2:78:ab:b4:49:e2:5e:
                    37:5c:7d:46:75:c3:52:b8:df:b4:88:2e:81:94:47:
                    76:8f:93:14:c3:81:4b:77:cf:6d:b3:44:93:2f:7e:
                    55:06:92:04:80:bd:ed:a8:90:e1:15:83:66:13:6c:
                    f3:42:30:f0:ae:01:4a:ae:9a:43:58:bf:93:cf:d1:
                    9f:3c:04:30:2b:5d:cf:fe:ef:da:e3:01:40:30:ef:
                    9b:66:65:ed:3a:ad:ac:8e:d8:0b:5d:51:7c:e5:f1:
                    61:8b:77:4f:1e:37:02:73:36:ef:44:55:93:a1:df:
                    64:37:56:d7:8a:df:7b:4f:f7:e4:76:83:30:cf:ee:
                    4f:70:02:f1:07:8f:b6:de:9e:75:59:81:24:96:18:
                    09:02:4f:c2:ed:f6:0b:9f:d0:3b:98:9b:0a:07:8b:
                    f8:5b:1a:92:d6:18:10:d3:c4:95:4d:ce:f3:f5:a3:
                    57:c4:c6:2a:d8:e1:36:30:46:da:aa:3e:e2:5e:c7:
                    45:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:03:78:63:A6:85:78:D8:B2:AD:79:85:EB:A0:A1:7B:EB:F6:8F:D0
            X509v3 Authority Key Identifier:
                keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/aAN4Y6aFeNiyrXmF66Che-v2j9A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.228.162.0-94.228.165.255
                  178.236.246.0/23
                  178.236.254.0/24
                  194.59.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:ae:eb:3d:fd:59:18:59:a4:2f:0a:1c:18:d7:0d:2c:1e:4e:
         60:ce:a6:3e:20:ee:ae:59:1e:cd:b3:96:cf:fb:c7:cb:b8:20:
         83:89:0d:7c:97:71:19:38:4e:3e:9d:64:33:00:40:ad:98:2e:
         c6:ff:31:f2:0a:b8:dc:6f:07:97:39:26:66:d0:90:4d:da:94:
         7f:71:02:61:f0:fc:b3:55:19:3e:e0:3b:5b:bf:43:12:05:43:
         ae:d4:69:6c:09:50:a9:30:37:25:9a:92:89:ac:c6:1a:93:af:
         d4:05:4f:1e:81:24:25:3a:fb:c0:0e:f2:e6:3c:bc:b0:08:59:
         2c:4d:8b:e3:83:ae:0c:b5:98:55:14:94:79:5f:c8:3e:03:11:
         aa:38:dc:b7:11:cb:1c:32:3b:3b:f2:eb:66:33:99:e8:43:aa:
         87:e4:81:62:fb:91:a2:45:ab:20:c1:9f:9a:c2:eb:c6:a5:72:
         4e:84:cc:48:59:6a:18:db:79:2e:b1:73:b2:81:17:12:7b:a3:
         3c:7d:25:63:19:ce:f5:da:54:ff:90:87:30:96:7c:67:38:01:
         6b:cd:9e:bb:35:8a:18:04:11:cd:e0:03:fd:ea:95:5f:e9:64:
         bf:31:08:a9:b0:b3:4d:30:3f:e6:35:c6:86:3b:7f:a5:a1:50:
         11:a3:f9:93
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIb3MlwPraBTqbcNbfbjSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjQwMTAyMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODAzNzg2M2E2ODU3OGQ4YjJhZDc5ODVlYmEwYTE3YmViZjY4ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka6E1Og9KlFSozgZ9u6Ypq+LUYeU
scFuFVN57L2gRsxqwOMwTYfgdixLgS2s4kNnqKzCqxAs29JpOJQWVCyoKrYrDaJ4
q7RJ4l43XH1GdcNSuN+0iC6BlEd2j5MUw4FLd89ts0STL35VBpIEgL3tqJDhFYNm
E2zzQjDwrgFKrppDWL+Tz9GfPAQwK13P/u/a4wFAMO+bZmXtOq2sjtgLXVF85fFh
i3dPHjcCczbvRFWTod9kN1bXit97T/fkdoMwz+5PcALxB4+23p51WYEklhgJAk/C
7fYLn9A7mJsKB4v4WxqS1hgQ08SVTc7z9aNXxMYq2OE2MEbaqj7iXsdFvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGgDeGOmhXjYsq15heugoXvr9o/QMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvYUFONFk2YUZlTml5clhtRjY2Q2hlLXYyajlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAFe5KID
BAFe5KQDBAGy7PYDBACy7P4DBADCO7owDQYJKoZIhvcNAQELBQADggEBALCu6z39
WRhZpC8KHBjXDSweTmDOpj4g7q5ZHs2zls/7x8u4IIOJDXyXcRk4Tj6dZDMAQK2Y
Lsb/MfIKuNxvB5c5JmbQkE3alH9xAmHw/LNVGT7gO1u/QxIFQ67UaWwJUKkwNyWa
komsxhqTr9QFTx6BJCU6+8AO8uY8vLAIWSxNi+ODrgy1mFUUlHlfyD4DEao43LcR
yxwyOzvy62YzmehDqofkgWL7kaJFqyDBn5rC68alck6EzEhZahjbeS6xc7KBFxJ7
ozx9JWMZzvXaVP+QhzCWfGc4AWvNnrs1ihgEEc3gA/3qlV/pZL8xCKmws00wP+Y1
xoY7f6WhUBGj+ZM=
-----END CERTIFICATE-----
Generated at Thu Aug 29 17:04:57 2024 by rpki-client on console-ams.rpki-client.org