Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EgoY205NvxJU2KFtjIq-yi40160.roa
File:                     EgoY205NvxJU2KFtjIq-yi40160.roa (raw, json)
Hash identifier:          C/cAysX/7x0edwSVZTh0gZlCPnAMbtYjS15Rcc0tBRw=
Subject key identifier:   12:0A:18:DB:4E:4D:BF:12:54:D8:A1:6D:8C:8A:BE:CA:2E:34:D7:AD
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018608EF19014C21A7C71BB4E91DCB71F2A1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EgoY205NvxJU2KFtjIq-yi40160.roa
Signing time:             Tue 31 Jan 2023 17:45:32 +0000
ROA not before:           Tue 31 Jan 2023 17:45:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138687
IP address blocks:        185.255.38.0/24 maxlen: 24
                          185.238.9.0/24 maxlen: 24
                          91.188.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Feb 2023 19:28:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:08:ef:19:01:4c:21:a7:c7:1b:b4:e9:1d:cb:71:f2:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 31 17:45:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=120a18db4e4dbf1254d8a16d8c8abeca2e34d7ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:40:02:c0:27:d9:03:6c:8c:07:2f:77:ad:36:
                    b9:02:c9:b0:bc:27:38:5f:34:41:33:66:3a:4e:57:
                    2f:43:95:10:51:6a:59:01:36:40:6e:ee:e9:31:a9:
                    dd:9d:41:ff:28:19:3f:7d:4e:7d:f5:b2:80:e0:75:
                    9b:2b:81:b1:3b:d7:1b:6a:7e:1e:2e:bd:09:1d:b6:
                    a6:a1:4e:57:ee:c0:d3:49:d4:8c:99:f8:7d:7a:90:
                    d6:d4:b7:3b:3c:10:6f:6c:1a:05:80:c2:35:ae:ed:
                    ff:38:9b:3c:3f:34:65:6d:14:54:46:22:ac:db:d8:
                    c5:ee:f4:f2:38:17:ed:ac:d6:00:7e:73:06:63:65:
                    ba:4a:e0:f2:17:ae:ce:64:21:6c:b6:17:86:83:c4:
                    d4:07:bc:ba:3b:30:96:d7:f1:40:69:40:41:96:f6:
                    d0:bf:2c:2a:7d:1b:af:96:b6:bb:67:fe:fc:ea:cc:
                    d1:b2:60:8d:ca:71:99:3c:67:f4:64:18:c6:23:cb:
                    02:43:c8:8f:ce:a9:8b:b5:ae:bf:48:92:ec:27:18:
                    99:57:c3:11:20:3f:86:5d:65:69:d2:18:99:bc:e7:
                    d2:b7:e4:f1:17:6f:cf:a3:70:d3:84:6c:6c:4a:1b:
                    ce:e5:8a:bc:c9:9d:98:03:db:e1:b8:c8:1c:6d:2a:
                    d8:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:0A:18:DB:4E:4D:BF:12:54:D8:A1:6D:8C:8A:BE:CA:2E:34:D7:AD
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/EgoY205NvxJU2KFtjIq-yi40160.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.188.205.0/24
                  185.238.9.0/24
                  185.255.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:2b:e2:7c:c5:c0:0e:9d:3d:0d:2f:40:95:87:59:75:06:86:
         b9:5e:3a:7e:f5:e2:5b:79:f6:91:be:fa:50:a3:ec:ba:ba:a0:
         0c:bc:2f:13:2f:80:73:dd:2d:a2:d4:61:0b:61:81:67:79:4a:
         01:6f:70:59:b5:08:e3:bb:8e:fe:73:e3:ef:bb:f0:83:aa:3a:
         5c:f6:ee:69:f6:80:b2:ef:9c:86:ea:f8:28:af:31:33:bf:0e:
         40:60:1b:09:d8:46:77:b0:6b:df:45:3f:f0:ae:4c:f1:e0:2d:
         17:6a:27:fc:9e:21:f4:c4:40:bd:2d:22:2b:f5:86:f2:d4:15:
         be:c7:8d:85:f1:1f:9a:5f:d6:77:31:2f:c6:ba:f2:ae:9d:24:
         b0:17:f8:66:a8:b5:0c:86:a3:51:78:7b:8b:84:ff:4a:fb:8c:
         a9:7c:b3:84:c1:69:3d:81:66:0e:71:ce:1b:6d:5c:bb:c5:59:
         ab:d4:40:73:0a:4a:00:8d:9c:7c:4d:af:38:c4:3a:87:47:f7:
         ac:6d:42:b6:f2:29:f7:c0:79:fd:75:e9:d5:d6:02:f5:49:e3:
         2f:78:0e:61:4d:0f:9f:d1:55:6d:02:0d:d4:73:23:21:c0:2d:
         b4:8f:1d:7e:63:af:02:10:ed:47:17:6c:80:6f:cf:af:a2:87:
         3a:45:98:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYI7xkBTCGnxxu06R3LcfKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTMxMTc0NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjBhMThkYjRlNGRiZjEyNTRkOGExNmQ4YzhhYmVjYTJlMzRkN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUACwCfZA2yMBy93rTa5AsmwvCc4
XzRBM2Y6TlcvQ5UQUWpZATZAbu7pMandnUH/KBk/fU599bKA4HWbK4GxO9cban4e
Lr0JHbamoU5X7sDTSdSMmfh9epDW1Lc7PBBvbBoFgMI1ru3/OJs8PzRlbRRURiKs
29jF7vTyOBftrNYAfnMGY2W6SuDyF67OZCFstheGg8TUB7y6OzCW1/FAaUBBlvbQ
vywqfRuvlra7Z/786szRsmCNynGZPGf0ZBjGI8sCQ8iPzqmLta6/SJLsJxiZV8MR
ID+GXWVp0hiZvOfSt+TxF2/Po3DThGxsShvO5Yq8yZ2YA9vhuMgcbSrY3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBIKGNtOTb8SVNihbYyKvsouNNetMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRWdvWTIwNU52eEpVMktGdGpJcS15aTQwMTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW7zNAwQA
ue4JAwQAuf8mMA0GCSqGSIb3DQEBCwUAA4IBAQAMK+J8xcAOnT0NL0CVh1l1Boa5
Xjp+9eJbefaRvvpQo+y6uqAMvC8TL4Bz3S2i1GELYYFneUoBb3BZtQjju47+c+Pv
u/CDqjpc9u5p9oCy75yG6vgorzEzvw5AYBsJ2EZ3sGvfRT/wrkzx4C0Xaif8niH0
xEC9LSIr9Yby1BW+x42F8R+aX9Z3MS/GuvKunSSwF/hmqLUMhqNReHuLhP9K+4yp
fLOEwWk9gWYOcc4bbVy7xVmr1EBzCkoAjZx8Ta84xDqHR/esbUK28in3wHn9denV
1gL1SeMveA5hTQ+f0VVtAg3UcyMhwC20jx1+Y68CEO1HF2yAb8+vooc6RZiy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org