Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/5776a3-06dd-4980-8f6f-d3e3c78e7c44/1/0euznn2sX4Epe0KAD1D6NbVLrVc.roa
File:                     0euznn2sX4Epe0KAD1D6NbVLrVc.roa (raw, json)
Hash identifier:          +vsRxhrfrTHXtcumygJyY9T9SmlX4c2GJ0lkJx8g2ok=
Subject key identifier:   D1:EB:B3:9E:7D:AC:5F:81:29:7B:42:80:0F:50:FA:35:B5:4B:AD:57
Certificate issuer:       /CN=0a5ec6e0660db6f625b978be0d5ee71c2dcd465a
Certificate serial:       01856D0AC91DC7E717F9577FFDD6E25FDD66
Authority key identifier: 0A:5E:C6:E0:66:0D:B6:F6:25:B9:78:BE:0D:5E:E7:1C:2D:CD:46:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cl7G4GYNtvYluXi-DV7nHC3NRlo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/5776a3-06dd-4980-8f6f-d3e3c78e7c44/1/0euznn2sX4Epe0KAD1D6NbVLrVc.roa
Signing time:             Sun 01 Jan 2023 11:15:01 +0000
ROA not before:           Sun 01 Jan 2023 11:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210101
IP address blocks:        85.117.224.0/22 maxlen: 22
                          2a0d:b4c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:0a:c9:1d:c7:e7:17:f9:57:7f:fd:d6:e2:5f:dd:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a5ec6e0660db6f625b978be0d5ee71c2dcd465a
        Validity
            Not Before: Jan  1 11:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1ebb39e7dac5f81297b42800f50fa35b54bad57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:12:d3:8e:bb:db:82:9d:99:5b:95:08:a2:90:
                    5d:1c:34:12:93:33:52:e9:15:c1:3a:df:a1:cd:0a:
                    3b:b7:d4:a8:22:43:9c:ae:1f:7a:88:e8:4e:fc:74:
                    9e:e4:ec:11:ea:d2:a8:7f:80:df:95:a6:8a:0b:71:
                    a8:69:2e:a1:d7:c3:0b:5e:b8:00:62:80:53:61:ea:
                    36:d1:c6:cd:bc:55:b7:3e:7b:ed:1f:76:01:59:fd:
                    26:40:80:a6:e1:6c:33:ff:ab:06:a7:e4:4c:e3:70:
                    92:97:06:3a:c7:de:e7:7d:48:f6:86:e5:13:f3:70:
                    c4:c5:33:fb:70:19:ac:6f:3a:8a:02:91:b7:8e:7c:
                    9c:ba:1d:20:c1:98:10:71:83:42:10:8a:75:75:98:
                    03:40:25:ff:fb:7d:df:ed:32:fa:f4:72:98:68:62:
                    7d:d9:0b:e5:42:f8:85:60:b8:7d:85:4c:d8:4e:fe:
                    a2:cf:6a:d0:92:dd:5a:0b:a1:bc:a2:d3:71:72:70:
                    8b:ba:d5:65:68:8f:51:d0:7e:25:d4:1c:9b:f5:8a:
                    72:11:a3:38:98:d0:2f:e1:ae:44:03:c3:c9:78:96:
                    a6:86:70:e3:52:20:0b:50:da:7f:de:26:3a:ab:c5:
                    2d:15:51:e6:f5:2f:ce:09:3c:af:15:a2:96:f1:fe:
                    c5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:EB:B3:9E:7D:AC:5F:81:29:7B:42:80:0F:50:FA:35:B5:4B:AD:57
            X509v3 Authority Key Identifier:
                keyid:0A:5E:C6:E0:66:0D:B6:F6:25:B9:78:BE:0D:5E:E7:1C:2D:CD:46:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cl7G4GYNtvYluXi-DV7nHC3NRlo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5776a3-06dd-4980-8f6f-d3e3c78e7c44/1/0euznn2sX4Epe0KAD1D6NbVLrVc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5776a3-06dd-4980-8f6f-d3e3c78e7c44/1/Cl7G4GYNtvYluXi-DV7nHC3NRlo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.117.224.0/22
                IPv6:
                  2a0d:b4c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         27:41:b9:e8:1b:8a:9d:dc:12:a3:12:5b:e3:1f:36:3d:ba:ed:
         9f:5b:7a:a3:34:77:17:42:a1:eb:d6:bb:a3:c9:9a:2e:7b:ce:
         d3:42:38:12:5e:9c:a2:4f:55:c4:91:59:76:da:31:f9:c0:42:
         5b:6b:d8:43:d3:aa:d0:ba:c7:c2:d3:90:c5:b9:e4:7d:d2:2e:
         3c:05:fa:2b:9c:79:b2:b3:f7:8c:50:61:33:41:d3:b8:d9:6e:
         c8:70:34:cd:67:a6:2c:bf:21:d0:81:aa:38:68:c9:07:e8:2f:
         25:eb:ce:dc:55:35:aa:41:9a:35:fd:4b:ce:4d:49:cc:1f:e3:
         1c:7a:19:14:f2:ee:b1:85:90:4a:22:72:4f:23:ca:d3:22:0d:
         4d:e5:97:c0:11:db:be:8d:5c:f1:84:fc:af:5a:b9:d6:f5:b1:
         5e:18:03:c5:65:7a:82:0c:bb:c0:88:a1:2f:b8:c3:65:71:ef:
         f2:0d:7a:70:09:2a:23:e4:bb:f1:0d:37:43:61:79:7a:0d:5a:
         1e:10:c3:ba:83:62:3b:e4:5d:88:d2:12:c7:b2:4f:cf:63:f9:
         96:75:d4:08:7e:9b:bf:ec:45:8e:24:98:a9:c8:16:b3:c7:2c:
         fe:63:09:d1:df:df:6b:8f:01:d3:ce:db:1c:26:7e:53:d1:69:
         dc:33:e0:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtCskdx+cX+Vd//dbiX91mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNWVjNmUwNjYwZGI2ZjYyNWI5NzhiZTBkNWVlNzFjMmRj
ZDQ2NWEwHhcNMjMwMTAxMTExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWViYjM5ZTdkYWM1ZjgxMjk3YjQyODAwZjUwZmEzNWI1NGJhZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRLTjrvbgp2ZW5UIopBdHDQSkzNS
6RXBOt+hzQo7t9SoIkOcrh96iOhO/HSe5OwR6tKof4DflaaKC3GoaS6h18MLXrgA
YoBTYeo20cbNvFW3PnvtH3YBWf0mQICm4Wwz/6sGp+RM43CSlwY6x97nfUj2huUT
83DExTP7cBmsbzqKApG3jnycuh0gwZgQcYNCEIp1dZgDQCX/+33f7TL69HKYaGJ9
2QvlQviFYLh9hUzYTv6iz2rQkt1aC6G8otNxcnCLutVlaI9R0H4l1Byb9YpyEaM4
mNAv4a5EA8PJeJamhnDjUiALUNp/3iY6q8UtFVHm9S/OCTyvFaKW8f7F3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNHrs559rF+BKXtCgA9Q+jW1S61XMB8GA1UdIwQY
MBaAFApexuBmDbb2Jbl4vg1e5xwtzUZaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2w3RzRHWU50dllsdVhpLURWN25IQzNOUmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy81Nzc2YTMtMDZkZC00OTgwLThmNmYt
ZDNlM2M3OGU3YzQ0LzEvMGV1em5uMnNYNEVwZTBLQUQxRDZOYlZMclZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy81Nzc2YTMtMDZkZC00OTgwLThmNmYtZDNlM2M3OGU3YzQ0
LzEvQ2w3RzRHWU50dllsdVhpLURWN25IQzNOUmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVXXgMA0E
AgACMAcDBQMqDbTAMA0GCSqGSIb3DQEBCwUAA4IBAQAnQbnoG4qd3BKjElvjHzY9
uu2fW3qjNHcXQqHr1rujyZoue87TQjgSXpyiT1XEkVl22jH5wEJba9hD06rQusfC
05DFueR90i48BfornHmys/eMUGEzQdO42W7IcDTNZ6YsvyHQgao4aMkH6C8l687c
VTWqQZo1/UvOTUnMH+McehkU8u6xhZBKInJPI8rTIg1N5ZfAEdu+jVzxhPyvWrnW
9bFeGAPFZXqCDLvAiKEvuMNlce/yDXpwCSoj5LvxDTdDYXl6DVoeEMO6g2I75F2I
0hLHsk/PY/mWddQIfpu/7EWOJJipyBazxyz+YwnR399rjwHTztscJn5T0WncM+D8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:44 2024 by rpki-client on console-ams.rpki-client.org