Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/reuPm2pbt2PjwrHO5atnxd7Ae4s.roa
File:                     reuPm2pbt2PjwrHO5atnxd7Ae4s.roa (raw, json)
Hash identifier:          AtgKTfBHEWwc7vR2AKSy6Xy2K2InLbJddys0eRHff4I=
Subject key identifier:   AD:EB:8F:9B:6A:5B:B7:63:E3:C2:B1:CE:E5:AB:67:C5:DE:C0:7B:8B
Certificate issuer:       /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial:       018675BBF3DB7ABE09A22A028FF1B22FB377
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/reuPm2pbt2PjwrHO5atnxd7Ae4s.roa
Signing time:             Tue 21 Feb 2023 20:48:17 +0000
ROA not before:           Tue 21 Feb 2023 20:48:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48031
IP address blocks:        194.62.246.0/23 maxlen: 23
                          194.15.114.0/24 maxlen: 24
                          194.26.18.0/24 maxlen: 24
                          91.213.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Feb 2023 20:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:75:bb:f3:db:7a:be:09:a2:2a:02:8f:f1:b2:2f:b3:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
        Validity
            Not Before: Feb 21 20:48:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=adeb8f9b6a5bb763e3c2b1cee5ab67c5dec07b8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:70:44:04:9a:2f:1f:ea:63:7f:2d:68:81:8b:
                    66:eb:a1:8c:10:5a:4c:54:f2:af:3e:a9:78:6a:e7:
                    21:5d:86:11:9a:0c:34:9b:f1:0f:70:b1:44:8d:5c:
                    fc:82:c4:e2:5b:aa:84:39:dd:1d:a4:5d:5e:45:cd:
                    ea:0e:05:d7:d1:76:ec:ba:8a:be:55:46:34:62:f7:
                    af:1e:2e:cc:d5:8a:92:12:a1:5a:34:b9:60:93:08:
                    0d:e1:a1:c7:d9:d7:d2:c8:15:80:f6:d3:29:38:8f:
                    8e:af:91:c3:15:e5:0f:bf:ec:71:5c:af:62:e0:0a:
                    48:90:ea:4d:9d:c3:b0:d1:a3:c4:b4:b0:0d:05:0d:
                    c5:b4:d2:d8:08:4f:9e:a4:fe:1b:99:1c:99:a5:cb:
                    9c:9d:5e:70:6c:74:45:f5:11:f9:d0:c1:53:fb:fa:
                    40:a1:9c:7c:d3:56:d7:ba:f8:c4:fb:12:22:92:68:
                    bd:49:b5:a4:2d:08:68:35:52:19:86:e3:c2:e5:97:
                    1b:65:7f:b9:a1:11:29:df:99:56:bb:a4:f3:21:e1:
                    32:cd:9b:c8:df:a1:7e:d3:94:bd:94:d0:fe:0f:20:
                    19:89:7e:00:55:85:f9:04:f3:ee:34:e5:15:c1:c0:
                    0e:30:0e:15:50:2c:3e:89:c7:12:eb:d8:13:ed:5d:
                    0c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:EB:8F:9B:6A:5B:B7:63:E3:C2:B1:CE:E5:AB:67:C5:DE:C0:7B:8B
            X509v3 Authority Key Identifier:
                keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/reuPm2pbt2PjwrHO5atnxd7Ae4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.8.0/24
                  194.15.114.0/24
                  194.26.18.0/24
                  194.62.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         73:3e:ed:cb:d7:5d:7d:a4:a1:1d:57:ac:11:12:c4:b3:91:d0:
         80:1d:5a:9e:b1:dc:ad:e7:de:50:4f:a3:7b:75:42:46:d5:b5:
         cb:db:a7:23:45:cb:02:f8:ae:59:48:7b:8d:58:53:9f:ec:9c:
         3b:75:ed:a4:40:15:24:02:6d:52:a8:c7:4d:ab:33:e5:85:af:
         94:a8:9a:e6:d7:c1:40:5d:e7:b9:8e:a5:8a:7f:72:c8:39:7e:
         f0:30:39:7c:2c:39:17:da:d7:c3:d2:d7:ef:ce:f0:5b:a9:37:
         bd:d1:9d:62:80:34:95:91:89:08:f3:4a:38:7b:e2:f5:6b:ff:
         21:52:14:03:d4:93:9d:e3:a3:a1:e5:08:1d:c1:41:70:91:c5:
         c1:51:99:bc:8f:c0:a6:fd:30:b0:e8:23:6c:b4:df:bf:5e:68:
         30:ab:95:12:39:b7:dc:3f:30:92:b9:c5:7b:8a:dc:5f:31:0a:
         b1:f8:08:01:93:04:42:3b:3d:db:bf:28:46:17:a1:ae:6b:95:
         e0:e8:ab:44:45:57:6f:98:57:ff:58:96:18:9e:22:39:c4:55:
         3f:e5:93:90:9f:72:f2:23:fb:bf:b1:f5:3e:bd:bc:fa:41:8f:
         5a:c1:51:c3:44:e2:df:c4:b3:a7:65:a4:c5:59:87:e9:a7:3c:
         c4:21:89:cc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZ1u/Pber4JoioCj/GyL7N3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMjIxMjA0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGViOGY5YjZhNWJiNzYzZTNjMmIxY2VlNWFiNjdjNWRlYzA3YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnBEBJovH+pjfy1ogYtm66GMEFpM
VPKvPql4auchXYYRmgw0m/EPcLFEjVz8gsTiW6qEOd0dpF1eRc3qDgXX0Xbsuoq+
VUY0YvevHi7M1YqSEqFaNLlgkwgN4aHH2dfSyBWA9tMpOI+Or5HDFeUPv+xxXK9i
4ApIkOpNncOw0aPEtLANBQ3FtNLYCE+epP4bmRyZpcucnV5wbHRF9RH50MFT+/pA
oZx801bXuvjE+xIikmi9SbWkLQhoNVIZhuPC5ZcbZX+5oREp35lWu6TzIeEyzZvI
36F+05S9lND+DyAZiX4AVYX5BPPuNOUVwcAOMA4VUCw+iccS69gT7V0MCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK3rj5tqW7dj48KxzuWrZ8XewHuLMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvcmV1UG0ycGJ0MlBqd3JITzVhdG54ZDdBZTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9UIAwQA
wg9yAwQAwhoSAwQBwj72MA0GCSqGSIb3DQEBCwUAA4IBAQBzPu3L1119pKEdV6wR
EsSzkdCAHVqesdyt595QT6N7dUJG1bXL26cjRcsC+K5ZSHuNWFOf7Jw7de2kQBUk
Am1SqMdNqzPlha+UqJrm18FAXee5jqWKf3LIOX7wMDl8LDkX2tfD0tfvzvBbqTe9
0Z1igDSVkYkI80o4e+L1a/8hUhQD1JOd46Oh5QgdwUFwkcXBUZm8j8Cm/TCw6CNs
tN+/Xmgwq5USObfcPzCSucV7itxfMQqx+AgBkwRCOz3bvyhGF6Gua5Xg6KtERVdv
mFf/WJYYniI5xFU/5ZOQn3LyI/u/sfU+vbz6QY9awVHDROLfxLOnZaTFWYfppzzE
IYnM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:45 2024 by rpki-client on console-fra.rpki-client.org