Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/jYUmxP3vs5Z6Q70c1Ay277dtM0Q.roa
File:                     jYUmxP3vs5Z6Q70c1Ay277dtM0Q.roa (raw, json)
Hash identifier:          EZsZVLgwhz9PgwUEU+4taR6EKchEgr0DFsHT23zC27M=
Subject key identifier:   8D:85:26:C4:FD:EF:B3:96:7A:43:BD:1C:D4:0C:B6:EF:B7:6D:33:44
Certificate issuer:       /CN=abe5e2eb170e0c2ab861db308dbbcb2a5fd5f18d
Certificate serial:       018572D5CEF4AC929CCAA2F85F29F4A3731B
Authority key identifier: AB:E5:E2:EB:17:0E:0C:2A:B8:61:DB:30:8D:BB:CB:2A:5F:D5:F1:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q-Xi6xcODCq4YdswjbvLKl_V8Y0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/jYUmxP3vs5Z6Q70c1Ay277dtM0Q.roa
Signing time:             Mon 02 Jan 2023 14:14:52 +0000
ROA not before:           Mon 02 Jan 2023 14:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35236
IP address blocks:        109.205.72.0/21 maxlen: 24
                          185.124.80.0/22 maxlen: 24
                          188.92.96.0/21 maxlen: 24
                          31.170.176.0/21 maxlen: 24
                          2a00:1238::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:d5:ce:f4:ac:92:9c:ca:a2:f8:5f:29:f4:a3:73:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abe5e2eb170e0c2ab861db308dbbcb2a5fd5f18d
        Validity
            Not Before: Jan  2 14:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d8526c4fdefb3967a43bd1cd40cb6efb76d3344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:00:68:76:dd:0d:a1:21:75:bf:22:30:04:ea:
                    f8:52:56:e5:68:3b:c2:a3:e9:ca:47:84:05:a1:52:
                    dd:bf:90:8c:8a:a8:1d:75:f4:4b:4f:6b:6b:09:e3:
                    ce:e4:66:ad:d4:62:63:af:fb:2a:f2:95:13:5e:ef:
                    c4:ef:5c:17:d2:ee:e3:44:b7:72:5f:93:81:1b:a3:
                    25:8a:b4:7e:3e:8a:5b:30:70:ce:9e:bc:5d:15:94:
                    39:44:1e:19:49:a5:f1:ff:55:ee:7e:4f:7d:fa:60:
                    4a:01:67:c0:1b:5e:a3:ac:8f:46:11:65:1c:0d:f6:
                    2d:42:0d:72:42:d1:83:8f:1b:27:e8:eb:10:03:88:
                    47:bf:78:d4:2a:a8:7f:fa:b9:56:71:00:ec:62:2d:
                    43:a3:62:e6:dc:d5:7a:29:ff:a3:f7:f2:45:f1:b8:
                    28:f9:e9:1f:ce:df:50:c9:18:55:5a:9f:21:da:3d:
                    10:02:6c:9e:29:8e:50:79:92:f0:d1:5b:77:0e:e5:
                    8a:b5:90:8b:fc:0d:30:d8:59:a2:d6:eb:53:dd:5c:
                    c6:aa:c3:4a:15:20:4a:a5:9c:86:c2:e4:4a:a6:96:
                    21:3e:25:c1:62:0b:df:83:ff:d0:f3:47:67:fd:f6:
                    07:a8:af:51:30:2d:4c:6e:b6:a7:36:15:d7:5d:04:
                    6f:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:85:26:C4:FD:EF:B3:96:7A:43:BD:1C:D4:0C:B6:EF:B7:6D:33:44
            X509v3 Authority Key Identifier:
                keyid:AB:E5:E2:EB:17:0E:0C:2A:B8:61:DB:30:8D:BB:CB:2A:5F:D5:F1:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q-Xi6xcODCq4YdswjbvLKl_V8Y0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/jYUmxP3vs5Z6Q70c1Ay277dtM0Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/cb0d26-893b-4804-b5d2-0c584926d821/1/q-Xi6xcODCq4YdswjbvLKl_V8Y0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.170.176.0/21
                  109.205.72.0/21
                  185.124.80.0/22
                  188.92.96.0/21
                IPv6:
                  2a00:1238::/32

    Signature Algorithm: sha256WithRSAEncryption
         96:b4:81:ce:bb:b1:13:20:8e:58:fe:43:b9:85:f8:1e:3c:49:
         16:7b:bd:5f:98:08:d9:e9:f3:df:c1:8c:3f:b6:4a:5a:0b:21:
         2f:73:28:ab:81:d6:6a:3e:8d:4a:f5:c1:a0:7d:4f:cb:7a:9e:
         b9:69:8c:f1:7e:4e:3b:ef:b3:9e:f7:90:48:5d:96:18:05:60:
         aa:c3:be:e2:60:ba:0c:1d:d9:27:98:c7:78:c9:44:0b:df:43:
         0b:e6:cb:42:b9:92:46:fb:35:54:53:f4:bf:19:f4:65:24:f8:
         c3:37:23:9f:8b:e5:03:7e:30:af:ff:9d:47:46:ac:59:46:e1:
         58:3b:ef:f8:d4:a2:b1:a3:63:ad:2b:15:03:8d:49:9c:ee:25:
         97:ca:9a:3b:6d:0f:74:d9:c7:f3:96:fe:83:97:8b:e9:95:f2:
         1e:4b:dd:5c:72:a1:7f:17:2d:5d:7b:85:5c:49:27:36:5c:b9:
         e5:f3:70:38:c4:51:90:40:56:19:d7:88:60:f7:d3:12:7f:b4:
         e7:bf:7a:3a:50:31:78:2c:35:30:2e:1f:21:79:34:08:43:8a:
         f8:d5:81:d4:32:0e:b3:d7:a1:e3:51:75:ac:5d:0a:ac:0e:6f:
         25:03:ea:2e:04:ae:c5:d2:08:02:e3:b0:f7:8a:5a:51:c6:b8:
         cb:5d:ef:a3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVy1c70rJKcyqL4Xyn0o3MbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZTVlMmViMTcwZTBjMmFiODYxZGIzMDhkYmJjYjJhNWZk
NWYxOGQwHhcNMjMwMTAyMTQxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDg1MjZjNGZkZWZiMzk2N2E0M2JkMWNkNDBjYjZlZmI3NmQzMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgBodt0NoSF1vyIwBOr4UlblaDvC
o+nKR4QFoVLdv5CMiqgddfRLT2trCePO5Gat1GJjr/sq8pUTXu/E71wX0u7jRLdy
X5OBG6MlirR+PopbMHDOnrxdFZQ5RB4ZSaXx/1Xufk99+mBKAWfAG16jrI9GEWUc
DfYtQg1yQtGDjxsn6OsQA4hHv3jUKqh/+rlWcQDsYi1Do2Lm3NV6Kf+j9/JF8bgo
+ekfzt9QyRhVWp8h2j0QAmyeKY5QeZLw0Vt3DuWKtZCL/A0w2Fmi1utT3VzGqsNK
FSBKpZyGwuRKppYhPiXBYgvfg//Q80dn/fYHqK9RMC1MbranNhXXXQRvjQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI2FJsT977OWekO9HNQMtu+3bTNEMB8GA1UdIwQY
MBaAFKvl4usXDgwquGHbMI27yypf1fGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcS1YaTZ4Y09EQ3E0WWRzd2pidkxLbF9WOFkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9jYjBkMjYtODkzYi00ODA0LWI1ZDIt
MGM1ODQ5MjZkODIxLzEvallVbXhQM3ZzNVo2UTcwYzFBeTI3N2R0TTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9jYjBkMjYtODkzYi00ODA0LWI1ZDItMGM1ODQ5MjZkODIx
LzEvcS1YaTZ4Y09EQ3E0WWRzd2pidkxLbF9WOFkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH6qwAwQD
bc1IAwQCuXxQAwQDvFxgMA0EAgACMAcDBQAqABI4MA0GCSqGSIb3DQEBCwUAA4IB
AQCWtIHOu7ETII5Y/kO5hfgePEkWe71fmAjZ6fPfwYw/tkpaCyEvcyirgdZqPo1K
9cGgfU/Lep65aYzxfk4777Oe95BIXZYYBWCqw77iYLoMHdknmMd4yUQL30ML5stC
uZJG+zVUU/S/GfRlJPjDNyOfi+UDfjCv/51HRqxZRuFYO+/41KKxo2OtKxUDjUmc
7iWXypo7bQ902cfzlv6Dl4vplfIeS91ccqF/Fy1de4VcSSc2XLnl83A4xFGQQFYZ
14hg99MSf7Tnv3o6UDF4LDUwLh8heTQIQ4r41YHUMg6z16HjUXWsXQqsDm8lA+ou
BK7F0ggC47D3ilpRxrjLXe+j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:27 2024 by rpki-client on console-fra.rpki-client.org