Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/8t6Bzb0RIsC72ei9L__ouBAr_KY.roa
File:                     8t6Bzb0RIsC72ei9L__ouBAr_KY.roa (raw, json)
Hash identifier:          d9JvIgP8lkP2scbA1MXcGh5XpS5EDg2pO/8G/jOqmbk=
Subject key identifier:   F2:DE:81:CD:BD:11:22:C0:BB:D9:E8:BD:2F:FF:E8:B8:10:2B:FC:A6
Certificate issuer:       /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial:       01856C9CB6D5445FCB01588FFC5A3E78A9BE
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/8t6Bzb0RIsC72ei9L__ouBAr_KY.roa
Signing time:             Sun 01 Jan 2023 09:14:47 +0000
ROA not before:           Sun 01 Jan 2023 09:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58075
IP address blocks:        37.235.80.0/21 maxlen: 24
                          45.154.44.0/22 maxlen: 24
                          185.43.20.0/22 maxlen: 24
                          185.21.52.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Sep 2023 14:44:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:9c:b6:d5:44:5f:cb:01:58:8f:fc:5a:3e:78:a9:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
        Validity
            Not Before: Jan  1 09:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2de81cdbd1122c0bbd9e8bd2fffe8b8102bfca6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:57:97:62:5d:76:86:7d:2d:e4:e1:11:72:8f:
                    60:38:67:e4:90:38:d1:f7:bf:b3:10:07:d7:c6:2d:
                    71:62:3e:57:0d:57:31:17:30:a8:4e:f0:76:7b:f9:
                    47:40:53:fe:1b:7c:19:13:63:b2:b4:91:d2:50:6f:
                    b6:9a:c9:92:dd:bb:42:af:fd:90:ce:60:6a:b2:e2:
                    23:ab:65:00:9b:7b:37:8f:ba:0a:d7:60:81:f5:8e:
                    d3:f6:7b:79:b5:4e:ad:9f:69:68:11:84:4f:9a:cb:
                    40:bd:81:91:bb:a5:c8:11:72:d4:05:f7:02:ac:ff:
                    28:9e:53:a7:c3:8e:04:25:3e:82:a1:0f:77:d4:fc:
                    ac:4a:0d:50:23:94:9f:94:1a:91:74:d9:f6:f7:f0:
                    05:27:d4:47:82:38:4b:74:55:3f:14:fa:62:b2:66:
                    1f:03:0f:a3:b6:3d:ab:db:fc:a8:51:44:e4:5d:7b:
                    6f:cc:3f:58:51:61:51:09:1c:f0:55:ac:23:00:e8:
                    3e:09:e7:8e:6a:40:f2:b5:a7:0d:41:ce:ec:12:27:
                    b7:39:6a:2f:3f:54:4e:b1:f0:48:f5:45:a5:58:42:
                    24:7e:c7:b6:28:b8:24:32:04:31:e2:d0:0d:f3:6b:
                    2a:82:bc:2a:73:b3:dd:44:f4:ed:3e:e4:41:61:f3:
                    ed:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:DE:81:CD:BD:11:22:C0:BB:D9:E8:BD:2F:FF:E8:B8:10:2B:FC:A6
            X509v3 Authority Key Identifier:
                keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/8t6Bzb0RIsC72ei9L__ouBAr_KY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.235.80.0/21
                  45.154.44.0/22
                  185.21.52.0/22
                  185.43.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:a0:68:d3:3e:42:6d:64:aa:bf:ae:74:9c:44:fe:75:8a:fe:
         45:37:42:ee:fa:7c:dd:88:58:b4:72:67:cb:7e:4f:94:72:d8:
         aa:81:d0:b9:22:0e:7a:bb:57:2c:6a:0a:25:e3:24:9f:28:34:
         c1:4f:58:f2:61:28:ed:67:bd:38:db:30:ae:76:ba:ec:58:0f:
         33:b5:31:8b:2e:00:3b:7f:52:d2:9e:cd:ac:3e:f1:e8:ec:91:
         10:a7:59:57:8b:da:7a:86:d7:ce:24:b7:d3:c8:d3:cf:d8:7f:
         5a:51:b5:64:67:bf:7e:e4:c2:e5:76:04:ab:a6:74:cc:21:53:
         26:f1:ef:e0:8d:d6:31:1b:39:76:a9:83:73:04:73:68:95:46:
         5b:86:63:91:dd:8c:39:f9:8a:26:97:f5:73:21:cc:9f:a2:7f:
         ea:51:78:03:de:71:78:92:9b:37:85:89:a6:e3:f6:11:a0:56:
         6a:8b:78:e4:99:2f:cc:9a:4d:9b:00:94:80:02:d3:5e:93:42:
         53:8a:6d:d6:17:cf:00:81:b7:28:f3:d9:5b:4a:3b:25:8d:59:
         23:73:d5:1e:92:03:85:af:57:34:4e:8b:40:21:00:2f:2d:54:
         95:28:8a:17:59:2f:51:4e:8e:96:68:2e:65:45:98:6b:81:6e:
         78:a3:b0:0b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsnLbVRF/LAViP/Fo+eKm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjMwMTAxMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRlODFjZGJkMTEyMmMwYmJkOWU4YmQyZmZmZThiODEwMmJmY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1eXYl12hn0t5OERco9gOGfkkDjR
97+zEAfXxi1xYj5XDVcxFzCoTvB2e/lHQFP+G3wZE2OytJHSUG+2msmS3btCr/2Q
zmBqsuIjq2UAm3s3j7oK12CB9Y7T9nt5tU6tn2loEYRPmstAvYGRu6XIEXLUBfcC
rP8onlOnw44EJT6CoQ931PysSg1QI5SflBqRdNn29/AFJ9RHgjhLdFU/FPpismYf
Aw+jtj2r2/yoUUTkXXtvzD9YUWFRCRzwVawjAOg+CeeOakDytacNQc7sEie3OWov
P1ROsfBI9UWlWEIkfse2KLgkMgQx4tAN82sqgrwqc7PdRPTtPuRBYfPt8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPLegc29ESLAu9novS//6LgQK/ymMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvOHQ2QnpiMFJJc0M3MmVpOUxfX291QkFyX0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJetQAwQC
LZosAwQCuRU0AwQCuSsUMA0GCSqGSIb3DQEBCwUAA4IBAQAjoGjTPkJtZKq/rnSc
RP51iv5FN0Lu+nzdiFi0cmfLfk+UctiqgdC5Ig56u1csagol4ySfKDTBT1jyYSjt
Z7042zCudrrsWA8ztTGLLgA7f1LSns2sPvHo7JEQp1lXi9p6htfOJLfTyNPP2H9a
UbVkZ79+5MLldgSrpnTMIVMm8e/gjdYxGzl2qYNzBHNolUZbhmOR3Yw5+Yoml/Vz
Icyfon/qUXgD3nF4kps3hYmm4/YRoFZqi3jkmS/Mmk2bAJSAAtNek0JTim3WF88A
gbco89lbSjsljVkjc9UekgOFr1c0TotAIQAvLVSVKIoXWS9RTo6WaC5lRZhrgW54
o7AL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org