Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/m7rKHrAFbGB2WKp7km66PVTSXSU.roa
File:                     m7rKHrAFbGB2WKp7km66PVTSXSU.roa (raw, json)
Hash identifier:          Q259P39jqIrCXwjMaoEzRUhoJp/bgvikvCnR2a7Pxlc=
Subject key identifier:   9B:BA:CA:1E:B0:05:6C:60:76:58:AA:7B:92:6E:BA:3D:54:D2:5D:25
Certificate issuer:       /CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
Certificate serial:       01856C0A6A4B0915994F3967C33C7C4191CB
Authority key identifier: 44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/m7rKHrAFbGB2WKp7km66PVTSXSU.roa
Signing time:             Sun 01 Jan 2023 06:34:59 +0000
ROA not before:           Sun 01 Jan 2023 06:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28889
IP address blocks:        85.193.128.0/20 maxlen: 20
                          85.193.176.0/20 maxlen: 20
                          80.66.32.0/19 maxlen: 19
                          185.54.208.0/24 maxlen: 24
                          185.54.209.0/24 maxlen: 24
                          2a00:eb40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:0a:6a:4b:09:15:99:4f:39:67:c3:3c:7c:41:91:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
        Validity
            Not Before: Jan  1 06:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9bbaca1eb0056c607658aa7b926eba3d54d25d25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:33:4b:81:28:78:d9:06:05:94:7c:e4:06:a8:
                    af:36:ef:c1:d2:b0:84:ef:c8:8f:5a:3c:73:b3:85:
                    b5:e7:e3:8a:08:f5:0f:6b:1c:d0:37:b1:22:89:13:
                    bb:0f:b0:71:72:53:5b:8f:21:45:73:5c:cd:2e:e5:
                    91:b4:85:cd:79:a4:a9:84:7c:68:56:86:c1:bf:53:
                    da:74:8c:8d:c3:2e:28:78:95:9a:eb:e4:e8:db:92:
                    25:32:7a:4d:00:bc:b8:03:a3:8c:4d:b0:02:80:b3:
                    59:fd:a6:fb:a4:29:96:14:55:d6:60:32:80:6b:9b:
                    9d:f9:e7:bb:c7:f0:87:ba:c1:64:e1:99:e3:7a:d1:
                    84:8b:7f:44:bf:f4:c5:64:38:f7:64:76:ba:d7:df:
                    e5:e2:ba:fc:80:d2:c9:e1:c7:8c:fc:1b:79:01:16:
                    ea:33:ef:ec:af:97:fd:4d:fa:6c:13:13:e3:ec:5e:
                    31:b4:03:63:d0:1d:81:90:fa:99:e4:95:2e:ce:5b:
                    7b:18:8d:54:2e:6d:cf:cc:f3:8a:37:b6:24:e6:42:
                    98:90:75:27:fa:ce:2f:6d:0b:2a:18:9a:da:2c:fb:
                    b2:1c:7f:63:01:e9:83:50:e2:9a:b7:3c:f9:89:9b:
                    82:83:01:c8:81:58:8c:2f:c2:52:9a:a2:7e:2d:f7:
                    e2:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:BA:CA:1E:B0:05:6C:60:76:58:AA:7B:92:6E:BA:3D:54:D2:5D:25
            X509v3 Authority Key Identifier:
                keyid:44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/m7rKHrAFbGB2WKp7km66PVTSXSU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/RM62HnGmGfIxTp2YRuxnvIihJEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.66.32.0/19
                  85.193.128.0/20
                  85.193.176.0/20
                  185.54.208.0/23
                IPv6:
                  2a00:eb40::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:21:c9:be:b9:ba:1c:44:c3:45:0d:34:a2:dc:67:ae:91:52:
         f9:83:29:fb:25:79:4c:8e:0f:e3:10:9b:83:64:f9:ea:6d:50:
         c6:b6:17:a7:0b:eb:d1:c3:ae:fe:e9:25:14:0e:93:9a:cd:1b:
         b7:0d:65:4c:99:29:a0:32:b0:13:ec:43:11:bb:f5:7b:01:2d:
         ea:40:fa:5e:6b:3f:cc:36:63:3c:31:13:f5:51:aa:8e:e5:35:
         c2:d3:65:39:a0:fc:0a:d9:12:aa:fb:30:66:10:7f:e2:88:53:
         54:e0:53:0f:9d:1a:13:ce:85:dd:45:8b:48:7f:29:ed:a3:85:
         bc:4b:ba:f4:82:b8:57:46:01:f3:8e:56:d2:61:aa:db:d6:e4:
         db:5e:3a:63:6b:c6:fa:e2:f9:67:94:1c:b9:3d:49:38:fe:ca:
         3a:b1:cc:f5:c1:73:8c:46:6d:22:1a:1e:a0:16:20:d9:73:c9:
         9c:34:f1:34:3e:20:b8:aa:5b:1b:38:bd:e1:41:56:cf:31:1b:
         cb:57:6d:a8:13:1b:28:87:db:61:69:7f:fd:69:28:1a:f4:e3:
         36:97:d4:2b:46:3b:56:ef:17:d0:83:c3:df:09:dd:2e:85:31:
         f7:2c:ae:8f:c3:92:c8:13:eb:eb:90:ac:a0:5d:34:7b:33:af:
         95:71:4a:be
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsCmpLCRWZTzlnwzx8QZHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Y2ViNjFlNzFhNjE5ZjIzMTRlOWQ5ODQ2ZWM2N2JjODhh
MTI0NGMwHhcNMjMwMTAxMDYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmJhY2ExZWIwMDU2YzYwNzY1OGFhN2I5MjZlYmEzZDU0ZDI1ZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDNLgSh42QYFlHzkBqivNu/B0rCE
78iPWjxzs4W15+OKCPUPaxzQN7EiiRO7D7BxclNbjyFFc1zNLuWRtIXNeaSphHxo
VobBv1PadIyNwy4oeJWa6+To25IlMnpNALy4A6OMTbACgLNZ/ab7pCmWFFXWYDKA
a5ud+ee7x/CHusFk4ZnjetGEi39Ev/TFZDj3ZHa619/l4rr8gNLJ4ceM/Bt5ARbq
M+/sr5f9TfpsExPj7F4xtANj0B2BkPqZ5JUuzlt7GI1ULm3PzPOKN7Yk5kKYkHUn
+s4vbQsqGJraLPuyHH9jAemDUOKatzz5iZuCgwHIgViML8JSmqJ+LffiYQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJu6yh6wBWxgdliqe5Juuj1U0l0lMB8GA1UdIwQY
MBaAFETOth5xphnyMU6dmEbsZ7yIoSRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk02MkhuR21HZkl4VHAyWVJ1eG52SWloSkV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wN2VhYzctNGQ1Mi00NmQ5LWJhNDQt
ODk0NTg2MGQ1MjM4LzEvbTdyS0hyQUZiR0IyV0twN2ttNjZQVlRTWFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wN2VhYzctNGQ1Mi00NmQ5LWJhNDQtODk0NTg2MGQ1MjM4
LzEvUk02MkhuR21HZkl4VHAyWVJ1eG52SWloSkV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFUEIgAwQE
VcGAAwQEVcGwAwQBuTbQMA0EAgACMAcDBQAqAOtAMA0GCSqGSIb3DQEBCwUAA4IB
AQBIIcm+ubocRMNFDTSi3GeukVL5gyn7JXlMjg/jEJuDZPnqbVDGthenC+vRw67+
6SUUDpOazRu3DWVMmSmgMrAT7EMRu/V7AS3qQPpeaz/MNmM8MRP1UaqO5TXC02U5
oPwK2RKq+zBmEH/iiFNU4FMPnRoTzoXdRYtIfynto4W8S7r0grhXRgHzjlbSYarb
1uTbXjpja8b64vlnlBy5PUk4/so6scz1wXOMRm0iGh6gFiDZc8mcNPE0PiC4qlsb
OL3hQVbPMRvLV22oExsoh9thaX/9aSga9OM2l9QrRjtW7xfQg8PfCd0uhTH3LK6P
w5LIE+vrkKygXTR7M6+VcUq+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:36 2024 by rpki-client on console-ams.rpki-client.org