Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/cv_AErV6F3a-kJdDqEEQ_K2Edgo.roa
File:                     cv_AErV6F3a-kJdDqEEQ_K2Edgo.roa (raw, json)
Hash identifier:          7jhPvZJkEIFkKL8boD+QdM4cQmqWRcYrJDnBjqG749U=
Subject key identifier:   72:FF:C0:12:B5:7A:17:76:BE:90:97:43:A8:41:10:FC:AD:84:76:0A
Certificate issuer:       /CN=57c1fe8083646749816ad3fa64098345fb61e9f5
Certificate serial:       018CC6B7AAA6AE25A5A8C0F8AB9B6FEC95DB
Authority key identifier: 57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/cv_AErV6F3a-kJdDqEEQ_K2Edgo.roa
Signing time:             Mon 01 Jan 2024 20:29:34 +0000
ROA not before:           Mon 01 Jan 2024 20:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57099
IP address blocks:        164.138.80.0/21 maxlen: 21
                          146.255.104.0/21 maxlen: 21
                          185.16.224.0/22 maxlen: 22
                          185.47.216.0/24 maxlen: 24
                          185.47.217.0/24 maxlen: 24
                          185.47.218.0/24 maxlen: 24
                          185.47.219.0/24 maxlen: 24
                          91.229.222.0/24 maxlen: 24
                          91.229.223.0/24 maxlen: 24
                          185.56.40.0/24 maxlen: 24
                          185.56.41.0/24 maxlen: 24
                          185.56.42.0/24 maxlen: 24
                          185.56.43.0/24 maxlen: 24
                          2a04:d840::/29 maxlen: 29
                          2a04:3c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 09 Oct 2024 11:11:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:aa:a6:ae:25:a5:a8:c0:f8:ab:9b:6f:ec:95:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57c1fe8083646749816ad3fa64098345fb61e9f5
        Validity
            Not Before: Jan  1 20:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=72ffc012b57a1776be909743a84110fcad84760a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:78:3b:9e:36:eb:77:30:bb:d1:f1:f2:fb:c2:
                    63:bc:a2:14:ce:36:dc:a6:92:ad:36:8e:0b:dc:cd:
                    18:aa:7b:44:7b:1d:bd:2c:8d:9f:85:19:3a:fd:a5:
                    0b:50:83:98:90:d0:5b:6e:25:e6:1f:36:16:f0:02:
                    17:0f:01:67:5d:07:53:bc:6f:bf:2a:a9:07:a1:8e:
                    6f:3c:f6:c3:da:67:a3:2d:3f:03:3b:2f:d9:f1:c2:
                    21:f5:ff:52:b9:ac:13:5b:10:e3:05:3e:c6:87:60:
                    b7:09:d5:56:e1:51:4f:70:ac:57:51:f1:c4:a5:41:
                    eb:79:5d:6c:b3:91:b5:7f:20:6c:09:45:e6:fa:0c:
                    16:93:66:78:63:1e:5a:f7:13:77:2d:30:d4:ea:e5:
                    1c:8c:ef:d0:97:75:cd:67:19:2b:67:10:5f:46:4f:
                    c3:3b:69:8d:a4:09:58:db:08:a8:50:22:e7:5b:43:
                    93:e6:a9:9d:65:b4:45:0c:e3:46:b5:b8:f6:c0:ad:
                    6b:b2:1a:d7:1f:aa:6d:05:58:ae:64:9f:0e:3d:49:
                    09:0f:39:2a:39:05:ed:e1:83:dd:66:4c:02:0a:08:
                    59:6f:38:6d:3f:26:83:13:f4:e8:53:d8:29:12:53:
                    ca:82:1e:6f:9d:f4:c1:6c:13:20:10:11:36:4f:2d:
                    23:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:FF:C0:12:B5:7A:17:76:BE:90:97:43:A8:41:10:FC:AD:84:76:0A
            X509v3 Authority Key Identifier:
                keyid:57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/cv_AErV6F3a-kJdDqEEQ_K2Edgo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.229.222.0/23
                  146.255.104.0/21
                  164.138.80.0/21
                  185.16.224.0/22
                  185.47.216.0/22
                  185.56.40.0/22
                IPv6:
                  2a04:3c0::/29
                  2a04:d840::/29

    Signature Algorithm: sha256WithRSAEncryption
         28:52:4e:e2:21:3e:61:a9:ba:4c:91:5b:2b:f8:70:ac:ea:5b:
         f2:4e:82:15:74:a3:36:66:ee:0a:99:21:71:a1:c2:ab:4d:a6:
         37:c9:eb:15:e1:ad:46:8a:a0:ff:e4:75:9f:04:ef:62:5f:93:
         09:11:33:f5:25:47:25:a6:a2:14:75:c5:c2:cb:14:5f:b7:2a:
         b3:bb:d4:73:dc:73:b4:78:4e:6c:6e:6b:db:cd:60:53:f4:e4:
         41:91:6d:c1:c9:4b:f6:a0:de:3d:5c:88:6b:a7:e0:8e:a9:9c:
         7a:d3:fb:fa:a4:6f:5e:25:b6:c4:26:1f:05:ce:f4:68:db:35:
         fd:d5:ee:f8:67:9c:77:aa:4c:7d:e3:ac:f6:c2:d8:0e:97:86:
         9b:06:b9:0b:f8:4f:c7:8a:df:af:39:8c:18:57:0b:f0:70:60:
         d9:8c:bd:fd:ca:d6:d7:39:2f:df:61:b7:41:c3:82:da:71:83:
         88:62:41:6c:7d:3a:f4:3a:45:5a:49:0a:38:34:76:52:8a:04:
         31:18:d4:68:23:37:f3:86:2c:ef:d2:e5:c8:cb:79:ae:03:96:
         c8:de:4b:ec:36:73:e0:de:72:c6:d9:9e:53:67:d6:98:81:3a:
         25:6c:5b:ab:a8:0d:e6:de:b5:72:91:a5:64:9c:29:f3:c6:46:
         ee:aa:ec:a3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzGt6qmriWlqMD4q5tv7JXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzFmZTgwODM2NDY3NDk4MTZhZDNmYTY0MDk4MzQ1ZmI2
MWU5ZjUwHhcNMjQwMTAxMjAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZmYzAxMmI1N2ExNzc2YmU5MDk3NDNhODQxMTBmY2FkODQ3NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHg7njbrdzC70fHy+8JjvKIUzjbc
ppKtNo4L3M0YqntEex29LI2fhRk6/aULUIOYkNBbbiXmHzYW8AIXDwFnXQdTvG+/
KqkHoY5vPPbD2mejLT8DOy/Z8cIh9f9SuawTWxDjBT7Gh2C3CdVW4VFPcKxXUfHE
pUHreV1ss5G1fyBsCUXm+gwWk2Z4Yx5a9xN3LTDU6uUcjO/Ql3XNZxkrZxBfRk/D
O2mNpAlY2wioUCLnW0OT5qmdZbRFDONGtbj2wK1rshrXH6ptBViuZJ8OPUkJDzkq
OQXt4YPdZkwCCghZbzhtPyaDE/ToU9gpElPKgh5vnfTBbBMgEBE2Ty0j/QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFHL/wBK1ehd2vpCXQ6hBEPythHYKMB8GA1UdIwQY
MBaAFFfB/oCDZGdJgWrT+mQJg0X7Yen1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhILWdJTmtaMG1CYXRQNlpBbURSZnRoNmZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xYjQ3MDgtZWVmOS00OWRlLWI4ODct
ZjMyMDY5ZWM0ZWU1LzEvY3ZfQUVyVjZGM2Eta0pkRHFFRVFfSzJFZGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xYjQ3MDgtZWVmOS00OWRlLWI4ODctZjMyMDY5ZWM0ZWU1
LzEvVjhILWdJTmtaMG1CYXRQNlpBbURSZnRoNmZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBW+XeAwQD
kv9oAwQDpIpQAwQCuRDgAwQCuS/YAwQCuTgoMBQEAgACMA4DBQMqBAPAAwUDKgTY
QDANBgkqhkiG9w0BAQsFAAOCAQEAKFJO4iE+Yam6TJFbK/hwrOpb8k6CFXSjNmbu
CpkhcaHCq02mN8nrFeGtRoqg/+R1nwTvYl+TCREz9SVHJaaiFHXFwssUX7cqs7vU
c9xztHhObG5r281gU/TkQZFtwclL9qDePVyIa6fgjqmcetP7+qRvXiW2xCYfBc70
aNs1/dXu+Gecd6pMfeOs9sLYDpeGmwa5C/hPx4rfrzmMGFcL8HBg2Yy9/crW1zkv
32G3QcOC2nGDiGJBbH069DpFWkkKODR2UooEMRjUaCM384Ys79LlyMt5rgOWyN5L
7DZz4N5yxtmeU2fWmIE6JWxbq6gN5t61cpGlZJwp88ZG7qrsow==
-----END CERTIFICATE-----
Generated at Wed Oct 9 14:50:25 2024 by rpki-client on console-ams.rpki-client.org