Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/7l0Udfm4Wc7ywTvo3ZjhvPfI374.roa
File:                     7l0Udfm4Wc7ywTvo3ZjhvPfI374.roa (raw, json)
Hash identifier:          wQyeyiak/lod68VzeYEnmcw3C0MJOCz3z0LWjGgRYco=
Subject key identifier:   EE:5D:14:75:F9:B8:59:CE:F2:C1:3B:E8:DD:98:E1:BC:F7:C8:DF:BE
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       01856FCB8A53C78AC408C331DFEE46D352F9
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/7l0Udfm4Wc7ywTvo3ZjhvPfI374.roa
Signing time:             Mon 02 Jan 2023 00:04:48 +0000
ROA not before:           Mon 02 Jan 2023 00:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58079
IP address blocks:        95.158.153.0/24 maxlen: 24
                          46.35.180.0/23 maxlen: 24
                          46.35.184.0/22 maxlen: 24
                          46.35.188.0/22 maxlen: 24
                          95.158.184.0/22 maxlen: 24
                          93.152.243.0/24 maxlen: 24
                          93.152.242.0/24 maxlen: 24
                          93.152.241.0/24 maxlen: 24
                          93.152.245.0/24 maxlen: 24
                          93.152.244.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:8a:53:c7:8a:c4:08:c3:31:df:ee:46:d3:52:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Jan  2 00:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee5d1475f9b859cef2c13be8dd98e1bcf7c8dfbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4a:a8:b7:aa:89:ae:f2:2d:76:96:f0:e0:1c:
                    7a:1d:b2:ec:f4:91:22:b8:1e:54:a4:89:cb:23:0c:
                    9e:ff:7d:a8:ba:96:c5:e2:7b:1c:4e:a0:a0:c2:15:
                    14:9e:49:5b:64:6d:77:46:eb:6b:70:59:a7:50:59:
                    69:69:8e:95:44:56:65:25:fe:13:5f:29:fd:70:79:
                    4d:c9:eb:42:74:68:fc:bf:51:ff:02:71:f2:c1:81:
                    0d:e3:3b:dc:46:bd:39:a8:6b:4c:6b:1a:0a:c7:eb:
                    7a:90:02:5f:79:14:d1:bb:17:1a:b9:26:e7:43:ca:
                    b2:65:66:e1:6b:77:89:58:e7:53:38:1f:4a:d9:0d:
                    27:c8:a2:7d:90:87:59:07:9c:0f:23:70:8d:ed:43:
                    71:5c:d9:19:eb:87:72:f9:45:70:46:4d:e2:ee:97:
                    ca:27:92:58:29:99:c3:52:e1:c6:4e:a6:2e:f0:ca:
                    a0:84:30:6e:6a:c4:49:5d:e6:2f:b3:36:ba:63:8f:
                    47:1e:59:8c:92:b7:07:05:ca:05:09:66:5f:da:6c:
                    01:e1:20:fb:fa:1a:99:3c:00:46:39:1a:88:41:25:
                    12:28:76:2e:1c:e3:aa:82:c5:ae:34:80:d4:51:0b:
                    3f:b2:fe:a7:3d:97:c2:1e:df:d0:64:72:93:19:6d:
                    2a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:5D:14:75:F9:B8:59:CE:F2:C1:3B:E8:DD:98:E1:BC:F7:C8:DF:BE
            X509v3 Authority Key Identifier:
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/7l0Udfm4Wc7ywTvo3ZjhvPfI374.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.35.180.0/23
                  46.35.184.0/21
                  93.152.241.0-93.152.245.255
                  95.158.153.0/24
                  95.158.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c5:94:56:f8:28:0c:ab:b1:d0:64:b2:3c:78:b9:97:76:30:49:
         5c:76:a8:08:da:c1:1b:33:df:cc:7e:42:e0:d7:8b:b9:0a:5e:
         61:50:74:b1:3d:9a:17:b4:61:51:2f:35:30:44:f3:a3:e0:31:
         89:2e:a7:a1:90:66:ca:f6:c2:1b:a0:23:70:5b:fc:7f:9b:3c:
         b7:58:25:4f:47:44:6e:ca:3e:9b:0d:9a:cd:bb:ba:8d:42:a3:
         21:a4:34:0b:24:e5:9e:22:c7:96:5b:9d:91:cc:41:0c:20:e2:
         4a:eb:92:e0:e5:fd:0a:1c:47:4a:52:40:69:f6:13:e5:00:e0:
         f6:8f:6e:2c:4d:57:da:ef:5f:22:d4:a6:28:71:60:90:10:eb:
         18:90:f6:79:b7:15:b6:4f:fd:24:72:39:36:14:e0:b1:f9:e5:
         c5:26:da:9c:db:6d:2f:0a:8d:78:36:19:06:76:bd:92:e1:72:
         77:75:d5:71:46:91:60:b9:8b:20:de:19:4a:e7:ba:2f:a8:8d:
         5d:5c:91:fe:90:5d:3f:54:f4:b1:32:d4:09:bb:e6:09:7c:61:
         f2:15:6f:05:96:1e:62:56:e2:f0:89:bd:71:e0:0d:d3:44:ec:
         40:4d:db:5e:0c:fa:2f:b8:83:3b:48:f3:de:3d:91:70:8b:7c:
         5b:14:be:60
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvy4pTx4rECMMx3+5G01L5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTVkMTQ3NWY5Yjg1OWNlZjJjMTNiZThkZDk4ZTFiY2Y3YzhkZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0qot6qJrvItdpbw4Bx6HbLs9JEi
uB5UpInLIwye/32oupbF4nscTqCgwhUUnklbZG13RutrcFmnUFlpaY6VRFZlJf4T
Xyn9cHlNyetCdGj8v1H/AnHywYEN4zvcRr05qGtMaxoKx+t6kAJfeRTRuxcauSbn
Q8qyZWbha3eJWOdTOB9K2Q0nyKJ9kIdZB5wPI3CN7UNxXNkZ64dy+UVwRk3i7pfK
J5JYKZnDUuHGTqYu8MqghDBuasRJXeYvsza6Y49HHlmMkrcHBcoFCWZf2mwB4SD7
+hqZPABGORqIQSUSKHYuHOOqgsWuNIDUUQs/sv6nPZfCHt/QZHKTGW0qKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFO5dFHX5uFnO8sE76N2Y4bz3yN++MB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvN2wwVWRmbTRXYzd5d1R2bzNaamh2UGZJMzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBLiO0AwQD
LiO4MAwDBABdmPEDBAFdmPQDBABfnpkDBAJfnrgwDQYJKoZIhvcNAQELBQADggEB
AMWUVvgoDKux0GSyPHi5l3YwSVx2qAjawRsz38x+QuDXi7kKXmFQdLE9mhe0YVEv
NTBE86PgMYkup6GQZsr2whugI3Bb/H+bPLdYJU9HRG7KPpsNms27uo1CoyGkNAsk
5Z4ix5ZbnZHMQQwg4krrkuDl/QocR0pSQGn2E+UA4PaPbixNV9rvXyLUpihxYJAQ
6xiQ9nm3FbZP/SRyOTYU4LH55cUm2pzbbS8KjXg2GQZ2vZLhcnd11XFGkWC5iyDe
GUrnui+ojV1ckf6QXT9U9LEy1Am75gl8YfIVbwWWHmJW4vCJvXHgDdNE7EBN214M
+i+4gztI8949kXCLfFsUvmA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:24 2024 by rpki-client on console-fra.rpki-client.org