Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/EUA9pPiKf-2tJZrCtrKavtreMjE.roa
File:                     EUA9pPiKf-2tJZrCtrKavtreMjE.roa (raw, json)
Hash identifier:          95iU1LhN2XoxEdRFcsWL6ILNE5EilP2lGVmAblo7w5c=
Subject key identifier:   11:40:3D:A4:F8:8A:7F:ED:AD:25:9A:C2:B6:B2:9A:BE:DA:DE:32:31
Certificate issuer:       /CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Certificate serial:       018B46F8686B033827732F56867922C8752C
Authority key identifier: 71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/EUA9pPiKf-2tJZrCtrKavtreMjE.roa
Signing time:             Thu 19 Oct 2023 08:06:06 +0000
ROA not before:           Thu 19 Oct 2023 08:06:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19905
IP address blocks:        152.89.172.0/24 maxlen: 24
                          2a09:35c0:102::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 26 Oct 2023 07:53:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:46:f8:68:6b:03:38:27:73:2f:56:86:79:22:c8:75:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
        Validity
            Not Before: Oct 19 08:06:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=11403da4f88a7fedad259ac2b6b29abedade3231
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:7b:8e:da:8b:ee:f0:61:f4:1d:b8:93:c9:49:
                    79:ed:dd:b0:20:e7:67:9f:57:dc:9f:11:1c:e1:5b:
                    f6:7c:9f:88:ae:81:99:e3:61:b0:25:bf:44:74:2a:
                    da:19:fd:bf:a6:fc:27:29:3b:27:40:be:23:b0:ef:
                    e4:19:49:56:ec:f2:15:67:50:ad:f0:ee:90:7d:89:
                    19:16:9a:7e:85:89:50:12:b3:b1:d4:ed:f1:45:67:
                    12:59:e7:56:50:51:e2:8a:1d:2c:c2:59:81:b9:0f:
                    94:f7:3a:1f:a1:ca:30:41:54:bd:e7:d2:af:1e:52:
                    2b:b5:3b:53:b5:cb:5f:a7:7e:c7:79:e2:a3:3b:e1:
                    65:08:bb:1a:ee:64:dc:fe:c6:b0:58:ec:cf:b1:bc:
                    64:32:df:1b:ce:9b:82:b3:67:13:ae:56:87:9c:af:
                    78:32:7f:ca:60:32:de:e7:f3:42:a2:d8:cc:92:be:
                    3a:a2:95:ce:99:ac:6c:09:5d:c3:d4:07:f4:19:65:
                    cb:2b:03:ed:9b:ce:2f:5b:fe:c8:ca:63:12:0b:42:
                    4a:57:da:e8:2d:90:eb:0e:42:64:0a:b2:46:95:21:
                    1d:f1:b2:47:22:3e:ec:14:61:7e:bc:ad:9c:96:c7:
                    a1:af:b8:3c:7b:2d:e2:c8:a8:00:33:9b:bb:74:46:
                    8a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:40:3D:A4:F8:8A:7F:ED:AD:25:9A:C2:B6:B2:9A:BE:DA:DE:32:31
            X509v3 Authority Key Identifier:
                keyid:71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/EUA9pPiKf-2tJZrCtrKavtreMjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/cQUbDizppMnmEh6YPRZf6rh-w1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.172.0/24
                IPv6:
                  2a09:35c0:102::/48

    Signature Algorithm: sha256WithRSAEncryption
         9a:29:60:ca:46:15:46:10:8c:da:70:58:6d:24:13:10:ce:04:
         dd:b5:7c:75:1f:0c:3c:2c:a1:4d:cb:d4:66:2f:39:11:cc:12:
         0d:81:28:34:71:79:aa:ff:b3:5b:9d:a6:d3:91:d1:68:7a:b2:
         10:24:cd:38:1c:0d:b1:87:41:d0:9a:a8:87:ff:7a:0a:8e:1a:
         97:48:bf:ad:6d:66:2b:33:e2:57:0a:60:93:da:11:78:04:97:
         80:2e:fc:9c:ea:72:8b:ff:75:91:0a:52:4f:91:b3:6a:de:d3:
         85:e3:aa:23:36:c6:4a:61:7b:f6:03:d7:d8:22:be:38:ca:39:
         9d:2d:0a:4f:ce:48:73:44:8f:24:c2:68:cc:63:25:8e:18:73:
         22:d8:eb:6f:57:1c:28:ac:d4:68:69:77:3c:90:65:22:98:69:
         43:73:1e:22:bc:81:d7:9c:e8:1e:fa:98:7c:22:ba:76:e5:da:
         09:9d:2b:11:63:66:1d:47:d3:f2:a6:62:c6:5c:54:cc:25:4f:
         6d:22:55:92:a5:9c:20:e9:e6:d4:84:e8:43:b0:59:40:3b:0e:
         5b:ec:b8:a6:15:59:57:18:99:31:96:86:80:9e:1c:5d:d3:a0:
         90:98:d4:00:76:f5:36:e8:a8:c1:0d:13:4f:a4:6f:8f:1a:99:
         dd:23:6b:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtG+GhrAzgncy9WhnkiyHUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDUxYjBlMmNlOWE0YzllNjEyMWU5ODNkMTY1ZmVhYjg3
ZWMzNTQwHhcNMjMxMDE5MDgwNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTQwM2RhNGY4OGE3ZmVkYWQyNTlhYzJiNmIyOWFiZWRhZGUzMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3uO2ovu8GH0HbiTyUl57d2wIOdn
n1fcnxEc4Vv2fJ+IroGZ42GwJb9EdCraGf2/pvwnKTsnQL4jsO/kGUlW7PIVZ1Ct
8O6QfYkZFpp+hYlQErOx1O3xRWcSWedWUFHiih0swlmBuQ+U9zofocowQVS959Kv
HlIrtTtTtctfp37HeeKjO+FlCLsa7mTc/sawWOzPsbxkMt8bzpuCs2cTrlaHnK94
Mn/KYDLe5/NCotjMkr46opXOmaxsCV3D1Af0GWXLKwPtm84vW/7IymMSC0JKV9ro
LZDrDkJkCrJGlSEd8bJHIj7sFGF+vK2clsehr7g8ey3iyKgAM5u7dEaKlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBFAPaT4in/trSWawraymr7a3jIxMB8GA1UdIwQY
MBaAFHEFGw4s6aTJ5hIemD0WX+q4fsNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAt
NzM2YWI4MzQ5NGFjLzEvRVVBOXBQaUtmLTJ0SlpyQ3RyS2F2dHJlTWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAtNzM2YWI4MzQ5NGFj
LzEvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAmFmsMA8E
AgACMAkDBwAqCTXAAQIwDQYJKoZIhvcNAQELBQADggEBAJopYMpGFUYQjNpwWG0k
ExDOBN21fHUfDDwsoU3L1GYvORHMEg2BKDRxear/s1udptOR0Wh6shAkzTgcDbGH
QdCaqIf/egqOGpdIv61tZisz4lcKYJPaEXgEl4Au/Jzqcov/dZEKUk+Rs2re04Xj
qiM2xkphe/YD19givjjKOZ0tCk/OSHNEjyTCaMxjJY4YcyLY629XHCis1GhpdzyQ
ZSKYaUNzHiK8gdec6B76mHwiunbl2gmdKxFjZh1H0/KmYsZcVMwlT20iVZKlnCDp
5tSE6EOwWUA7DlvsuKYVWVcYmTGWhoCeHF3ToJCY1AB29TboqMENE0+kb48amd0j
ayQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:54 2024 by rpki-client on console-ams.rpki-client.org