Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/j_e5zvUxBEBpcs3f-dI0c_O8ceE.roa
File:                     j_e5zvUxBEBpcs3f-dI0c_O8ceE.roa (raw, json)
Hash identifier:          eFtQiQY61qHKD0Mk6zdCBBS1OOVP5k4v8Im5+uLe5bE=
Subject key identifier:   8F:F7:B9:CE:F5:31:04:40:69:72:CD:DF:F9:D2:34:73:F3:BC:71:E1
Certificate issuer:       /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial:       0185D6C07CED5C0A08EED3C76F942C19423F
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/j_e5zvUxBEBpcs3f-dI0c_O8ceE.roa
Signing time:             Sat 21 Jan 2023 23:53:37 +0000
ROA not before:           Sat 21 Jan 2023 23:53:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212027
IP address blocks:        37.230.138.0/24 maxlen: 24
                          81.16.176.0/24 maxlen: 24
                          81.16.177.0/24 maxlen: 24
                          91.208.92.0/24 maxlen: 24
                          194.213.3.0/24 maxlen: 24
                          213.170.135.0/24 maxlen: 24
                          45.143.196.0/22 maxlen: 22
                          2a10:e780::/40 maxlen: 40

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 15:28:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:d6:c0:7c:ed:5c:0a:08:ee:d3:c7:6f:94:2c:19:42:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
        Validity
            Not Before: Jan 21 23:53:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ff7b9cef53104406972cddff9d23473f3bc71e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:27:ef:2c:82:68:2d:0a:73:0a:e4:84:d7:e0:
                    ed:46:e8:a5:de:e0:fb:c3:e7:7b:5e:e5:c2:cd:8f:
                    86:cf:24:57:0c:82:f2:1e:f1:50:b9:9e:aa:7b:11:
                    2a:4d:c4:3a:20:dd:40:49:d9:11:a1:71:2b:05:25:
                    3a:45:69:70:ca:4c:ce:86:62:5f:59:d8:a0:8e:fe:
                    e9:2b:47:5c:f0:8c:5d:31:55:40:21:fe:49:25:a7:
                    6a:a0:33:60:42:e7:f5:14:a5:1c:e7:dd:a8:8c:56:
                    ae:1c:7b:62:63:12:2f:f5:d8:07:70:6c:1a:0d:41:
                    30:e0:8a:79:c6:46:f2:9a:77:4f:46:0b:5d:7a:c3:
                    9f:a2:d2:91:f9:ed:70:23:9f:a0:d9:21:01:f3:ed:
                    71:43:66:ec:08:3a:25:40:87:c9:66:49:26:c3:2a:
                    9f:68:06:9e:49:ec:ea:ab:db:f7:b4:72:83:45:32:
                    7f:0e:13:1a:1e:34:62:dc:1b:1d:b2:cb:5a:71:a0:
                    57:95:80:da:3f:a5:18:60:eb:09:5b:5b:aa:03:fd:
                    3b:60:1b:10:8a:08:97:46:c2:e1:21:62:ce:29:15:
                    f1:16:d0:e4:61:40:ef:fc:76:5b:3f:1c:6f:f2:76:
                    c0:ce:76:1a:cd:4d:aa:48:b0:12:e0:37:b4:6c:34:
                    78:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:F7:B9:CE:F5:31:04:40:69:72:CD:DF:F9:D2:34:73:F3:BC:71:E1
            X509v3 Authority Key Identifier:
                keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/j_e5zvUxBEBpcs3f-dI0c_O8ceE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.230.138.0/24
                  45.143.196.0/22
                  81.16.176.0/23
                  91.208.92.0/24
                  194.213.3.0/24
                  213.170.135.0/24
                IPv6:
                  2a10:e780::/40

    Signature Algorithm: sha256WithRSAEncryption
         00:53:af:08:a0:33:a4:9c:77:cf:6f:7c:29:2b:78:b2:06:47:
         ef:13:9d:3b:18:61:c5:28:d2:41:18:68:e0:76:e0:de:05:50:
         58:44:7e:cd:83:37:b3:fd:c9:c3:e2:20:98:4e:fd:46:e2:ab:
         57:3b:78:a7:61:06:d6:c0:3d:4e:3c:60:47:df:a9:ea:19:19:
         09:ce:8c:1e:29:8c:f2:35:c6:fa:31:73:2e:49:9c:8b:9b:90:
         47:9d:46:2f:d7:04:5f:9c:f9:26:23:9d:f2:c3:09:12:55:d4:
         41:14:8e:d3:4c:f0:fc:0b:49:d2:49:01:59:b1:94:e1:96:e0:
         45:49:9a:a7:cb:9e:6e:06:40:6b:3b:56:05:17:88:79:e7:9c:
         91:43:ed:77:1e:da:71:50:d2:01:c6:f2:6c:7f:dd:71:e0:3d:
         f5:48:02:ff:c8:97:83:01:28:9c:38:c6:f4:7b:ac:c3:01:1a:
         2b:a2:f2:b7:98:96:ea:5d:c9:13:f4:ef:4b:50:bf:0c:5c:b3:
         b9:2e:de:52:f6:46:f2:41:0f:e3:a5:c2:2b:83:20:43:61:ac:
         40:76:a2:c4:08:8d:04:9f:5a:6c:7f:f8:99:d4:b9:5a:4a:a6:
         a4:ed:8f:36:db:65:4f:a7:ce:b9:72:76:49:20:1a:f1:e9:12:
         61:2a:55:d6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYXWwHztXAoI7tPHb5QsGUI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjMwMTIxMjM1MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY3YjljZWY1MzEwNDQwNjk3MmNkZGZmOWQyMzQ3M2YzYmM3MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSfvLIJoLQpzCuSE1+DtRuil3uD7
w+d7XuXCzY+GzyRXDILyHvFQuZ6qexEqTcQ6IN1ASdkRoXErBSU6RWlwykzOhmJf
Wdigjv7pK0dc8IxdMVVAIf5JJadqoDNgQuf1FKUc592ojFauHHtiYxIv9dgHcGwa
DUEw4Ip5xkbymndPRgtdesOfotKR+e1wI5+g2SEB8+1xQ2bsCDolQIfJZkkmwyqf
aAaeSezqq9v3tHKDRTJ/DhMaHjRi3BsdsstacaBXlYDaP6UYYOsJW1uqA/07YBsQ
igiXRsLhIWLOKRXxFtDkYUDv/HZbPxxv8nbAznYazU2qSLAS4De0bDR44wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFI/3uc71MQRAaXLN3/nSNHPzvHHhMB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEval9lNXp2VXhCRUJwY3MzZi1kSTBjX084Y2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQAJeaKAwQC
LY/EAwQBURCwAwQAW9BcAwQAwtUDAwQA1aqHMA4EAgACMAgDBgAqEOeAADANBgkq
hkiG9w0BAQsFAAOCAQEAAFOvCKAzpJx3z298KSt4sgZH7xOdOxhhxSjSQRho4Hbg
3gVQWER+zYM3s/3Jw+IgmE79RuKrVzt4p2EG1sA9TjxgR9+p6hkZCc6MHimM8jXG
+jFzLkmci5uQR51GL9cEX5z5JiOd8sMJElXUQRSO00zw/AtJ0kkBWbGU4ZbgRUma
p8uebgZAaztWBReIeeeckUPtdx7acVDSAcbybH/dceA99UgC/8iXgwEonDjG9Hus
wwEaK6Lyt5iW6l3JE/TvS1C/DFyzuS7eUvZG8kEP46XCK4MgQ2GsQHaixAiNBJ9a
bH/4mdS5WkqmpO2PNttlT6fOuXJ2SSAa8ekSYSpV1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:42 2024 by rpki-client on console-fra.rpki-client.org