Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/hPg2ldm2zqO08QCSZTI4oJyCWA8.roa
File:                     hPg2ldm2zqO08QCSZTI4oJyCWA8.roa (raw, json)
Hash identifier:          U5aWtRa/a+oDfwoZmyOQegiuLXGwepe5yoo/dtcaQxY=
Subject key identifier:   84:F8:36:95:D9:B6:CE:A3:B4:F1:00:92:65:32:38:A0:9C:82:58:0F
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       01889ED754E68383C6F43C254AF49FE5F921
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/hPg2ldm2zqO08QCSZTI4oJyCWA8.roa
Signing time:             Fri 09 Jun 2023 06:28:11 +0000
ROA not before:           Fri 09 Jun 2023 06:28:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.22.59.0/24 maxlen: 24
                          147.185.162.0/24 maxlen: 24
                          195.14.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Jun 2023 16:19:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:9e:d7:54:e6:83:83:c6:f4:3c:25:4a:f4:9f:e5:f9:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Jun  9 06:28:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84f83695d9b6cea3b4f10092653238a09c82580f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:6c:21:70:5c:7b:1b:79:12:30:f5:c0:c4:7f:
                    0f:0c:4f:fe:09:ce:3c:d7:a2:a8:59:e3:98:0b:0d:
                    2f:1a:32:6b:3f:b6:2c:0d:5e:17:22:27:10:00:1e:
                    c5:53:91:03:a2:11:17:2d:c7:44:bf:19:d8:0c:20:
                    e4:72:c6:f1:de:a7:0c:fe:64:4e:a6:8e:ce:2d:2c:
                    7a:ab:e0:18:57:0d:c8:f1:43:c5:4e:b2:da:80:4a:
                    8c:ac:e3:cf:0f:cd:79:33:3e:fa:42:3d:aa:28:c9:
                    b4:0a:92:c6:7b:c6:42:7e:6a:2d:7c:68:44:67:0c:
                    3c:cc:7d:dd:af:ab:3d:c0:be:be:14:18:75:1d:bf:
                    a3:8a:aa:c6:61:e1:c7:44:c4:0a:2e:36:28:89:d2:
                    cc:37:20:ac:04:65:87:04:d9:85:97:eb:d7:71:9a:
                    53:4e:f8:d5:d6:21:5c:85:a2:37:02:d0:e0:e6:95:
                    40:e2:e1:27:a0:d1:cd:db:fe:17:f4:0d:ee:c2:0e:
                    96:d7:af:14:b7:86:14:93:61:18:12:99:6e:bd:55:
                    a8:ab:42:43:ed:25:b0:6f:85:cb:d8:25:80:b0:39:
                    87:52:f6:6c:56:eb:2a:c1:e5:0a:37:b3:4b:4c:b2:
                    d0:2a:0e:41:36:7a:0d:48:d7:14:c3:29:19:12:e2:
                    64:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F8:36:95:D9:B6:CE:A3:B4:F1:00:92:65:32:38:A0:9C:82:58:0F
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/hPg2ldm2zqO08QCSZTI4oJyCWA8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.185.162.0/24
                  185.22.59.0/24
                  195.14.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:5a:13:e4:cf:f3:8f:d9:ad:c4:18:6c:29:2c:cc:9f:85:f9:
         09:03:61:17:8a:a2:46:5e:d1:e1:6b:56:3b:a6:e4:40:3d:ec:
         d0:4f:c7:35:f9:1f:5a:9c:a9:34:25:31:e6:54:c7:85:fa:38:
         d8:66:8b:af:c5:63:75:19:29:9d:7b:79:69:8b:45:2b:4c:30:
         99:9e:26:7c:52:22:6b:5c:cd:67:ee:8c:84:9d:42:9d:7a:4a:
         79:26:00:f4:9d:19:02:85:a2:47:15:6a:29:5a:d8:64:12:86:
         ae:8b:25:37:26:85:c1:d2:c5:84:99:39:a3:20:c6:ed:5b:25:
         09:3e:5f:16:e3:95:7c:68:cf:ce:f8:8a:7e:f7:f4:1d:b0:3e:
         79:b8:d8:a7:60:8c:42:96:e4:f4:df:ed:55:da:de:3e:62:b0:
         b3:56:67:89:2d:ba:f0:4c:86:82:9a:54:b2:34:c6:7b:59:4b:
         d4:91:75:94:52:66:9d:d3:2e:c2:c1:e4:ed:1c:79:02:d0:f2:
         26:39:c5:06:16:b0:d8:fe:f2:5d:63:c3:71:7d:69:fd:e9:51:
         23:71:4e:f2:ab:39:90:a7:d7:af:2a:b4:14:c0:84:78:19:cb:
         ea:2c:22:15:8a:e9:57:10:3b:9d:3c:b3:1d:c3:69:12:c0:4b:
         e5:f3:bd:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYie11Tmg4PG9DwlSvSf5fkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjMwNjA5MDYyODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY4MzY5NWQ5YjZjZWEzYjRmMTAwOTI2NTMyMzhhMDljODI1ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmwhcFx7G3kSMPXAxH8PDE/+Cc48
16KoWeOYCw0vGjJrP7YsDV4XIicQAB7FU5EDohEXLcdEvxnYDCDkcsbx3qcM/mRO
po7OLSx6q+AYVw3I8UPFTrLagEqMrOPPD815Mz76Qj2qKMm0CpLGe8ZCfmotfGhE
Zww8zH3dr6s9wL6+FBh1Hb+jiqrGYeHHRMQKLjYoidLMNyCsBGWHBNmFl+vXcZpT
TvjV1iFchaI3AtDg5pVA4uEnoNHN2/4X9A3uwg6W168Ut4YUk2EYEpluvVWoq0JD
7SWwb4XL2CWAsDmHUvZsVusqweUKN7NLTLLQKg5BNnoNSNcUwykZEuJkCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIT4NpXZts6jtPEAkmUyOKCcglgPMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvaFBnMmxkbTJ6cU8wOFFDU1pUSTRvSnlDV0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAk7miAwQA
uRY7AwQAww5pMA0GCSqGSIb3DQEBCwUAA4IBAQAyWhPkz/OP2a3EGGwpLMyfhfkJ
A2EXiqJGXtHha1Y7puRAPezQT8c1+R9anKk0JTHmVMeF+jjYZouvxWN1GSmde3lp
i0UrTDCZniZ8UiJrXM1n7oyEnUKdekp5JgD0nRkChaJHFWopWthkEoauiyU3JoXB
0sWEmTmjIMbtWyUJPl8W45V8aM/O+Ip+9/QdsD55uNinYIxCluT03+1V2t4+YrCz
VmeJLbrwTIaCmlSyNMZ7WUvUkXWUUmad0y7CweTtHHkC0PImOcUGFrDY/vJdY8Nx
fWn96VEjcU7yqzmQp9evKrQUwIR4GcvqLCIViulXEDudPLMdw2kSwEvl870l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:47 2024 by rpki-client on console-fra.rpki-client.org