Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/7qoTPdzo6_-IcoistOsZw1xb9MQ.roa
File:                     7qoTPdzo6_-IcoistOsZw1xb9MQ.roa (raw, json)
Hash identifier:          62FQffjeyNc9xXoT1hHFwxvObrYSQm2TzXZgiM0z7EM=
Subject key identifier:   EE:AA:13:3D:DC:E8:EB:FF:88:72:88:AC:B4:EB:19:C3:5C:5B:F4:C4
Certificate issuer:       /CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Certificate serial:       01856B9331D1BE8428473AC9AF977A06CAB4
Authority key identifier: 64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/7qoTPdzo6_-IcoistOsZw1xb9MQ.roa
Signing time:             Sun 01 Jan 2023 04:24:46 +0000
ROA not before:           Sun 01 Jan 2023 04:24:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205806
IP address blocks:        149.249.240.0/22 maxlen: 22
                          185.206.44.0/22 maxlen: 22
                          185.147.168.0/22 maxlen: 22
                          149.249.160.0/19 maxlen: 22
                          185.178.24.0/22 maxlen: 22
                          149.249.192.0/19 maxlen: 22
                          213.208.40.0/22 maxlen: 22
                          213.208.44.0/22 maxlen: 22
                          149.249.224.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Tue 27 Jun 2023 11:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:93:31:d1:be:84:28:47:3a:c9:af:97:7a:06:ca:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
        Validity
            Not Before: Jan  1 04:24:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eeaa133ddce8ebff887288acb4eb19c35c5bf4c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:52:43:d3:6d:7b:0d:e6:94:5a:8f:42:da:49:
                    15:7e:53:14:0a:2b:66:a3:d1:22:9e:99:c8:18:b1:
                    3e:a2:f6:44:6b:f1:fa:6e:0d:fe:b3:53:fb:42:2e:
                    40:cb:7d:df:d8:99:a8:42:a9:ec:fd:3a:e4:e8:77:
                    6f:e8:f1:3f:ca:35:14:f0:f5:d8:d8:57:5f:0e:19:
                    05:bb:7a:21:89:bb:16:93:29:b3:72:f6:5b:6e:8d:
                    a5:55:9c:6c:7f:8f:28:68:48:67:23:d7:fe:86:3f:
                    2a:f5:ea:5e:a5:db:fd:c7:07:c1:e3:12:c4:16:08:
                    71:a3:42:16:8d:41:b2:ac:85:3f:24:b1:19:ed:b2:
                    48:36:cf:00:e1:d4:1a:08:c5:5a:b1:cd:ef:d4:8c:
                    36:fc:dc:85:5b:48:59:4c:4c:e9:7e:e8:9d:47:57:
                    88:18:e8:af:68:f9:85:b4:d5:cb:2a:4e:0d:cd:af:
                    f1:b5:80:5a:18:5e:5b:cf:83:08:29:8f:93:b7:0d:
                    5f:07:bd:1f:21:1c:10:0d:8e:ff:dc:1a:8e:59:b9:
                    d0:a3:1c:ec:36:b0:ed:31:cb:56:79:c7:f2:74:14:
                    41:4a:47:ef:0d:a0:c2:6b:84:f0:09:5c:23:a3:5c:
                    b4:d3:d6:59:ba:61:e4:66:61:93:54:94:f3:eb:be:
                    23:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:AA:13:3D:DC:E8:EB:FF:88:72:88:AC:B4:EB:19:C3:5C:5B:F4:C4
            X509v3 Authority Key Identifier:
                keyid:64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/7qoTPdzo6_-IcoistOsZw1xb9MQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.249.160.0-149.249.243.255
                  185.147.168.0/22
                  185.178.24.0/22
                  185.206.44.0/22
                  213.208.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         82:0b:a8:63:08:9d:8e:a1:bf:c4:ac:a6:04:14:cf:f9:77:c5:
         1a:ca:7c:c4:46:51:95:0a:4b:37:2a:35:b9:77:8e:6c:db:b4:
         9d:32:0a:00:72:1b:02:b8:27:d2:27:16:0d:75:80:a8:06:00:
         af:3a:08:7a:d9:10:9c:f4:e2:c9:96:8c:95:be:42:62:fe:2d:
         b7:d0:bd:f3:a6:cf:3f:e2:d5:e9:fd:3e:5c:69:0f:58:0b:48:
         69:d8:7e:c1:8f:dd:6d:01:36:45:c7:24:43:15:29:dc:43:06:
         6e:7f:3f:67:09:74:92:3f:9d:2f:0c:a5:cb:34:a0:42:c8:53:
         84:90:df:f6:12:a1:4c:f9:76:6b:3a:49:2a:b0:18:3f:bc:7b:
         fb:1d:4b:99:31:55:df:eb:6d:2d:3c:c7:92:24:ca:47:fd:0d:
         85:2f:78:2c:aa:8d:52:6e:94:76:3d:e9:5d:b1:59:0e:0c:61:
         2c:09:e4:4f:e6:e1:cc:ec:0f:d1:17:73:92:dc:0a:a6:a6:e7:
         7a:17:69:22:52:f4:56:53:fe:7f:f4:56:7f:60:70:da:ee:4e:
         75:cc:9b:1e:8a:57:f5:31:91:fb:a6:92:e5:92:c7:11:45:51:
         ad:e2:14:6c:ef:58:31:c5:de:97:99:5b:04:03:8d:5a:f3:a7:
         a3:30:1b:1f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVrkzHRvoQoRzrJr5d6Bsq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZWY5OGFkYmY0MmQ1YmFjZDI0Y2FkYjBhZGYwOTJjNDU3
NmRhZjMwHhcNMjMwMTAxMDQyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWFhMTMzZGRjZThlYmZmODg3Mjg4YWNiNGViMTljMzVjNWJmNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVJD0217DeaUWo9C2kkVflMUCitm
o9EinpnIGLE+ovZEa/H6bg3+s1P7Qi5Ay33f2JmoQqns/Trk6Hdv6PE/yjUU8PXY
2FdfDhkFu3ohibsWkymzcvZbbo2lVZxsf48oaEhnI9f+hj8q9epepdv9xwfB4xLE
Fghxo0IWjUGyrIU/JLEZ7bJINs8A4dQaCMVasc3v1Iw2/NyFW0hZTEzpfuidR1eI
GOivaPmFtNXLKk4Nza/xtYBaGF5bz4MIKY+Ttw1fB70fIRwQDY7/3BqOWbnQoxzs
NrDtMctWecfydBRBSkfvDaDCa4TwCVwjo1y009ZZumHkZmGTVJTz674j8wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFO6qEz3c6Ov/iHKIrLTrGcNcW/TEMB8GA1UdIwQY
MBaAFGTvmK2/QtW6zSTK2wrfCSxFdtrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNDliYzUtNjhjNS00Y2UyLWE5Yjkt
MDNjNmZlYWYxZDlmLzEvN3FvVFBkem82Xy1JY29pc3RPc1p3MXhiOU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNDliYzUtNjhjNS00Y2UyLWE5YjktMDNjNmZlYWYxZDlm
LzEvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAWV+aAD
BAKV+fADBAK5k6gDBAK5shgDBAK5ziwDBAPV0CgwDQYJKoZIhvcNAQELBQADggEB
AIILqGMInY6hv8SspgQUz/l3xRrKfMRGUZUKSzcqNbl3jmzbtJ0yCgByGwK4J9In
Fg11gKgGAK86CHrZEJz04smWjJW+QmL+LbfQvfOmzz/i1en9PlxpD1gLSGnYfsGP
3W0BNkXHJEMVKdxDBm5/P2cJdJI/nS8Mpcs0oELIU4SQ3/YSoUz5dms6SSqwGD+8
e/sdS5kxVd/rbS08x5Ikykf9DYUveCyqjVJulHY96V2xWQ4MYSwJ5E/m4czsD9EX
c5LcCqam53oXaSJS9FZT/n/0Vn9gcNruTnXMmx6KV/UxkfumkuWSxxFFUa3iFGzv
WDHF3peZWwQDjVrzp6MwGx8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:06 2024 by rpki-client on console-fra.rpki-client.org