Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/2eLMzvMfaIOl7jWMz7wT8JeazII.roa
File:                     2eLMzvMfaIOl7jWMz7wT8JeazII.roa (raw, json)
Hash identifier:          N9jd5OP7Cg3YdqxRLH+pIOX/ae4RQ/j2Y8zOHbVB/Yo=
Subject key identifier:   D9:E2:CC:CE:F3:1F:68:83:A5:EE:35:8C:CF:BC:13:F0:97:9A:CC:82
Certificate issuer:       /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial:       018A0BADF64E5A02028E10CBECDF00A42492
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/2eLMzvMfaIOl7jWMz7wT8JeazII.roa
Signing time:             Sat 19 Aug 2023 02:44:24 +0000
ROA not before:           Sat 19 Aug 2023 02:44:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210025
IP address blocks:        88.218.204.0/24 maxlen: 24
                          88.218.207.0/24 maxlen: 24
                          2a09:b280:ffba::/48 maxlen: 48
                          2a09:b280:1010::/48 maxlen: 48
                          2a09:b280:1030::/48 maxlen: 48
                          2a09:b280:ffb0::/48 maxlen: 48
                          2a09:b280:1000::/48 maxlen: 48
                          2a09:b280:1020::/48 maxlen: 48
                          2a09:b280:ccc0::/48 maxlen: 48
                          2a09:b280::/48 maxlen: 48
                          2a09:b280:ffbb::/48 maxlen: 48
                          2a09:b280:ffbe::/48 maxlen: 48
                          2a09:b280:ffb9::/48 maxlen: 48
                          2a09:b280:ffbf::/48 maxlen: 48
                          2a09:b280:ffb2::/48 maxlen: 48
                          2a09:b280:ffbd::/48 maxlen: 48
                          2a09:b280:ffb8::/48 maxlen: 48
                          2a09:b280:ccc1::/48 maxlen: 48
                          2a09:b280:ffb1::/48 maxlen: 48
                          2a09:b280:ffbc::/48 maxlen: 48
                          2a09:b280:cccc::/48 maxlen: 48
                          2a09:b280:ffb7::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 19 Aug 2023 12:36:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:0b:ad:f6:4e:5a:02:02:8e:10:cb:ec:df:00:a4:24:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
        Validity
            Not Before: Aug 19 02:44:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9e2cccef31f6883a5ee358ccfbc13f0979acc82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:ee:9f:ee:b8:dc:35:68:d3:b4:66:fb:0f:57:
                    f3:33:6c:fe:e1:1f:f9:fa:d1:14:6d:db:56:00:54:
                    e9:8a:65:4a:42:cd:31:66:d6:04:b1:77:2e:32:9f:
                    7a:17:3d:e0:6a:03:b3:36:f8:d5:82:85:cd:f7:22:
                    8b:e2:34:b2:7e:2e:6f:5c:b5:c8:b9:69:17:36:50:
                    92:4f:ff:c5:06:b3:ca:a4:b6:b7:33:7e:a2:12:27:
                    39:86:f2:22:77:f9:6b:f7:8b:51:09:9f:42:f4:3b:
                    1d:39:eb:60:85:47:2e:98:6e:96:4b:e4:2b:cb:25:
                    c3:fb:e0:f1:d6:9a:5b:de:59:fd:33:43:2e:3d:20:
                    71:a1:46:1d:fc:14:5c:28:66:d6:31:59:43:fb:3a:
                    46:d0:98:7e:0e:d7:85:1b:dc:2f:53:03:ef:87:ed:
                    95:61:6a:32:fb:5e:65:20:76:20:2f:cd:da:96:7d:
                    e2:54:04:68:c9:59:bc:10:8a:24:56:db:3b:ec:c8:
                    72:62:63:64:6e:d0:a4:4a:a9:74:10:84:2c:34:f1:
                    96:7b:a8:ac:25:87:c4:70:2b:1a:01:ad:82:a9:b9:
                    46:7e:da:ec:06:30:df:76:2e:d8:ae:be:5e:26:3b:
                    03:60:eb:db:0f:f4:3f:73:86:69:c6:bb:15:a0:04:
                    61:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:E2:CC:CE:F3:1F:68:83:A5:EE:35:8C:CF:BC:13:F0:97:9A:CC:82
            X509v3 Authority Key Identifier:
                keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/2eLMzvMfaIOl7jWMz7wT8JeazII.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.204.0/24
                  88.218.207.0/24
                IPv6:
                  2a09:b280::/48
                  2a09:b280:1000::/48
                  2a09:b280:1010::/48
                  2a09:b280:1020::/48
                  2a09:b280:1030::/48
                  2a09:b280:ccc0::/47
                  2a09:b280:cccc::/48
                  2a09:b280:ffb0::-2a09:b280:ffb2:ffff:ffff:ffff:ffff:ffff
                  2a09:b280:ffb7::-2a09:b280:ffbf:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         8d:4d:78:d0:62:a0:ef:57:88:03:61:20:3b:e3:0b:54:33:b9:
         7c:0d:50:90:af:07:8c:24:29:c7:eb:31:ed:6e:3e:31:35:be:
         ae:dc:22:1a:79:27:8a:82:fc:a2:1d:2c:67:3e:11:08:33:56:
         e4:6b:31:21:d0:05:54:d2:38:09:a4:42:ca:ba:ac:d1:a0:5e:
         a9:72:9e:c7:39:d5:fe:71:21:1a:97:b2:59:26:ce:46:90:11:
         38:0f:a1:21:5d:90:35:96:c2:dc:5c:05:74:f2:2b:27:c2:d7:
         33:8d:72:aa:cc:67:ae:e9:e0:99:9f:75:66:8c:88:66:41:44:
         28:65:bc:66:48:6e:e0:7b:25:7c:3c:00:7d:e5:7d:4d:85:82:
         83:b5:9b:16:6e:87:e3:63:70:5d:69:d0:c9:87:f9:90:29:8a:
         75:f4:04:92:bb:39:45:26:dd:82:5c:ff:81:0c:4c:72:82:13:
         38:ff:8e:a7:80:6c:ba:b7:cf:a6:d0:a8:f7:35:01:8e:1c:bb:
         e4:00:1c:05:28:4e:23:ce:c6:ea:29:56:6b:bb:7e:09:8e:f6:
         5b:e3:98:8c:1e:10:ef:f1:fa:d3:05:00:a6:9f:e4:1a:a2:e2:
         74:c3:57:dd:ae:4b:d3:6a:47:cb:8a:9d:14:27:11:0e:68:d6:
         4f:5b:c4:69
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYoLrfZOWgICjhDL7N8ApCSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA4ZmI3ODFjYTZkYmQ4MjIxZjJjMmY5NTRhM2E3NDQ2
YjJiNDIwHhcNMjMwODE5MDI0NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWUyY2NjZWYzMWY2ODgzYTVlZTM1OGNjZmJjMTNmMDk3OWFjYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO6f7rjcNWjTtGb7D1fzM2z+4R/5
+tEUbdtWAFTpimVKQs0xZtYEsXcuMp96Fz3gagOzNvjVgoXN9yKL4jSyfi5vXLXI
uWkXNlCST//FBrPKpLa3M36iEic5hvIid/lr94tRCZ9C9DsdOetghUcumG6WS+Qr
yyXD++Dx1ppb3ln9M0MuPSBxoUYd/BRcKGbWMVlD+zpG0Jh+DteFG9wvUwPvh+2V
YWoy+15lIHYgL83aln3iVARoyVm8EIokVts77MhyYmNkbtCkSql0EIQsNPGWe6is
JYfEcCsaAa2CqblGftrsBjDfdi7Yrr5eJjsDYOvbD/Q/c4ZpxrsVoARhJQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFNnizM7zH2iDpe41jM+8E/CXmsyCMB8GA1UdIwQY
MBaAFDJQj7eBym29giHywvlUo6dEaytCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDkt
YzEyMjE4NzY1MTU0LzEvMmVMTXp2TWZhSU9sN2pXTXo3d1Q4SmVheklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDktYzEyMjE4NzY1MTU0
LzEvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzASBAIAATAMAwQAWNrM
AwQAWNrPMG0EAgACMGcDBwAqCbKAAAADBwAqCbKAEAADBwAqCbKAEBADBwAqCbKA
ECADBwAqCbKAEDADBwEqCbKAzMADBwAqCbKAzMwwEgMHBCoJsoD/sAMHACoJsoD/
sjASAwcAKgmygP+3AwcGKgmygP+AMA0GCSqGSIb3DQEBCwUAA4IBAQCNTXjQYqDv
V4gDYSA74wtUM7l8DVCQrweMJCnH6zHtbj4xNb6u3CIaeSeKgvyiHSxnPhEIM1bk
azEh0AVU0jgJpELKuqzRoF6pcp7HOdX+cSEal7JZJs5GkBE4D6EhXZA1lsLcXAV0
8isnwtczjXKqzGeu6eCZn3VmjIhmQUQoZbxmSG7geyV8PAB95X1NhYKDtZsWbofj
Y3BdadDJh/mQKYp19ASSuzlFJt2CXP+BDExyghM4/46ngGy6t8+m0Kj3NQGOHLvk
ABwFKE4jzsbqKVZru34JjvZb45iMHhDv8frTBQCmn+QaouJ0w1fdrkvTakfLip0U
JxEOaNZPW8Rp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org