Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/5fec55-4d4a-4fa5-a764-42bd92f30a97/1/euuT1kmMwOAis9KiLlHjypxLsug.roa
File:                     euuT1kmMwOAis9KiLlHjypxLsug.roa (raw, json)
Hash identifier:          CUu2jQ0vrKL9Wyd4S+QTM605Jc9yv718IaQ4ITTGne4=
Subject key identifier:   7A:EB:93:D6:49:8C:C0:E0:22:B3:D2:A2:2E:51:E3:CA:9C:4B:B2:E8
Certificate issuer:       /CN=e791851680b72c9691225e1bf36c47260ea244fa
Certificate serial:       01889014F29B0FF283794E7C47AB71C0E801
Authority key identifier: E7:91:85:16:80:B7:2C:96:91:22:5E:1B:F3:6C:47:26:0E:A2:44:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/55GFFoC3LJaRIl4b82xHJg6iRPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/5fec55-4d4a-4fa5-a764-42bd92f30a97/1/euuT1kmMwOAis9KiLlHjypxLsug.roa
Signing time:             Tue 06 Jun 2023 09:41:11 +0000
ROA not before:           Tue 06 Jun 2023 09:41:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21221
IP address blocks:        109.71.104.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:90:14:f2:9b:0f:f2:83:79:4e:7c:47:ab:71:c0:e8:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e791851680b72c9691225e1bf36c47260ea244fa
        Validity
            Not Before: Jun  6 09:41:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7aeb93d6498cc0e022b3d2a22e51e3ca9c4bb2e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d1:1e:0c:f9:01:24:3b:4f:c0:b7:d9:91:e6:
                    91:17:a7:55:64:e7:97:f9:ae:ac:81:0b:d7:63:0a:
                    70:e0:8b:bc:b0:91:3e:c5:98:68:d1:fd:ca:43:b3:
                    84:39:72:c5:59:c3:3b:46:e1:c1:9c:49:36:98:55:
                    8c:84:9a:ef:2e:77:b6:92:d9:a7:ec:f0:c7:0f:21:
                    c0:50:92:af:3a:6b:f0:7a:f4:eb:62:8f:65:bf:14:
                    b1:84:78:4c:86:83:98:bb:bf:cc:b6:17:51:be:1c:
                    c5:cb:17:0a:c0:dc:82:21:85:1b:7a:d3:63:00:c4:
                    c7:f0:0c:15:f4:19:2e:5a:6b:a3:cf:1f:89:45:ec:
                    4d:48:a5:55:86:41:c6:e4:96:9a:a4:1d:c7:ee:90:
                    a3:68:9d:6e:2a:33:4f:ca:1f:ef:dd:7b:ec:4d:8e:
                    a6:47:78:8f:a2:48:1b:4c:77:1a:9c:7f:5e:59:c9:
                    bc:79:7d:32:cf:a7:50:06:f9:b9:ba:fa:2a:20:c6:
                    a2:06:aa:55:8b:e0:33:16:30:f6:29:0b:42:16:7c:
                    2c:87:62:75:9f:17:30:a8:ce:91:06:ce:c8:44:01:
                    cf:f8:2e:fb:cd:72:3b:2a:d5:3b:0c:84:42:d6:fb:
                    30:89:fd:5a:13:ff:23:12:20:78:34:7c:16:3a:44:
                    ee:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:EB:93:D6:49:8C:C0:E0:22:B3:D2:A2:2E:51:E3:CA:9C:4B:B2:E8
            X509v3 Authority Key Identifier:
                keyid:E7:91:85:16:80:B7:2C:96:91:22:5E:1B:F3:6C:47:26:0E:A2:44:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55GFFoC3LJaRIl4b82xHJg6iRPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5fec55-4d4a-4fa5-a764-42bd92f30a97/1/euuT1kmMwOAis9KiLlHjypxLsug.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5fec55-4d4a-4fa5-a764-42bd92f30a97/1/55GFFoC3LJaRIl4b82xHJg6iRPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.71.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:66:a5:64:d4:b5:ab:17:d3:48:2e:43:2f:9c:ad:69:5b:92:
         7d:51:77:fd:78:c1:16:a0:20:34:e0:ea:5b:89:52:68:46:46:
         e9:57:1e:a0:f0:23:9e:ce:72:6a:62:9b:b3:7e:54:7c:a9:36:
         5a:4b:3c:8f:a5:9c:25:fe:0d:5e:6f:c2:2b:69:22:11:db:44:
         b4:c8:06:98:3a:27:b0:5b:70:f2:78:0a:9b:07:4d:b4:92:05:
         b3:9b:38:fc:d8:0f:69:78:16:b5:04:6e:f3:d5:08:73:00:4b:
         39:9f:72:97:94:df:49:99:cd:b6:b0:5c:07:49:6c:cb:a9:67:
         12:8f:19:1d:44:dc:9f:68:dd:d6:2a:59:c2:59:b0:c9:07:28:
         b3:32:8b:c0:28:a3:e7:65:54:8b:7b:e0:f0:58:11:98:af:fc:
         e7:28:55:16:2c:eb:eb:69:26:5b:5b:e6:ba:1e:53:98:c4:9f:
         9b:42:df:d0:64:41:29:f2:d6:3a:28:fc:2f:a9:ad:a1:e2:f5:
         da:e0:55:ea:be:e2:67:c2:cb:50:82:03:6f:fe:fb:e1:d9:be:
         be:c1:63:4a:1f:f6:fd:fc:de:61:ab:ec:88:9c:c4:e2:fd:1a:
         ad:d5:45:c1:88:6a:5d:52:b9:04:c6:3a:8a:34:bc:ea:04:e6:
         1e:36:24:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiQFPKbD/KDeU58R6txwOgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTE4NTE2ODBiNzJjOTY5MTIyNWUxYmYzNmM0NzI2MGVh
MjQ0ZmEwHhcNMjMwNjA2MDk0MTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWViOTNkNjQ5OGNjMGUwMjJiM2QyYTIyZTUxZTNjYTljNGJiMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltEeDPkBJDtPwLfZkeaRF6dVZOeX
+a6sgQvXYwpw4Iu8sJE+xZho0f3KQ7OEOXLFWcM7RuHBnEk2mFWMhJrvLne2ktmn
7PDHDyHAUJKvOmvwevTrYo9lvxSxhHhMhoOYu7/MthdRvhzFyxcKwNyCIYUbetNj
AMTH8AwV9BkuWmujzx+JRexNSKVVhkHG5JaapB3H7pCjaJ1uKjNPyh/v3XvsTY6m
R3iPokgbTHcanH9eWcm8eX0yz6dQBvm5uvoqIMaiBqpVi+AzFjD2KQtCFnwsh2J1
nxcwqM6RBs7IRAHP+C77zXI7KtU7DIRC1vswif1aE/8jEiB4NHwWOkTuQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrrk9ZJjMDgIrPSoi5R48qcS7LoMB8GA1UdIwQY
MBaAFOeRhRaAtyyWkSJeG/NsRyYOokT6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTVHRkZvQzNMSmFSSWw0YjgyeEhKZzZpUlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS81ZmVjNTUtNGQ0YS00ZmE1LWE3NjQt
NDJiZDkyZjMwYTk3LzEvZXV1VDFrbU13T0FpczlLaUxsSGp5cHhMc3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS81ZmVjNTUtNGQ0YS00ZmE1LWE3NjQtNDJiZDkyZjMwYTk3
LzEvNTVHRkZvQzNMSmFSSWw0YjgyeEhKZzZpUlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbUdoMA0G
CSqGSIb3DQEBCwUAA4IBAQAMZqVk1LWrF9NILkMvnK1pW5J9UXf9eMEWoCA04Opb
iVJoRkbpVx6g8COeznJqYpuzflR8qTZaSzyPpZwl/g1eb8IraSIR20S0yAaYOiew
W3DyeAqbB020kgWzmzj82A9peBa1BG7z1QhzAEs5n3KXlN9Jmc22sFwHSWzLqWcS
jxkdRNyfaN3WKlnCWbDJByizMovAKKPnZVSLe+DwWBGYr/znKFUWLOvraSZbW+a6
HlOYxJ+bQt/QZEEp8tY6KPwvqa2h4vXa4FXqvuJnwstQggNv/vvh2b6+wWNKH/b9
/N5hq+yInMTi/Rqt1UXBiGpdUrkExjqKNLzqBOYeNiRr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:30 2024 by rpki-client on console-ams.rpki-client.org