Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/brekQY2PRseJ9IHGT2hNkWZtRTA.roa
File:                     brekQY2PRseJ9IHGT2hNkWZtRTA.roa (raw, json)
Hash identifier:          y/mH+B3D//vyD6+FHTuz1UXeE+iziljuVP0+ElO1d98=
Subject key identifier:   6E:B7:A4:41:8D:8F:46:C7:89:F4:81:C6:4F:68:4D:91:66:6D:45:30
Certificate issuer:       /CN=e24a32278ce7b4cb205dfccad786014a3b0ae323
Certificate serial:       01856FA7178A306449F395548DDD4DBA1D83
Authority key identifier: E2:4A:32:27:8C:E7:B4:CB:20:5D:FC:CA:D7:86:01:4A:3B:0A:E3:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4koyJ4zntMsgXfzK14YBSjsK4yM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/brekQY2PRseJ9IHGT2hNkWZtRTA.roa
Signing time:             Sun 01 Jan 2023 23:24:59 +0000
ROA not before:           Sun 01 Jan 2023 23:24:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8535
IP address blocks:        80.252.0.0/20 maxlen: 20
                          193.42.228.0/22 maxlen: 22
                          194.149.228.0/22 maxlen: 22
                          2a02:bd8::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a7:17:8a:30:64:49:f3:95:54:8d:dd:4d:ba:1d:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e24a32278ce7b4cb205dfccad786014a3b0ae323
        Validity
            Not Before: Jan  1 23:24:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6eb7a4418d8f46c789f481c64f684d91666d4530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:24:32:bf:0e:f4:6a:b8:b2:36:e5:b3:8f:f0:
                    b8:80:4a:45:6d:f8:41:b5:91:a7:94:9a:08:23:87:
                    37:03:11:67:63:23:ac:95:54:a9:26:fa:03:74:17:
                    bb:92:86:48:d3:38:ff:f6:37:37:bb:cb:51:61:74:
                    37:25:ef:2a:b4:e9:3d:22:de:52:f4:34:b5:e6:a7:
                    da:13:0a:80:58:c7:d9:7c:6d:07:53:7e:23:5c:00:
                    2c:69:85:9f:44:4c:d2:fb:e4:65:1c:4d:31:a8:ee:
                    4f:d9:83:ca:1e:7d:69:26:3a:29:bf:be:f5:e1:1d:
                    3f:4d:80:90:a3:14:68:6c:4f:d7:36:47:ce:db:cf:
                    40:0b:33:12:0f:60:68:7f:f4:88:9d:72:e1:b5:69:
                    fe:aa:6e:86:d1:96:e6:ea:c2:99:81:45:66:49:b1:
                    19:e3:a6:08:6f:f6:09:63:63:32:0c:ec:84:64:ee:
                    e2:eb:a0:1f:03:29:dd:c2:d6:f7:34:e0:97:fe:6d:
                    1f:0a:48:12:03:8f:2c:a8:50:92:1d:0a:d1:34:a1:
                    0b:7f:43:fd:39:bd:34:22:cb:57:e0:70:75:e4:5b:
                    f0:35:63:63:ce:18:a1:63:b7:ff:58:7d:4d:46:78:
                    99:cc:45:12:cb:d6:94:90:6a:fd:bc:7f:20:b0:11:
                    0b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:B7:A4:41:8D:8F:46:C7:89:F4:81:C6:4F:68:4D:91:66:6D:45:30
            X509v3 Authority Key Identifier:
                keyid:E2:4A:32:27:8C:E7:B4:CB:20:5D:FC:CA:D7:86:01:4A:3B:0A:E3:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4koyJ4zntMsgXfzK14YBSjsK4yM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/brekQY2PRseJ9IHGT2hNkWZtRTA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/4koyJ4zntMsgXfzK14YBSjsK4yM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.252.0.0/20
                  193.42.228.0/22
                  194.149.228.0/22
                IPv6:
                  2a02:bd8::/32

    Signature Algorithm: sha256WithRSAEncryption
         5d:36:f0:cf:d8:0e:d2:9f:fd:ef:e4:4f:86:57:ea:87:0f:1f:
         5c:bc:ba:3f:2e:28:4e:66:fa:70:4d:45:5f:37:30:2d:c0:3b:
         aa:66:af:3b:2a:5e:40:40:f7:04:9f:e6:0f:14:fe:4a:ce:80:
         86:b0:b9:6d:81:ce:da:ff:17:f9:9c:49:75:76:d8:b0:e2:aa:
         04:ff:e4:7a:db:22:46:5a:50:09:2e:77:5e:fb:21:fb:6e:1d:
         ce:d2:5d:43:7a:e7:18:bd:ce:82:b3:f6:bf:31:01:fc:ea:54:
         c5:89:71:22:93:cb:d8:c6:1f:64:32:c8:5f:82:95:d2:d4:0a:
         a8:74:be:df:1a:a3:4e:7c:3b:a6:89:0f:8a:dc:76:24:16:a1:
         1a:9b:4d:42:40:cd:2b:76:53:6e:46:8e:db:36:d0:7c:4f:c1:
         2c:a8:60:0b:ce:50:6d:73:91:e0:de:aa:68:38:37:d9:97:63:
         a5:fe:0e:30:7a:df:93:f3:5a:f7:40:c5:dd:96:e4:5e:24:d5:
         43:6a:9e:35:69:70:f2:90:8a:81:e9:80:1f:98:58:ab:57:2a:
         84:e6:d6:e3:08:b5:55:f1:b0:28:a9:17:b4:b4:e5:77:de:e5:
         3c:ae:0a:18:96:37:51:29:3a:1d:7a:78:1f:ec:70:a5:bd:9b:
         98:5e:6a:e0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvpxeKMGRJ85VUjd1Nuh2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGEzMjI3OGNlN2I0Y2IyMDVkZmNjYWQ3ODYwMTRhM2Iw
YWUzMjMwHhcNMjMwMTAxMjMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWI3YTQ0MThkOGY0NmM3ODlmNDgxYzY0ZjY4NGQ5MTY2NmQ0NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSQyvw70ariyNuWzj/C4gEpFbfhB
tZGnlJoII4c3AxFnYyOslVSpJvoDdBe7koZI0zj/9jc3u8tRYXQ3Je8qtOk9It5S
9DS15qfaEwqAWMfZfG0HU34jXAAsaYWfREzS++RlHE0xqO5P2YPKHn1pJjopv771
4R0/TYCQoxRobE/XNkfO289ACzMSD2Bof/SInXLhtWn+qm6G0Zbm6sKZgUVmSbEZ
46YIb/YJY2MyDOyEZO7i66AfAyndwtb3NOCX/m0fCkgSA48sqFCSHQrRNKELf0P9
Ob00IstX4HB15FvwNWNjzhihY7f/WH1NRniZzEUSy9aUkGr9vH8gsBELQwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG63pEGNj0bHifSBxk9oTZFmbUUwMB8GA1UdIwQY
MBaAFOJKMieM57TLIF38yteGAUo7CuMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtveUo0em50TXNnWGZ6SzE0WUJTanNLNHlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8zNjQ4NmItYjdiNy00M2EyLWJiMjct
NzdhYjA1ZTBjZjYyLzEvYnJla1FZMlBSc2VKOUlIR1QyaE5rV1p0UlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8zNjQ4NmItYjdiNy00M2EyLWJiMjctNzdhYjA1ZTBjZjYy
LzEvNGtveUo0em50TXNnWGZ6SzE0WUJTanNLNHlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPwAAwQC
wSrkAwQCwpXkMA0EAgACMAcDBQAqAgvYMA0GCSqGSIb3DQEBCwUAA4IBAQBdNvDP
2A7Sn/3v5E+GV+qHDx9cvLo/LihOZvpwTUVfNzAtwDuqZq87Kl5AQPcEn+YPFP5K
zoCGsLltgc7a/xf5nEl1dtiw4qoE/+R62yJGWlAJLnde+yH7bh3O0l1DeucYvc6C
s/a/MQH86lTFiXEik8vYxh9kMshfgpXS1AqodL7fGqNOfDumiQ+K3HYkFqEam01C
QM0rdlNuRo7bNtB8T8EsqGALzlBtc5Hg3qpoODfZl2Ol/g4wet+T81r3QMXdluRe
JNVDap41aXDykIqB6YAfmFirVyqE5tbjCLVV8bAoqRe0tOV33uU8rgoYljdRKTod
engf7HClvZuYXmrg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:57 2024 by rpki-client on console-ams.rpki-client.org