Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/goVZEutB4_F8FKjUOaGMjOS_lZ8.roa
File:                     goVZEutB4_F8FKjUOaGMjOS_lZ8.roa (raw, json)
Hash identifier:          FWv6Fj46TRRWGJjFKG4DbG7eZ2/W96AL7eQXMi14Q+M=
Subject key identifier:   82:85:59:12:EB:41:E3:F1:7C:14:A8:D4:39:A1:8C:8C:E4:BF:95:9F
Certificate issuer:       /CN=570a181aa090cb970605a25a7a57d653547f2324
Certificate serial:       018571830522ADF33C8C3C02D85FD57D67F7
Authority key identifier: 57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/goVZEutB4_F8FKjUOaGMjOS_lZ8.roa
Signing time:             Mon 02 Jan 2023 08:04:50 +0000
ROA not before:           Mon 02 Jan 2023 08:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49054
IP address blocks:        95.131.168.0/22 maxlen: 22
                          95.131.170.0/24 maxlen: 24
                          95.131.169.0/24 maxlen: 24
                          185.247.233.0/24 maxlen: 24
                          185.247.232.0/24 maxlen: 24
                          185.247.232.0/22 maxlen: 22
                          185.247.234.0/24 maxlen: 24
                          2a0d:d080::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:83:05:22:ad:f3:3c:8c:3c:02:d8:5f:d5:7d:67:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=570a181aa090cb970605a25a7a57d653547f2324
        Validity
            Not Before: Jan  2 08:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82855912eb41e3f17c14a8d439a18c8ce4bf959f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c0:cd:8d:03:1b:a2:53:18:30:a9:26:5a:b9:
                    5e:b6:70:a2:aa:d1:48:54:32:d9:93:e7:df:da:fb:
                    d5:f2:28:5f:d4:78:09:0c:3a:e6:25:5c:3d:3e:b9:
                    99:06:dd:53:1e:71:0b:fd:2d:94:12:a8:dc:37:fe:
                    ff:be:0f:66:b2:db:e5:74:6c:62:c4:79:8f:81:6a:
                    13:79:59:fc:22:cb:e5:73:5c:91:d5:24:a7:ac:d8:
                    f2:f9:34:f0:42:35:cc:67:50:ba:b1:c8:d7:56:6d:
                    07:46:60:f8:f1:b6:b7:15:9c:f8:09:98:be:c6:2f:
                    c2:f7:79:1e:5f:16:f1:46:30:ed:ad:ce:82:6f:a0:
                    e7:2e:55:8a:69:0d:d6:d7:45:c9:02:a9:ba:51:47:
                    86:d0:76:db:1c:05:50:27:1d:bd:5b:93:e8:c9:6a:
                    78:09:53:68:48:d0:f3:7e:f4:e5:16:b9:cb:a1:46:
                    90:b5:98:49:e0:88:ef:bc:fc:0d:d5:71:76:31:e0:
                    cc:cf:e3:53:3a:ce:25:b9:08:d5:79:9b:47:22:04:
                    60:70:b3:c4:8b:a4:01:cf:11:c8:4b:d8:ed:51:c3:
                    32:be:8d:14:77:e9:2a:68:25:e6:b0:07:e9:c3:87:
                    38:41:45:d8:99:38:4e:e7:05:d4:ca:d0:f7:11:51:
                    72:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:85:59:12:EB:41:E3:F1:7C:14:A8:D4:39:A1:8C:8C:E4:BF:95:9F
            X509v3 Authority Key Identifier:
                keyid:57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/goVZEutB4_F8FKjUOaGMjOS_lZ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.131.168.0/22
                  185.247.232.0/22
                IPv6:
                  2a0d:d080::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:7b:a1:00:e9:09:32:26:2d:46:bb:85:ea:4e:5f:56:81:b7:
         a4:da:5a:1d:9d:45:c9:17:74:68:d1:e8:65:37:7b:3d:c3:d1:
         04:74:e6:cd:51:3c:ad:bf:00:6e:b8:b8:03:de:9e:7f:de:bc:
         a2:6c:12:ab:a7:b4:59:98:54:66:0c:8d:56:27:9a:d0:21:16:
         31:49:3f:ec:bf:77:b9:8e:fd:a2:6c:4c:57:06:b3:c6:7b:de:
         1a:73:f0:26:d4:87:ec:0b:6e:af:b0:e5:36:7e:39:5d:ad:9b:
         13:0c:9d:64:a1:7a:5f:52:2a:cb:07:70:20:52:b1:ac:03:be:
         0c:6d:eb:e4:37:2d:45:25:50:65:f4:83:47:d3:fc:8d:e0:e7:
         15:d9:3b:75:c9:4d:7e:a3:af:1d:ad:a6:54:78:51:01:a7:76:
         dd:5e:c7:00:7f:78:e0:58:77:5d:c9:af:4e:8e:d7:2b:d2:6f:
         06:6d:f7:f4:05:b2:06:ef:aa:a4:d7:61:8a:9f:22:0a:3f:6d:
         f5:22:36:d6:6e:48:a0:09:b1:ae:b6:1b:e5:35:df:b5:b3:50:
         fd:0c:da:dd:cd:69:20:07:0b:fd:d9:2b:23:69:d0:f2:a3:db:
         33:3c:58:21:18:99:2e:7b:8a:77:24:94:99:23:98:b6:8f:82:
         14:11:af:e5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxgwUirfM8jDwC2F/VfWf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGExODFhYTA5MGNiOTcwNjA1YTI1YTdhNTdkNjUzNTQ3
ZjIzMjQwHhcNMjMwMTAyMDgwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg1NTkxMmViNDFlM2YxN2MxNGE4ZDQzOWExOGM4Y2U0YmY5NTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sDNjQMbolMYMKkmWrletnCiqtFI
VDLZk+ff2vvV8ihf1HgJDDrmJVw9PrmZBt1THnEL/S2UEqjcN/7/vg9mstvldGxi
xHmPgWoTeVn8Isvlc1yR1SSnrNjy+TTwQjXMZ1C6scjXVm0HRmD48ba3FZz4CZi+
xi/C93keXxbxRjDtrc6Cb6DnLlWKaQ3W10XJAqm6UUeG0HbbHAVQJx29W5PoyWp4
CVNoSNDzfvTlFrnLoUaQtZhJ4IjvvPwN1XF2MeDMz+NTOs4luQjVeZtHIgRgcLPE
i6QBzxHIS9jtUcMyvo0Ud+kqaCXmsAfpw4c4QUXYmThO5wXUytD3EVFyOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIKFWRLrQePxfBSo1DmhjIzkv5WfMB8GA1UdIwQY
MBaAFFcKGBqgkMuXBgWiWnpX1lNUfyMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVndvWUdxQ1F5NWNHQmFKYWVsZldVMVJfSXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wYzhiMGYtNTM4NC00NTgwLTg5YzIt
YTYzNzY1MGM3NGFlLzEvZ29WWkV1dEI0X0Y4RktqVU9hR01qT1NfbFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wYzhiMGYtNTM4NC00NTgwLTg5YzItYTYzNzY1MGM3NGFl
LzEvVndvWUdxQ1F5NWNHQmFKYWVsZldVMVJfSXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCX4OoAwQC
uffoMA0EAgACMAcDBQMqDdCAMA0GCSqGSIb3DQEBCwUAA4IBAQBTe6EA6QkyJi1G
u4XqTl9Wgbek2lodnUXJF3Ro0ehlN3s9w9EEdObNUTytvwBuuLgD3p5/3ryibBKr
p7RZmFRmDI1WJ5rQIRYxST/sv3e5jv2ibExXBrPGe94ac/Am1IfsC26vsOU2fjld
rZsTDJ1koXpfUirLB3AgUrGsA74MbevkNy1FJVBl9INH0/yN4OcV2Tt1yU1+o68d
raZUeFEBp3bdXscAf3jgWHddya9Ojtcr0m8Gbff0BbIG76qk12GKnyIKP231IjbW
bkigCbGuthvlNd+1s1D9DNrdzWkgBwv92SsjadDyo9szPFghGJkue4p3JJSZI5i2
j4IUEa/l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:20 2024 by rpki-client on console-fra.rpki-client.org