Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/eiX2pk6Aru4pbmi2Whj8CPdp4DE.roa
File:                     eiX2pk6Aru4pbmi2Whj8CPdp4DE.roa (raw, json)
Hash identifier:          GCt20WkBIRJopDFcs/nXEZj9/4xxKluXkUWO4gkb0qw=
Subject key identifier:   7A:25:F6:A6:4E:80:AE:EE:29:6E:68:B6:5A:18:FC:08:F7:69:E0:31
Certificate issuer:       /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial:       01856D8AC304CA7641E9AA1F56C5BF6BF324
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/eiX2pk6Aru4pbmi2Whj8CPdp4DE.roa
Signing time:             Sun 01 Jan 2023 13:34:48 +0000
ROA not before:           Sun 01 Jan 2023 13:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50926
IP address blocks:        158.255.238.0/24 maxlen: 24
                          89.44.32.0/24 maxlen: 24
                          185.86.210.0/24 maxlen: 24
                          185.76.77.0/24 maxlen: 24
                          185.66.175.0/24 maxlen: 24
                          37.252.96.0/24 maxlen: 24
                          185.104.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:8a:c3:04:ca:76:41:e9:aa:1f:56:c5:bf:6b:f3:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
        Validity
            Not Before: Jan  1 13:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7a25f6a64e80aeee296e68b65a18fc08f769e031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:39:df:bd:27:bb:81:93:48:ee:b8:69:d3:f9:
                    bb:f9:84:9e:e8:db:fc:7c:2e:7d:1c:3a:b7:25:a8:
                    b2:4f:2d:80:33:6b:4c:b6:c3:83:00:94:73:1c:ad:
                    b0:8e:e8:24:20:fe:ce:d0:4c:1e:5c:67:e2:20:f6:
                    63:c6:73:50:86:21:8e:b3:88:03:54:f8:08:f6:1c:
                    a8:97:79:69:73:12:4a:a3:80:fa:32:0c:1e:b1:d8:
                    df:2f:d6:ad:22:01:8f:86:85:e7:8f:b5:f4:b7:f8:
                    37:19:d8:7b:e4:f0:54:79:9b:a0:e5:e5:17:8c:c9:
                    48:9c:f6:45:83:46:b2:a1:0a:00:76:c5:fb:68:ff:
                    99:97:e3:3a:ee:0b:38:a6:c9:49:b1:fc:f7:a7:0d:
                    be:36:a8:b4:d8:1d:6b:d7:cb:96:d1:9e:a9:54:a6:
                    37:41:00:11:b2:4a:b5:76:54:84:9e:48:4d:28:92:
                    bf:11:42:81:8c:87:b8:5b:97:38:9d:3e:d3:16:69:
                    cd:19:42:97:c0:31:f2:45:e9:5e:96:79:63:94:e5:
                    33:a7:7e:71:3b:fa:e6:ea:68:28:9c:ea:1b:3b:cc:
                    29:a8:0a:be:32:2f:aa:58:67:e1:78:39:b0:5e:51:
                    ab:13:3f:b9:9e:75:f2:71:1f:87:fd:ad:99:f4:04:
                    05:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:25:F6:A6:4E:80:AE:EE:29:6E:68:B6:5A:18:FC:08:F7:69:E0:31
            X509v3 Authority Key Identifier:
                keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/eiX2pk6Aru4pbmi2Whj8CPdp4DE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.252.96.0/24
                  89.44.32.0/24
                  158.255.238.0/24
                  185.66.175.0/24
                  185.76.77.0/24
                  185.86.210.0/24
                  185.104.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:3e:21:ad:2b:99:74:bf:c3:39:73:36:6d:33:d9:f7:a2:9c:
         49:03:d4:df:b6:8a:8e:4f:1c:ab:02:e8:c1:d8:1a:37:ff:f9:
         99:1f:69:8e:91:f3:d2:0f:c8:b0:01:8c:e1:3b:cf:fb:d0:c4:
         4b:67:3d:03:5f:9d:dc:b4:9b:84:16:8f:4a:dc:08:f6:29:8e:
         e8:62:ea:63:9f:59:49:a7:1a:fe:10:45:18:b8:19:d6:fc:30:
         49:cd:08:06:cd:21:93:38:a7:fe:01:e9:1b:72:92:ef:07:8f:
         02:13:04:68:48:1b:a1:c5:7b:ef:94:58:8e:68:e6:db:7a:54:
         44:bd:5b:7a:89:5f:29:75:cc:3a:e8:b9:c0:9c:ce:4b:b5:2e:
         50:21:c3:26:53:bd:24:06:d7:42:47:48:72:f1:3c:ae:4c:df:
         3f:8b:20:77:81:a8:0c:4f:23:a8:69:a3:4d:0b:17:3a:bc:b6:
         aa:93:85:f7:f5:a1:f5:b5:c2:f3:44:21:ce:e4:4c:d5:72:e6:
         a4:27:66:12:01:0c:1b:cb:38:ad:3b:3d:c0:e4:fc:f9:42:9e:
         62:e3:4b:47:43:40:7f:cd:00:ed:37:b2:3d:72:7f:ba:c6:56:
         51:36:f9:6c:b2:3f:c3:4a:72:f4:43:81:68:52:e5:58:d4:18:
         1a:18:17:57
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVtisMEynZB6aofVsW/a/MkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwMTAxMTMzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTI1ZjZhNjRlODBhZWVlMjk2ZTY4YjY1YTE4ZmMwOGY3NjllMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojnfvSe7gZNI7rhp0/m7+YSe6Nv8
fC59HDq3JaiyTy2AM2tMtsODAJRzHK2wjugkIP7O0EweXGfiIPZjxnNQhiGOs4gD
VPgI9hyol3lpcxJKo4D6MgwesdjfL9atIgGPhoXnj7X0t/g3Gdh75PBUeZug5eUX
jMlInPZFg0ayoQoAdsX7aP+Zl+M67gs4pslJsfz3pw2+Nqi02B1r18uW0Z6pVKY3
QQARskq1dlSEnkhNKJK/EUKBjIe4W5c4nT7TFmnNGUKXwDHyRelelnljlOUzp35x
O/rm6mgonOobO8wpqAq+Mi+qWGfheDmwXlGrEz+5nnXycR+H/a2Z9AQFQwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHol9qZOgK7uKW5otloY/Aj3aeAxMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvZWlYMnBrNkFydTRwYm1pMldoajhDUGRwNERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJfxgAwQA
WSwgAwQAnv/uAwQAuUKvAwQAuUxNAwQAuVbSAwQAuWiYMA0GCSqGSIb3DQEBCwUA
A4IBAQA2PiGtK5l0v8M5czZtM9n3opxJA9TftoqOTxyrAujB2Bo3//mZH2mOkfPS
D8iwAYzhO8/70MRLZz0DX53ctJuEFo9K3Aj2KY7oYupjn1lJpxr+EEUYuBnW/DBJ
zQgGzSGTOKf+AekbcpLvB48CEwRoSBuhxXvvlFiOaObbelREvVt6iV8pdcw66LnA
nM5LtS5QIcMmU70kBtdCR0hy8TyuTN8/iyB3gagMTyOoaaNNCxc6vLaqk4X39aH1
tcLzRCHO5EzVcuakJ2YSAQwbyzitOz3A5Pz5Qp5i40tHQ0B/zQDtN7I9cn+6xlZR
Nvlssj/DSnL0Q4FoUuVY1BgaGBdX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org