Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/dET8faxs4fXx8BNhhuTo-cxikVU.roa
File:                     dET8faxs4fXx8BNhhuTo-cxikVU.roa (raw, json)
Hash identifier:          pOg/b2OE7S+TJus4DxBzhDbjEuy1evLDXQxJuZre44s=
Subject key identifier:   74:44:FC:7D:AC:6C:E1:F5:F1:F0:13:61:86:E4:E8:F9:CC:62:91:55
Certificate issuer:       /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial:       018675BBF492A1015AD705D3641A58E90338
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/dET8faxs4fXx8BNhhuTo-cxikVU.roa
Signing time:             Tue 21 Feb 2023 20:48:17 +0000
ROA not before:           Tue 21 Feb 2023 20:48:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213354
IP address blocks:        194.62.244.0/23 maxlen: 23
                          194.15.112.0/24 maxlen: 24
                          194.15.113.0/24 maxlen: 24
                          185.248.192.0/23 maxlen: 23
                          185.248.194.0/23 maxlen: 23
                          91.228.68.0/22 maxlen: 22
                          2a11:9c00::/40 maxlen: 40

Validation:               Failed, certificate revoked on Tue 21 Feb 2023 20:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:75:bb:f4:92:a1:01:5a:d7:05:d3:64:1a:58:e9:03:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
        Validity
            Not Before: Feb 21 20:48:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7444fc7dac6ce1f5f1f0136186e4e8f9cc629155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:2e:64:60:d8:5c:ec:df:31:c8:92:92:ac:c5:
                    47:ea:3b:88:1c:0a:8b:bc:bd:d0:6a:32:25:3b:93:
                    00:9d:d4:b0:b1:09:89:b7:60:76:4a:22:b2:19:23:
                    2d:46:c6:e0:13:93:a2:b4:04:f2:33:ef:5f:e9:be:
                    df:63:ea:e0:37:8a:cd:fb:d2:5f:a4:20:53:d5:3c:
                    54:07:02:35:8f:99:df:ba:e3:9e:c5:81:fc:a3:69:
                    00:0f:1e:3b:c5:51:c1:5f:03:c0:92:2e:87:97:a8:
                    87:09:ad:91:ab:4e:4b:aa:26:59:13:c7:41:7e:0e:
                    91:e1:3a:bb:61:3a:19:8e:2a:6e:29:9b:a0:8c:21:
                    25:4a:15:89:92:47:5f:7f:1e:f8:82:a0:c4:0a:0e:
                    3f:3f:a2:aa:f4:c2:1f:38:1d:a1:b0:2d:f2:61:26:
                    07:72:6b:ca:a9:ed:c5:6d:34:c4:93:2a:ff:b0:fe:
                    9a:7f:70:fe:c4:46:c7:dc:2b:4d:d0:69:d7:dc:20:
                    05:bb:cd:a0:cd:f3:56:1f:f9:09:6d:c3:2a:03:fc:
                    54:80:06:80:22:5f:db:49:bc:cd:e8:8a:5f:a5:f3:
                    e7:36:99:60:46:5c:39:d3:e9:3d:a7:d3:8c:29:fc:
                    fe:35:22:ca:f2:1a:4f:2d:a7:e5:e1:19:a3:6a:30:
                    01:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:44:FC:7D:AC:6C:E1:F5:F1:F0:13:61:86:E4:E8:F9:CC:62:91:55
            X509v3 Authority Key Identifier:
                keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/dET8faxs4fXx8BNhhuTo-cxikVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.68.0/22
                  185.248.192.0/22
                  194.15.112.0/23
                  194.62.244.0/23
                IPv6:
                  2a11:9c00::/40

    Signature Algorithm: sha256WithRSAEncryption
         1a:34:e2:19:3e:49:49:0e:4a:0d:46:da:51:9e:83:c4:9a:4e:
         52:2c:92:8c:fb:e0:09:43:7f:8d:52:5c:e0:27:66:a0:15:b6:
         6b:01:52:13:2a:eb:c1:94:6f:50:39:14:a0:33:22:d8:63:e2:
         8b:bc:06:f8:38:41:a8:b2:d5:61:c5:d7:01:9d:11:7a:19:a2:
         09:77:79:f5:f9:22:55:a0:9b:cb:b1:90:1a:30:33:d2:35:03:
         d0:f3:3f:c6:ee:40:d2:57:6b:af:e1:b4:71:06:35:dc:02:22:
         3a:dc:d3:1c:aa:9c:1c:5e:bb:55:17:38:3c:6e:ec:65:c3:8e:
         ef:53:f1:81:11:33:4f:69:d4:78:3e:ae:c8:d2:9e:46:d9:14:
         47:26:eb:c3:f7:31:77:21:ce:d1:a7:23:da:58:7d:2e:d5:38:
         2b:1b:f7:e4:53:ee:62:da:7b:14:31:b9:7f:1a:91:04:a6:97:
         05:04:28:b6:a9:4f:e5:a9:68:4d:a0:f5:ae:a9:2e:ef:bd:5a:
         58:8b:6c:46:47:93:d6:db:15:b5:1a:fa:cd:f0:4a:00:fd:c2:
         29:05:8f:9c:48:e1:5f:d2:c8:f3:d4:a1:f1:3a:05:56:4f:45:
         df:2d:27:39:55:0d:9c:ce:50:92:46:86:cb:67:1a:72:9b:76:
         90:4a:df:cc
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYZ1u/SSoQFa1wXTZBpY6QM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMjIxMjA0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ0ZmM3ZGFjNmNlMWY1ZjFmMDEzNjE4NmU0ZThmOWNjNjI5MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS5kYNhc7N8xyJKSrMVH6juIHAqL
vL3QajIlO5MAndSwsQmJt2B2SiKyGSMtRsbgE5OitATyM+9f6b7fY+rgN4rN+9Jf
pCBT1TxUBwI1j5nfuuOexYH8o2kADx47xVHBXwPAki6Hl6iHCa2Rq05LqiZZE8dB
fg6R4Tq7YToZjipuKZugjCElShWJkkdffx74gqDECg4/P6Kq9MIfOB2hsC3yYSYH
cmvKqe3FbTTEkyr/sP6af3D+xEbH3CtN0GnX3CAFu82gzfNWH/kJbcMqA/xUgAaA
Il/bSbzN6IpfpfPnNplgRlw50+k9p9OMKfz+NSLK8hpPLafl4RmjajABxQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHRE/H2sbOH18fATYYbk6PnMYpFVMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvZEVUOGZheHM0Zlh4OEJOaGh1VG8tY3hpa1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCW+REAwQC
ufjAAwQBwg9wAwQBwj70MA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0BAQsFAAOC
AQEAGjTiGT5JSQ5KDUbaUZ6DxJpOUiySjPvgCUN/jVJc4CdmoBW2awFSEyrrwZRv
UDkUoDMi2GPii7wG+DhBqLLVYcXXAZ0RehmiCXd59fkiVaCby7GQGjAz0jUD0PM/
xu5A0ldrr+G0cQY13AIiOtzTHKqcHF67VRc4PG7sZcOO71PxgREzT2nUeD6uyNKe
RtkURybrw/cxdyHO0acj2lh9LtU4Kxv35FPuYtp7FDG5fxqRBKaXBQQotqlP5alo
TaD1rqku771aWItsRkeT1tsVtRr6zfBKAP3CKQWPnEjhX9LI89Sh8ToFVk9F3y0n
OVUNnM5QkkaGy2cacpt2kErfzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org