Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/euHPlo17WzNYMDUqrNijt-LmjnU.roa
File:                     euHPlo17WzNYMDUqrNijt-LmjnU.roa (raw, json)
Hash identifier:          DE9W0FgbO/Jl6bEIpFUERIUAEfIkLkj/UTxGcRGlM0s=
Subject key identifier:   7A:E1:CF:96:8D:7B:5B:33:58:30:35:2A:AC:D8:A3:B7:E2:E6:8E:75
Certificate issuer:       /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial:       018F421A15581F2328D6F46E5C3A7EAD1621
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/euHPlo17WzNYMDUqrNijt-LmjnU.roa
Signing time:             Sat 04 May 2024 05:35:56 +0000
ROA not before:           Sat 04 May 2024 05:35:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199077
IP address blocks:        46.21.17.0/24 maxlen: 24
                          46.21.18.0/24 maxlen: 24
                          46.21.19.0/24 maxlen: 24
                          46.21.21.0/24 maxlen: 24
                          46.21.22.0/24 maxlen: 24
                          77.220.92.0/24 maxlen: 24
                          77.220.93.0/24 maxlen: 24
                          77.220.94.0/24 maxlen: 24
                          193.222.104.0/24 maxlen: 24
                          193.222.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 13 Aug 2024 05:34:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:42:1a:15:58:1f:23:28:d6:f4:6e:5c:3a:7e:ad:16:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
        Validity
            Not Before: May  4 05:35:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7ae1cf968d7b5b335830352aacd8a3b7e2e68e75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f5:e9:d2:eb:a2:a7:99:78:c5:12:33:dd:42:
                    3f:a4:b0:ac:2a:ac:bd:60:0a:e1:f0:3c:9e:cd:7c:
                    a8:4c:74:09:ca:ed:d3:a9:97:10:89:7b:cb:58:1d:
                    35:99:53:fd:4d:7e:d2:7f:03:c8:76:cb:1c:69:82:
                    10:94:4b:4a:b1:53:3f:61:2a:43:79:00:ea:e6:5a:
                    a0:e1:7b:62:94:75:33:3d:71:b7:f9:ac:4a:0e:9b:
                    3c:a8:9e:4b:ab:f9:7d:c5:be:33:a9:b2:1f:3e:91:
                    f3:38:b8:d3:d0:01:a0:1c:58:c4:27:bd:d1:14:1c:
                    05:28:ca:e9:95:01:22:63:2e:e1:67:6d:c8:00:b0:
                    8a:61:b8:4f:d2:2d:e3:55:81:04:06:a6:b5:9f:e5:
                    53:a3:b1:d2:85:0d:70:3a:db:04:f8:74:58:04:15:
                    ea:55:6d:b7:b5:6b:c0:ba:25:d4:c0:1c:12:8c:8b:
                    4f:36:ea:59:1f:47:9b:5c:9c:44:a9:8a:10:91:65:
                    c4:d4:46:ac:33:69:e0:c8:dc:73:c8:eb:56:04:d7:
                    74:9a:3f:9e:42:1b:cd:86:f7:89:2e:67:32:b7:df:
                    ff:41:9f:05:df:fd:b0:0c:40:f3:ce:e7:41:ad:99:
                    bb:d3:bc:6f:ef:d5:d2:ca:66:f4:70:a7:9b:83:84:
                    3f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:E1:CF:96:8D:7B:5B:33:58:30:35:2A:AC:D8:A3:B7:E2:E6:8E:75
            X509v3 Authority Key Identifier:
                keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/euHPlo17WzNYMDUqrNijt-LmjnU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.21.17.0-46.21.19.255
                  46.21.21.0-46.21.22.255
                  77.220.92.0-77.220.94.255
                  193.222.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:de:ae:eb:71:97:03:4b:cf:6a:41:b5:a5:bf:2e:52:d6:38:
         15:e6:3d:f9:9e:22:79:10:43:d4:31:51:a1:f6:fd:71:64:27:
         dc:e9:7e:85:60:d1:ad:c3:1a:06:04:c0:10:f5:ca:dc:c7:40:
         5f:e3:91:75:17:11:26:93:f6:aa:36:18:9b:e5:9f:37:b0:a1:
         4d:6d:75:97:6e:93:e0:97:df:b1:b1:b3:42:8e:08:29:a1:8a:
         d5:c2:a7:ac:55:be:8c:4d:9b:7e:2c:66:58:e7:01:fc:34:c7:
         14:46:ac:77:a6:10:58:8b:9b:75:82:a7:66:4f:4d:31:dc:29:
         9a:56:3d:a5:59:d4:f8:0f:23:b7:31:b1:28:77:4e:47:14:1b:
         f5:0f:69:d9:58:57:0a:ae:d1:ed:c7:f7:17:12:ea:ed:11:e6:
         b2:f3:3a:97:23:e8:aa:f3:70:77:7a:e2:de:a2:7b:a8:38:38:
         36:f8:5d:f5:24:be:59:18:4f:c4:8e:c9:8d:57:25:9e:45:0e:
         ee:38:8d:9b:71:41:f8:10:22:d8:34:92:3a:73:82:4c:ff:e5:
         c8:ec:b1:e7:7d:7d:7a:b7:8a:f6:ac:7f:4f:27:b9:97:a9:ef:
         0f:af:1f:05:3d:c5:b4:2b:83:1c:2e:69:75:48:c0:7e:2d:5e:
         d7:94:f3:a1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY9CGhVYHyMo1vRuXDp+rRYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwNTA0MDUzNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWUxY2Y5NjhkN2I1YjMzNTgzMDM1MmFhY2Q4YTNiN2UyZTY4ZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPXp0uuip5l4xRIz3UI/pLCsKqy9
YArh8DyezXyoTHQJyu3TqZcQiXvLWB01mVP9TX7SfwPIdsscaYIQlEtKsVM/YSpD
eQDq5lqg4XtilHUzPXG3+axKDps8qJ5Lq/l9xb4zqbIfPpHzOLjT0AGgHFjEJ73R
FBwFKMrplQEiYy7hZ23IALCKYbhP0i3jVYEEBqa1n+VTo7HShQ1wOtsE+HRYBBXq
VW23tWvAuiXUwBwSjItPNupZH0ebXJxEqYoQkWXE1EasM2ngyNxzyOtWBNd0mj+e
QhvNhveJLmcyt9//QZ8F3/2wDEDzzudBrZm707xv79XSymb0cKebg4Q/4QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHrhz5aNe1szWDA1KqzYo7fi5o51MB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvZXVIUGxvMTdXek5ZTURVcXJOaWp0LUxtam5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAAuFRED
BAIuFRAwDAMEAC4VFQMEAC4VFjAMAwQCTdxcAwQATdxeAwQBwd5oMA0GCSqGSIb3
DQEBCwUAA4IBAQCQ3q7rcZcDS89qQbWlvy5S1jgV5j35niJ5EEPUMVGh9v1xZCfc
6X6FYNGtwxoGBMAQ9crcx0Bf45F1FxEmk/aqNhib5Z83sKFNbXWXbpPgl9+xsbNC
jggpoYrVwqesVb6MTZt+LGZY5wH8NMcURqx3phBYi5t1gqdmT00x3CmaVj2lWdT4
DyO3MbEod05HFBv1D2nZWFcKrtHtx/cXEurtEeay8zqXI+iq83B3euLeonuoODg2
+F31JL5ZGE/EjsmNVyWeRQ7uOI2bcUH4ECLYNJI6c4JM/+XI7LHnfX16t4r2rH9P
J7mXqe8Prx8FPcW0K4McLml1SMB+LV7XlPOh
-----END CERTIFICATE-----
Generated at Tue Aug 13 09:17:57 2024 by rpki-client on console-ams.rpki-client.org