Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/CbTBR7xoY2-tddliSQqs5kkmZC4.roa
File:                     CbTBR7xoY2-tddliSQqs5kkmZC4.roa (raw, json)
Hash identifier:          kdZtWWVZA2CrRKpoC93Sru2Un3ajrT+UFaOLGQc/MRU=
Subject key identifier:   09:B4:C1:47:BC:68:63:6F:AD:75:D9:62:49:0A:AC:E6:49:26:64:2E
Certificate issuer:       /CN=ea827b9556d540da536b8046c65ff95b06ee4963
Certificate serial:       01856DCAF0B2C5CBB3EFCD9674240463F0CC
Authority key identifier: EA:82:7B:95:56:D5:40:DA:53:6B:80:46:C6:5F:F9:5B:06:EE:49:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/CbTBR7xoY2-tddliSQqs5kkmZC4.roa
Signing time:             Sun 01 Jan 2023 14:44:54 +0000
ROA not before:           Sun 01 Jan 2023 14:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8523
IP address blocks:        164.40.176.0/21 maxlen: 21
                          80.76.144.0/20 maxlen: 20
                          2a00:1d28::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:ca:f0:b2:c5:cb:b3:ef:cd:96:74:24:04:63:f0:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea827b9556d540da536b8046c65ff95b06ee4963
        Validity
            Not Before: Jan  1 14:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=09b4c147bc68636fad75d962490aace64926642e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:a9:4d:95:49:a6:66:2f:50:54:d8:5d:9f:bc:
                    a4:9c:6f:d9:6b:39:d4:70:d3:a4:da:ce:ec:b2:a0:
                    cc:c8:51:2f:59:90:be:b3:7b:e0:a4:99:70:ba:ba:
                    5b:f4:ea:97:a3:2b:d4:49:f3:7d:70:7c:7b:04:0a:
                    df:5e:1c:7c:11:6c:d3:ee:c5:67:a9:97:a8:43:a5:
                    06:af:64:7f:43:24:3a:70:60:08:2b:c6:bd:8e:95:
                    86:78:39:37:fa:ed:7d:04:f7:40:21:81:fc:b5:35:
                    23:40:b2:df:b8:e9:f2:c4:61:db:f7:62:e8:2e:98:
                    5b:9d:19:a3:5c:c1:75:a0:31:b3:ad:48:89:15:c3:
                    ea:76:8f:f3:77:d9:be:2b:e1:cd:61:f6:68:f6:e2:
                    5a:85:93:29:b4:ce:72:87:37:fc:87:78:b4:5c:96:
                    b0:64:7f:8a:1f:26:4f:d0:10:b0:e3:b8:b5:1b:88:
                    54:7f:03:9b:53:a3:0f:8c:13:85:69:3c:c0:ea:91:
                    49:e4:01:c5:49:3a:c6:a0:4e:78:5d:2a:ac:5c:4a:
                    e2:07:61:40:9f:65:33:9b:b9:a4:1a:30:38:c9:a0:
                    73:38:5f:d6:52:92:d1:95:84:67:83:e6:91:29:d3:
                    ac:45:9d:58:4b:db:bf:8a:26:e9:8c:89:ad:ba:d1:
                    ef:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:B4:C1:47:BC:68:63:6F:AD:75:D9:62:49:0A:AC:E6:49:26:64:2E
            X509v3 Authority Key Identifier:
                keyid:EA:82:7B:95:56:D5:40:DA:53:6B:80:46:C6:5F:F9:5B:06:EE:49:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/CbTBR7xoY2-tddliSQqs5kkmZC4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.76.144.0/20
                  164.40.176.0/21
                IPv6:
                  2a00:1d28::/32

    Signature Algorithm: sha256WithRSAEncryption
         77:2c:c1:d7:5a:40:89:62:a0:f8:97:0e:53:fd:87:ff:5d:a1:
         9b:81:1d:67:93:8c:ad:23:b4:42:74:df:4d:29:5d:46:21:18:
         65:cf:41:e7:59:66:24:8e:35:32:90:d7:d4:1d:dd:6f:c9:f4:
         aa:96:db:c2:d2:8b:c8:db:01:28:fc:f8:77:54:fc:20:95:0f:
         1f:6c:d3:67:fd:65:53:a6:85:5c:9c:a0:95:46:eb:ac:bf:c4:
         2c:19:c0:77:24:2e:4d:4b:23:fb:83:39:0e:be:ac:9e:ed:a9:
         d6:82:02:11:a5:1c:12:ce:f0:9c:a1:86:5b:ce:79:a8:af:f1:
         d6:25:5c:e2:1c:a7:91:92:1a:dc:68:30:01:58:34:65:35:35:
         84:c8:c0:18:07:19:27:b0:28:36:8a:f6:ca:98:8b:18:8d:c7:
         c1:b1:bb:a5:fb:2b:67:77:1b:ab:86:ae:86:95:91:0c:94:70:
         cf:3d:3e:a4:a9:94:0a:29:fc:e8:42:e6:c5:32:45:92:b6:89:
         18:bb:02:b4:d4:1f:0e:39:0c:62:53:72:87:e4:dc:17:bd:fa:
         73:41:62:ac:33:23:31:3c:bf:a0:5a:5f:7f:86:77:07:39:28:
         a0:f5:75:de:84:2f:e7:db:62:fd:b6:b4:e1:34:12:0a:5d:9e:
         41:6b:d1:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtyvCyxcuz782WdCQEY/DMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhODI3Yjk1NTZkNTQwZGE1MzZiODA0NmM2NWZmOTViMDZl
ZTQ5NjMwHhcNMjMwMTAxMTQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI0YzE0N2JjNjg2MzZmYWQ3NWQ5NjI0OTBhYWNlNjQ5MjY2NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAialNlUmmZi9QVNhdn7yknG/ZaznU
cNOk2s7ssqDMyFEvWZC+s3vgpJlwurpb9OqXoyvUSfN9cHx7BArfXhx8EWzT7sVn
qZeoQ6UGr2R/QyQ6cGAIK8a9jpWGeDk3+u19BPdAIYH8tTUjQLLfuOnyxGHb92Lo
LphbnRmjXMF1oDGzrUiJFcPqdo/zd9m+K+HNYfZo9uJahZMptM5yhzf8h3i0XJaw
ZH+KHyZP0BCw47i1G4hUfwObU6MPjBOFaTzA6pFJ5AHFSTrGoE54XSqsXEriB2FA
n2Uzm7mkGjA4yaBzOF/WUpLRlYRng+aRKdOsRZ1YS9u/iibpjImtutHv2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAm0wUe8aGNvrXXZYkkKrOZJJmQuMB8GA1UdIwQY
MBaAFOqCe5VW1UDaU2uARsZf+VsG7kljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNm9KN2xWYlZRTnBUYTRCR3hsXzVXd2J1U1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MDEyYTQtM2Q1OC00ZGQwLTgwYjQt
YmUzMTdiNTMxYzJlLzEvQ2JUQlI3eG9ZMi10ZGRsaVNRcXM1a2ttWkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MDEyYTQtM2Q1OC00ZGQwLTgwYjQtYmUzMTdiNTMxYzJl
LzEvNm9KN2xWYlZRTnBUYTRCR3hsXzVXd2J1U1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEyQAwQD
pCiwMA0EAgACMAcDBQAqAB0oMA0GCSqGSIb3DQEBCwUAA4IBAQB3LMHXWkCJYqD4
lw5T/Yf/XaGbgR1nk4ytI7RCdN9NKV1GIRhlz0HnWWYkjjUykNfUHd1vyfSqltvC
0ovI2wEo/Ph3VPwglQ8fbNNn/WVTpoVcnKCVRuusv8QsGcB3JC5NSyP7gzkOvqye
7anWggIRpRwSzvCcoYZbznmor/HWJVziHKeRkhrcaDABWDRlNTWEyMAYBxknsCg2
ivbKmIsYjcfBsbul+ytndxurhq6GlZEMlHDPPT6kqZQKKfzoQubFMkWStokYuwK0
1B8OOQxiU3KH5NwXvfpzQWKsMyMxPL+gWl9/hncHOSig9XXehC/n22L9trThNBIK
XZ5Ba9Fx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org