Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/eP-dUI8zS99o85D5Zit3Dbp0n5M.roa
File:                     eP-dUI8zS99o85D5Zit3Dbp0n5M.roa (raw, json)
Hash identifier:          AYpzivHcQkz7Cjl0U/RYOf9OW+kM79wHFJNgxm0NLuw=
Subject key identifier:   78:FF:9D:50:8F:33:4B:DF:68:F3:90:F9:66:2B:77:0D:BA:74:9F:93
Certificate issuer:       /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial:       018572BA546A2DCF5342303E411F5D3460C7
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/eP-dUI8zS99o85D5Zit3Dbp0n5M.roa
Signing time:             Mon 02 Jan 2023 13:44:51 +0000
ROA not before:           Mon 02 Jan 2023 13:44:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8423
IP address blocks:        91.207.124.0/23 maxlen: 24
                          78.31.128.0/21 maxlen: 24
                          91.200.96.0/22 maxlen: 24
                          176.118.184.0/22 maxlen: 24
                          91.223.45.0/24 maxlen: 24
                          195.225.84.0/22 maxlen: 24
                          2a0d:ca47:862::/48 maxlen: 48
                          2001:67c:44::/48 maxlen: 48
                          2a0d:ca40::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:54:6a:2d:cf:53:42:30:3e:41:1f:5d:34:60:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
        Validity
            Not Before: Jan  2 13:44:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=78ff9d508f334bdf68f390f9662b770dba749f93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ed:1c:1c:85:af:61:a1:4b:5e:10:fd:65:c1:
                    d3:76:13:32:3e:35:97:2d:09:86:7e:62:cc:5a:03:
                    33:18:f4:09:48:1d:ca:33:0a:d0:ff:4d:0d:87:81:
                    49:40:5f:c5:ef:43:19:72:fd:a9:79:f9:f1:fa:f3:
                    65:57:90:9c:88:ac:69:cd:19:1a:cb:b6:65:29:a9:
                    b5:33:a0:47:9d:c6:a8:2a:c1:f2:85:58:a0:b6:16:
                    39:36:39:3d:1f:b3:6e:13:4d:f0:ee:f3:e3:84:a2:
                    b3:fd:3b:f2:16:c5:14:9b:53:95:85:8b:31:fc:2b:
                    d1:67:bc:b7:41:af:ef:96:1c:c4:5e:43:92:a3:0c:
                    27:16:aa:35:34:bf:a5:60:6f:b7:c5:ab:74:ff:2f:
                    71:a4:fd:39:f6:b0:26:9d:12:82:ec:87:12:81:e0:
                    c1:db:64:5c:e8:0c:4d:5f:fe:a6:4f:a2:32:39:64:
                    8d:3f:83:d4:a2:31:ae:db:7f:9b:29:88:d2:61:04:
                    fc:59:12:28:2b:49:91:1b:7d:c8:98:fb:14:cd:cc:
                    a8:89:29:6a:39:56:28:ce:b7:5d:c7:02:76:36:96:
                    4e:bc:ff:34:28:83:aa:da:f2:7a:d5:c9:35:08:e9:
                    53:f3:82:22:a3:b1:8e:30:de:fd:1d:69:c2:25:f3:
                    a3:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:FF:9D:50:8F:33:4B:DF:68:F3:90:F9:66:2B:77:0D:BA:74:9F:93
            X509v3 Authority Key Identifier:
                keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/eP-dUI8zS99o85D5Zit3Dbp0n5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.31.128.0/21
                  91.200.96.0/22
                  91.207.124.0/23
                  91.223.45.0/24
                  176.118.184.0/22
                  195.225.84.0/22
                IPv6:
                  2001:67c:44::/48
                  2a0d:ca40::/29

    Signature Algorithm: sha256WithRSAEncryption
         8a:50:66:65:a3:65:4b:9d:46:33:ab:b7:d3:81:d3:34:df:cc:
         b1:a2:fd:26:95:cf:02:b5:44:3c:cf:54:10:f2:98:fa:02:86:
         9e:1c:9d:f8:6a:b8:80:50:a7:8d:2d:b8:2e:71:fe:5a:39:28:
         05:1a:75:06:f2:b4:da:12:66:9d:18:e4:31:4a:76:95:67:22:
         62:43:6a:9f:27:9c:26:89:08:e5:e8:b8:f8:c8:ba:a9:22:69:
         4f:1f:e8:67:0c:9e:70:30:23:04:d8:f3:42:b6:a9:3f:ec:14:
         df:65:5c:ca:48:77:ce:5e:1a:74:e0:52:bb:f0:0c:dc:7a:c3:
         18:66:28:ee:8d:3e:26:35:87:e9:4c:93:e9:69:d9:5d:56:16:
         53:0e:7c:06:e6:dd:1b:17:c9:64:3c:fb:9c:dc:64:e8:83:33:
         e7:6f:a1:c0:d1:c8:cc:3b:85:2d:d8:ae:7f:c9:e1:6a:91:8c:
         0c:03:2b:03:66:f2:68:42:e6:52:8a:4c:8f:7d:52:b5:0a:0a:
         5e:c4:1a:77:93:88:db:fc:8d:6f:0e:09:95:e8:59:47:80:9d:
         43:86:e4:f4:94:7e:31:58:d1:f7:1b:bb:15:52:78:a3:d7:ad:
         27:c0:83:98:3d:25:20:33:49:16:95:ae:8e:d4:4d:ab:5c:53:
         4e:e5:72:16
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVyulRqLc9TQjA+QR9dNGDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjMwMTAyMTM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGZmOWQ1MDhmMzM0YmRmNjhmMzkwZjk2NjJiNzcwZGJhNzQ5ZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu0cHIWvYaFLXhD9ZcHTdhMyPjWX
LQmGfmLMWgMzGPQJSB3KMwrQ/00Nh4FJQF/F70MZcv2pefnx+vNlV5CciKxpzRka
y7ZlKam1M6BHncaoKsHyhVigthY5Njk9H7NuE03w7vPjhKKz/TvyFsUUm1OVhYsx
/CvRZ7y3Qa/vlhzEXkOSowwnFqo1NL+lYG+3xat0/y9xpP059rAmnRKC7IcSgeDB
22Rc6AxNX/6mT6IyOWSNP4PUojGu23+bKYjSYQT8WRIoK0mRG33ImPsUzcyoiSlq
OVYozrddxwJ2NpZOvP80KIOq2vJ61ck1COlT84Iio7GOMN79HWnCJfOj/QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHj/nVCPM0vfaPOQ+WYrdw26dJ+TMB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvZVAtZFVJOHpTOTlvODVENVppdDNEYnAwbjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQDTh+AAwQC
W8hgAwQBW898AwQAW98tAwQCsHa4AwQCw+FUMBYEAgACMBADBwAgAQZ8AEQDBQMq
DcpAMA0GCSqGSIb3DQEBCwUAA4IBAQCKUGZlo2VLnUYzq7fTgdM038yxov0mlc8C
tUQ8z1QQ8pj6AoaeHJ34ariAUKeNLbgucf5aOSgFGnUG8rTaEmadGOQxSnaVZyJi
Q2qfJ5wmiQjl6Lj4yLqpImlPH+hnDJ5wMCME2PNCtqk/7BTfZVzKSHfOXhp04FK7
8AzcesMYZijujT4mNYfpTJPpadldVhZTDnwG5t0bF8lkPPuc3GTogzPnb6HA0cjM
O4Ut2K5/yeFqkYwMAysDZvJoQuZSikyPfVK1CgpexBp3k4jb/I1vDgmV6FlHgJ1D
huT0lH4xWNH3G7sVUnij160nwIOYPSUgM0kWla6O1E2rXFNO5XIW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:04 2024 by rpki-client on console-fra.rpki-client.org