Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7d0EqufOqxYN_urs84deVGAxEbg.roa
File:                     7d0EqufOqxYN_urs84deVGAxEbg.roa (raw, json)
Hash identifier:          O6gbBUZ1M15KgjU6mQDurJvJZDH8L2W2J4ULOVljqsE=
Subject key identifier:   ED:DD:04:AA:E7:CE:AB:16:0D:FE:EA:EC:F3:87:5E:54:60:31:11:B8
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018571B63D7CF20C0A7F34478D3AA8F131D4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7d0EqufOqxYN_urs84deVGAxEbg.roa
Signing time:             Mon 02 Jan 2023 09:00:46 +0000
ROA not before:           Mon 02 Jan 2023 09:00:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202636
IP address blocks:        185.252.44.0/22 maxlen: 22
                          185.248.200.0/22 maxlen: 24
                          37.32.96.0/23 maxlen: 23
                          185.150.78.0/23 maxlen: 23
                          185.150.77.0/24 maxlen: 24
                          185.191.44.0/22 maxlen: 22
                          93.189.122.0/24 maxlen: 24
                          93.189.121.0/24 maxlen: 24
                          185.239.254.0/24 maxlen: 24
                          193.8.114.0/23 maxlen: 23
                          194.41.118.0/23 maxlen: 23
                          194.41.116.0/23 maxlen: 23
                          194.35.41.0/24 maxlen: 24
                          185.218.18.0/24 maxlen: 24
                          185.227.205.0/24 maxlen: 24
                          45.134.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Dec 2023 10:03:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b6:3d:7c:f2:0c:0a:7f:34:47:8d:3a:a8:f1:31:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 09:00:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eddd04aae7ceab160dfeeaecf3875e54603111b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:1a:57:2e:c7:9b:df:9a:27:0c:9b:93:6f:2a:
                    9d:05:ed:14:1b:e4:a8:bc:9c:47:70:c0:46:75:b9:
                    75:ba:47:76:0b:59:17:d2:6f:8d:9d:f4:0f:a3:2b:
                    87:b0:3c:66:24:74:74:d6:05:57:78:fb:9c:78:eb:
                    89:ca:13:77:c2:c5:a7:eb:3c:cd:23:c9:ee:de:50:
                    1a:11:79:22:b2:9c:be:3c:9e:33:5c:70:07:b6:9c:
                    50:fe:69:73:b7:85:9d:f4:e1:d1:60:6f:7c:a0:fe:
                    3d:93:77:6e:71:c1:53:65:9a:f9:a2:f3:5a:ed:b5:
                    a0:a5:14:30:99:74:54:4c:57:75:5f:6b:46:a5:37:
                    54:07:6c:aa:79:bf:72:8d:0e:8f:64:46:77:9a:01:
                    fc:32:4c:a3:ba:29:ca:9b:ac:ea:71:6e:a8:88:59:
                    74:2c:52:dc:05:10:a6:cd:a2:4a:69:cb:90:b7:1a:
                    c4:32:38:ab:9e:bf:fc:8d:c2:99:8f:bc:bb:a1:fe:
                    67:9c:25:a2:89:59:8d:6b:cf:10:59:3c:a1:3b:21:
                    63:99:80:42:ee:7b:96:40:4b:c2:c6:45:47:c9:0e:
                    1f:5f:3d:05:39:c2:ed:ce:d8:dd:0c:c3:2a:7f:70:
                    fe:e0:d1:5a:49:20:e7:2a:73:ab:8c:72:7d:3a:ab:
                    8f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:DD:04:AA:E7:CE:AB:16:0D:FE:EA:EC:F3:87:5E:54:60:31:11:B8
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7d0EqufOqxYN_urs84deVGAxEbg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.32.96.0/23
                  45.134.87.0/24
                  93.189.121.0-93.189.122.255
                  185.150.77.0-185.150.79.255
                  185.191.44.0/22
                  185.218.18.0/24
                  185.227.205.0/24
                  185.239.254.0/24
                  185.248.200.0/22
                  185.252.44.0/22
                  193.8.114.0/23
                  194.35.41.0/24
                  194.41.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b4:3c:1b:67:54:df:4d:6a:3a:7a:60:b5:de:93:68:94:12:27:
         3d:ea:e3:a6:3a:9e:70:b0:de:c2:2e:fe:55:ba:7f:05:e3:8a:
         a0:ec:5d:80:22:20:89:26:fd:61:c1:e5:b3:61:f4:bd:29:15:
         c5:56:eb:2e:28:ef:29:a5:63:b1:2a:7b:5a:39:06:6d:3b:05:
         96:e3:5e:91:ef:7b:9a:bb:be:90:2d:2d:1c:cc:91:5f:02:da:
         8c:a8:4e:11:24:9b:35:af:52:65:f6:9b:26:f0:ec:26:74:ba:
         8a:6d:14:8a:da:31:75:0e:ec:47:25:9f:18:02:e1:59:19:5f:
         c8:aa:9d:85:fb:de:71:3b:12:08:20:20:ed:e0:5b:85:4a:c4:
         a0:7d:3c:fd:87:d5:6d:f8:16:0f:af:91:38:06:ca:95:73:b6:
         bc:57:8c:e0:13:bc:49:4a:18:bf:fa:1e:f4:16:36:11:22:5b:
         ca:4f:81:17:f1:98:6e:53:24:d1:24:f3:a4:9c:45:83:7c:99:
         d4:7c:b5:a9:c4:cc:ad:8b:2a:90:21:a0:b7:60:95:50:8e:78:
         e9:94:21:71:1b:f8:c7:36:dd:b7:48:f1:f1:05:05:7c:b8:76:
         33:bd:9f:46:28:d3:c4:b0:3f:b9:c0:cd:4f:e6:68:c5:5f:cd:
         fd:ef:d0:a6
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYVxtj188gwKfzRHjTqo8THUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGRkMDRhYWU3Y2VhYjE2MGRmZWVhZWNmMzg3NWU1NDYwMzExMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhpXLseb35onDJuTbyqdBe0UG+So
vJxHcMBGdbl1ukd2C1kX0m+NnfQPoyuHsDxmJHR01gVXePuceOuJyhN3wsWn6zzN
I8nu3lAaEXkispy+PJ4zXHAHtpxQ/mlzt4Wd9OHRYG98oP49k3duccFTZZr5ovNa
7bWgpRQwmXRUTFd1X2tGpTdUB2yqeb9yjQ6PZEZ3mgH8MkyjuinKm6zqcW6oiFl0
LFLcBRCmzaJKacuQtxrEMjirnr/8jcKZj7y7of5nnCWiiVmNa88QWTyhOyFjmYBC
7nuWQEvCxkVHyQ4fXz0FOcLtztjdDMMqf3D+4NFaSSDnKnOrjHJ9OquPhQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFO3dBKrnzqsWDf7q7POHXlRgMRG4MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvN2QwRXF1Zk9xeFlOX3Vyczg0ZGVWR0F4RWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBJSBgAwQA
LYZXMAwDBABdvXkDBABdvXowDAMEALmWTQMEBLmWQAMEArm/LAMEALnaEgMEALnj
zQMEALnv/gMEArn4yAMEArn8LAMEAcEIcgMEAMIjKQMEAsIpdDANBgkqhkiG9w0B
AQsFAAOCAQEAtDwbZ1TfTWo6emC13pNolBInPerjpjqecLDewi7+Vbp/BeOKoOxd
gCIgiSb9YcHls2H0vSkVxVbrLijvKaVjsSp7WjkGbTsFluNeke97mru+kC0tHMyR
XwLajKhOESSbNa9SZfabJvDsJnS6im0UitoxdQ7sRyWfGALhWRlfyKqdhfvecTsS
CCAg7eBbhUrEoH08/YfVbfgWD6+ROAbKlXO2vFeM4BO8SUoYv/oe9BY2ESJbyk+B
F/GYblMk0STzpJxFg3yZ1Hy1qcTMrYsqkCGgt2CVUI546ZQhcRv4xzbdt0jx8QUF
fLh2M72fRijTxLA/ucDNT+ZoxV/N/e/Qpg==
-----END CERTIFICATE-----