Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/1EcH3oMlNMXwjn1eDXuTLIe4GMY.roa
File:                     1EcH3oMlNMXwjn1eDXuTLIe4GMY.roa (raw, json)
Hash identifier:          5xaIaroBsxbqMclTk7Uyd3g0V9L4nHfdibDKa8WWIuk=
Subject key identifier:   D4:47:07:DE:83:25:34:C5:F0:8E:7D:5E:0D:7B:93:2C:87:B8:18:C6
Certificate issuer:       /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial:       018571DE884084DA43670DCF4E0729C35D6F
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/1EcH3oMlNMXwjn1eDXuTLIe4GMY.roa
Signing time:             Mon 02 Jan 2023 09:44:47 +0000
ROA not before:           Mon 02 Jan 2023 09:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60890
IP address blocks:        185.24.64.0/24 maxlen: 24
                          2a04:2b00:a006::/48 maxlen: 48
                          2a04:2b00:13cc::/48 maxlen: 48
                          2a04:2b00:a034::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:de:88:40:84:da:43:67:0d:cf:4e:07:29:c3:5d:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
        Validity
            Not Before: Jan  2 09:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d44707de832534c5f08e7d5e0d7b932c87b818c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:1c:41:63:db:77:ed:ef:de:03:0a:99:61:95:
                    bb:85:8d:79:a7:cd:79:c2:48:4a:0e:60:75:97:43:
                    a6:3a:33:4d:af:e4:6b:36:fa:8b:ad:e0:8d:7f:19:
                    f1:b5:74:3e:ee:b6:cd:db:b8:f2:e8:fc:ed:46:67:
                    4f:64:9a:44:88:80:12:d8:64:d8:3c:5e:c1:df:41:
                    6a:42:e0:7c:94:04:3e:f8:bb:c9:fe:06:08:e9:fc:
                    76:1c:59:08:4c:c6:89:80:45:c3:8d:5f:56:83:cb:
                    5a:51:9c:42:ac:ec:c4:66:82:07:23:44:e9:ba:33:
                    7c:94:33:34:3e:94:d0:23:58:19:8e:d4:4f:d5:d3:
                    c6:d8:ac:a3:c3:14:fe:a0:b4:4c:bf:f6:fa:1e:ad:
                    4d:2f:7a:ea:33:0b:a1:a7:70:ae:4d:12:88:90:ee:
                    84:04:0b:87:93:be:6e:0b:4c:ee:7e:3b:f3:8c:e9:
                    2c:57:2e:67:cb:17:d4:2f:7b:e1:c5:40:9b:c4:6d:
                    56:f1:fc:94:82:1d:0d:d2:c1:79:cf:8f:93:06:07:
                    3d:08:1d:2f:a4:be:00:88:af:df:88:1e:25:2e:05:
                    0e:a9:68:df:0d:f1:53:d5:1a:81:8d:88:c0:78:94:
                    33:7f:22:03:bd:53:23:e9:00:26:3f:2c:5d:13:71:
                    da:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:47:07:DE:83:25:34:C5:F0:8E:7D:5E:0D:7B:93:2C:87:B8:18:C6
            X509v3 Authority Key Identifier:
                keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/1EcH3oMlNMXwjn1eDXuTLIe4GMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.24.64.0/24
                IPv6:
                  2a04:2b00:13cc::/48
                  2a04:2b00:a006::/48
                  2a04:2b00:a034::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:52:63:d4:40:77:bf:df:99:d2:46:3c:ba:e0:8f:42:11:aa:
         af:b5:a2:f4:36:25:d0:22:a0:b9:e1:e7:64:37:38:ea:81:e9:
         0c:29:f9:3b:e3:7e:f2:0d:26:14:d8:a8:98:7a:26:18:1c:0a:
         74:84:2c:23:1c:45:49:26:a2:59:d3:e5:80:45:07:e4:0e:e9:
         59:89:41:0b:0b:70:6e:1a:d5:a3:97:82:4e:09:bc:0a:4a:df:
         9d:df:44:27:4e:31:b9:4f:da:84:9f:92:96:3f:e7:1b:3f:63:
         47:86:6a:b8:18:70:39:23:67:9b:b8:e7:bf:98:3b:7a:5f:03:
         cc:7e:f3:1e:bf:cf:a5:57:11:7a:6d:9a:4e:a6:12:d7:a9:d1:
         4a:b1:a1:9c:58:50:73:6c:63:b8:11:c4:91:ec:bc:11:bf:63:
         21:fe:71:7f:8b:f5:ad:9f:b1:9d:30:c4:9f:6c:17:11:e9:5b:
         35:0a:27:70:17:60:8a:1d:5f:fb:e2:62:c1:89:c8:01:e7:a1:
         2b:dc:1b:ef:f2:d2:8b:8b:25:45:80:08:86:64:94:28:b3:85:
         81:a3:58:f6:e1:05:e4:3b:0d:81:3c:7f:03:af:9b:95:d0:14:
         ca:4f:fe:76:97:db:f4:28:7b:d5:47:07:5b:c3:ef:ab:2c:44:
         85:86:ee:ac
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVx3ohAhNpDZw3PTgcpw11vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjMwMTAyMDk0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQ3MDdkZTgzMjUzNGM1ZjA4ZTdkNWUwZDdiOTMyYzg3YjgxOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRxBY9t37e/eAwqZYZW7hY15p815
wkhKDmB1l0OmOjNNr+RrNvqLreCNfxnxtXQ+7rbN27jy6PztRmdPZJpEiIAS2GTY
PF7B30FqQuB8lAQ++LvJ/gYI6fx2HFkITMaJgEXDjV9Wg8taUZxCrOzEZoIHI0Tp
ujN8lDM0PpTQI1gZjtRP1dPG2KyjwxT+oLRMv/b6Hq1NL3rqMwuhp3CuTRKIkO6E
BAuHk75uC0zufjvzjOksVy5nyxfUL3vhxUCbxG1W8fyUgh0N0sF5z4+TBgc9CB0v
pL4AiK/fiB4lLgUOqWjfDfFT1RqBjYjAeJQzfyIDvVMj6QAmPyxdE3HaUQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNRHB96DJTTF8I59Xg17kyyHuBjGMB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvMUVjSDNvTWxOTVh3am4xZURYdVRMSWU0R01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAuRhAMCEE
AgACMBsDBwAqBCsAE8wDBwAqBCsAoAYDBwAqBCsAoDQwDQYJKoZIhvcNAQELBQAD
ggEBAFlSY9RAd7/fmdJGPLrgj0IRqq+1ovQ2JdAioLnh52Q3OOqB6Qwp+TvjfvIN
JhTYqJh6JhgcCnSELCMcRUkmolnT5YBFB+QO6VmJQQsLcG4a1aOXgk4JvApK353f
RCdOMblP2oSfkpY/5xs/Y0eGargYcDkjZ5u457+YO3pfA8x+8x6/z6VXEXptmk6m
Etep0UqxoZxYUHNsY7gRxJHsvBG/YyH+cX+L9a2fsZ0wxJ9sFxHpWzUKJ3AXYIod
X/viYsGJyAHnoSvcG+/y0ouLJUWACIZklCizhYGjWPbhBeQ7DYE8fwOvm5XQFMpP
/naX2/Qoe9VHB1vD76ssRIWG7qw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:46 2024 by rpki-client on console-fra.rpki-client.org