Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/cexBee8O7bFd3gjcLEIUDwV4KQk.roa
File:                     cexBee8O7bFd3gjcLEIUDwV4KQk.roa (raw, json)
Hash identifier:          t7wGIZgAvyf2zPr/oNUc+J307sTPlL6BFbueW2ma1Tg=
Subject key identifier:   71:EC:41:79:EF:0E:ED:B1:5D:DE:08:DC:2C:42:14:0F:05:78:29:09
Certificate issuer:       /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial:       01856FB1200A7EB4BE7BD630C6B4A676CDDD
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/cexBee8O7bFd3gjcLEIUDwV4KQk.roa
Signing time:             Sun 01 Jan 2023 23:35:57 +0000
ROA not before:           Sun 01 Jan 2023 23:35:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207990
IP address blocks:        171.22.248.0/23 maxlen: 24
                          194.116.248.0/22 maxlen: 24
                          193.42.224.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Mar 2023 12:20:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:b1:20:0a:7e:b4:be:7b:d6:30:c6:b4:a6:76:cd:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
        Validity
            Not Before: Jan  1 23:35:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=71ec4179ef0eedb15dde08dc2c42140f05782909
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:dc:ea:38:5e:d1:23:c3:af:d9:2e:b1:ba:36:
                    c7:ba:4f:1b:dd:ac:9f:dc:62:7a:c4:42:6f:5a:eb:
                    66:80:49:fc:ac:73:9f:b0:03:20:29:22:9c:33:9c:
                    b5:7c:a1:85:c4:78:50:6f:bb:d5:bf:32:8c:42:4d:
                    d4:68:ac:d8:c4:64:36:b6:b0:81:cc:4c:58:4c:a4:
                    53:93:d6:59:55:9b:16:6a:d8:b2:f9:c8:8c:9d:a8:
                    2d:fe:9d:3b:b1:af:1a:ad:d2:96:d0:d8:ed:e2:39:
                    64:c5:53:35:2d:fc:5f:8f:55:98:30:a2:d8:2a:ac:
                    38:f3:63:56:d8:f9:f4:c3:36:45:32:bb:80:50:c8:
                    6d:a6:36:15:85:05:b0:19:1c:f3:de:20:f0:49:09:
                    7d:26:9f:73:58:f7:d3:86:76:f2:2f:03:d3:41:58:
                    60:58:1b:e9:64:61:2b:ad:e5:89:f2:00:e1:e3:d3:
                    5d:93:06:88:8c:57:5c:eb:ef:ba:07:f7:8f:4c:15:
                    d3:68:3f:7d:ab:36:d0:44:45:12:ed:59:4d:58:c9:
                    37:40:c9:cb:5c:be:66:4b:19:3e:c9:31:8b:00:ca:
                    0a:7d:97:37:d6:4e:10:4b:84:8c:d0:7e:a8:3a:c1:
                    02:53:d5:a2:ff:16:dd:31:1d:79:5c:ad:c6:f8:8e:
                    d4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:EC:41:79:EF:0E:ED:B1:5D:DE:08:DC:2C:42:14:0F:05:78:29:09
            X509v3 Authority Key Identifier:
                keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/cexBee8O7bFd3gjcLEIUDwV4KQk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  171.22.248.0/23
                  193.42.224.0/22
                  194.116.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         37:20:a6:2f:be:8d:63:0e:a4:db:fc:69:38:92:95:11:88:8d:
         a0:ca:f9:f4:7e:6d:9b:51:5a:11:c0:31:e2:70:d1:63:52:bf:
         3a:9d:b6:93:f9:20:60:47:28:c1:e3:cb:de:bb:da:74:fa:22:
         2a:d7:fc:02:4e:ff:3f:71:f1:b9:db:25:23:e5:e3:d7:11:9b:
         2d:a9:a6:95:70:b0:d2:05:49:16:0f:2d:9c:4a:52:87:b1:dc:
         f9:67:0f:4d:ce:10:2c:df:ed:b8:33:78:0f:39:99:47:db:43:
         99:d8:03:41:48:9d:22:f7:a5:35:4c:93:df:11:11:7f:a7:fa:
         9f:ec:55:26:72:ed:7e:7d:e3:d7:8e:a7:c4:38:e2:30:15:cd:
         5e:83:aa:89:16:40:33:b2:b2:b9:01:75:be:ee:a6:e5:7f:5f:
         00:43:1e:12:a9:9f:a5:96:a7:bd:26:c1:04:53:e0:6f:4c:a6:
         78:d7:0e:98:63:ba:e6:b5:a0:7a:e2:95:e9:25:2e:da:9b:8c:
         03:69:5e:6b:5c:1b:5b:fc:d6:6a:bc:77:0f:67:b5:79:d3:43:
         52:7f:92:ca:9e:3d:f8:1d:41:5c:15:0d:7f:75:b3:85:d3:f4:
         5f:9a:08:6d:34:44:a1:4c:29:f4:bf:54:0f:d3:18:d8:ba:4f:
         67:e7:f8:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvsSAKfrS+e9YwxrSmds3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwMTAxMjMzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWVjNDE3OWVmMGVlZGIxNWRkZTA4ZGMyYzQyMTQwZjA1NzgyOTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNzqOF7RI8Ov2S6xujbHuk8b3ayf
3GJ6xEJvWutmgEn8rHOfsAMgKSKcM5y1fKGFxHhQb7vVvzKMQk3UaKzYxGQ2trCB
zExYTKRTk9ZZVZsWatiy+ciMnagt/p07sa8ardKW0Njt4jlkxVM1Lfxfj1WYMKLY
Kqw482NW2Pn0wzZFMruAUMhtpjYVhQWwGRzz3iDwSQl9Jp9zWPfThnbyLwPTQVhg
WBvpZGErreWJ8gDh49NdkwaIjFdc6++6B/ePTBXTaD99qzbQREUS7VlNWMk3QMnL
XL5mSxk+yTGLAMoKfZc31k4QS4SM0H6oOsECU9Wi/xbdMR15XK3G+I7UGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHHsQXnvDu2xXd4I3CxCFA8FeCkJMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvY2V4QmVlOE83YkZkM2dqY0xFSVVEd1Y0S1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBqxb4AwQC
wSrgAwQCwnT4MA0GCSqGSIb3DQEBCwUAA4IBAQA3IKYvvo1jDqTb/Gk4kpURiI2g
yvn0fm2bUVoRwDHicNFjUr86nbaT+SBgRyjB48veu9p0+iIq1/wCTv8/cfG52yUj
5ePXEZstqaaVcLDSBUkWDy2cSlKHsdz5Zw9NzhAs3+24M3gPOZlH20OZ2ANBSJ0i
96U1TJPfERF/p/qf7FUmcu1+fePXjqfEOOIwFc1eg6qJFkAzsrK5AXW+7qblf18A
Qx4SqZ+llqe9JsEEU+BvTKZ41w6YY7rmtaB64pXpJS7am4wDaV5rXBtb/NZqvHcP
Z7V500NSf5LKnj34HUFcFQ1/dbOF0/RfmghtNEShTCn0v1QP0xjYuk9n5/iq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org