Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/444d22-4b05-4b83-b8e7-779820a6c81c/1/EyjQSctDYEZdGeRPjTdZfc8usjI.roa
File:                     EyjQSctDYEZdGeRPjTdZfc8usjI.roa (raw, json)
Hash identifier:          sRA/zvKH1hP4xxGnsh3TtAlcZfgruP6V4N3zdXEJKhw=
Subject key identifier:   13:28:D0:49:CB:43:60:46:5D:19:E4:4F:8D:37:59:7D:CF:2E:B2:32
Certificate issuer:       /CN=79cf8b7942917e960f17297dc61747bcb0768e11
Certificate serial:       0186C5B8E5CBDA01DC298907751BFD99B9D6
Authority key identifier: 79:CF:8B:79:42:91:7E:96:0F:17:29:7D:C6:17:47:BC:B0:76:8E:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ec-LeUKRfpYPFyl9xhdHvLB2jhE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/444d22-4b05-4b83-b8e7-779820a6c81c/1/EyjQSctDYEZdGeRPjTdZfc8usjI.roa
Signing time:             Thu 09 Mar 2023 09:34:34 +0000
ROA not before:           Thu 09 Mar 2023 09:34:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204650
IP address blocks:        217.18.90.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Mar 2023 15:46:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c5:b8:e5:cb:da:01:dc:29:89:07:75:1b:fd:99:b9:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79cf8b7942917e960f17297dc61747bcb0768e11
        Validity
            Not Before: Mar  9 09:34:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1328d049cb4360465d19e44f8d37597dcf2eb232
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f9:87:e8:55:b0:46:40:48:a4:ae:a6:cc:6f:
                    d3:18:b8:3f:62:87:b1:5d:c2:3b:9d:0d:32:0f:6b:
                    a9:55:34:38:e0:c5:b3:29:24:ab:a4:52:6d:bd:21:
                    34:01:3d:7a:68:6a:c5:62:9e:8d:53:f7:bb:01:62:
                    3c:05:4a:d2:6a:bf:f4:ed:13:b5:80:07:88:6b:b3:
                    35:44:62:3e:26:a1:54:89:33:76:57:3c:af:81:1f:
                    5f:9e:3c:58:a7:a6:4e:cc:10:8f:f2:c4:01:95:d6:
                    94:d8:c1:da:e5:44:48:8b:5b:b7:08:3f:28:1e:74:
                    75:4b:4c:70:3a:77:5f:20:38:1e:d2:68:c5:87:b2:
                    9e:86:06:70:bf:57:18:91:39:42:ab:af:9f:e6:65:
                    a9:60:f2:31:f2:a4:73:50:4b:f1:84:80:b2:b1:77:
                    89:cb:0a:ba:81:e1:91:7a:aa:bb:89:90:27:42:50:
                    ec:7d:9a:2e:23:d5:7b:7b:55:b9:25:b9:e4:b1:b1:
                    7a:5c:1e:0b:46:f6:c1:4b:a9:82:0b:f6:ab:da:3f:
                    bd:ae:9f:58:f1:ca:f2:a9:d3:95:bc:24:4d:64:9d:
                    bd:cc:83:1f:d1:55:1f:90:9f:20:08:ee:f8:94:e0:
                    9e:82:b8:74:da:13:dc:3b:8d:85:e7:29:3b:28:4f:
                    2d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:28:D0:49:CB:43:60:46:5D:19:E4:4F:8D:37:59:7D:CF:2E:B2:32
            X509v3 Authority Key Identifier:
                keyid:79:CF:8B:79:42:91:7E:96:0F:17:29:7D:C6:17:47:BC:B0:76:8E:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec-LeUKRfpYPFyl9xhdHvLB2jhE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/444d22-4b05-4b83-b8e7-779820a6c81c/1/EyjQSctDYEZdGeRPjTdZfc8usjI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/444d22-4b05-4b83-b8e7-779820a6c81c/1/ec-LeUKRfpYPFyl9xhdHvLB2jhE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.18.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:c1:ec:29:54:56:0a:c9:54:03:e9:cb:74:d7:b8:4d:7f:0f:
         fe:0b:63:0d:6e:9d:d7:6b:89:c5:4d:c6:f2:b7:35:67:ce:ed:
         ba:ca:e6:3f:0f:bb:d6:f8:d3:a2:f7:5e:4d:80:c9:96:1f:ad:
         76:e2:a5:3c:80:ab:53:41:58:36:39:d9:b6:c3:b5:14:d2:f4:
         75:6e:2b:46:79:f2:4b:a0:78:d5:3d:e0:45:92:64:80:c3:c0:
         9e:d0:83:9a:3c:ea:5e:33:f4:a0:ad:da:b6:fb:66:1a:61:fc:
         38:88:2f:d7:00:52:3a:7b:d1:52:25:4a:09:e6:e8:36:af:ce:
         15:49:e5:b3:27:3a:7f:5f:6c:bb:e6:03:19:a2:86:a6:ab:a9:
         18:bf:77:b1:f8:2d:69:af:fe:67:93:eb:f6:26:7c:d0:7d:a4:
         b5:22:84:cc:ce:1b:73:b3:93:00:de:32:cc:1b:36:8f:61:c9:
         98:63:0f:f5:7c:5e:93:06:c8:20:9d:f2:b4:92:50:6a:bb:da:
         4e:0a:9b:3f:4e:41:82:bb:59:0c:28:bc:15:2e:29:6e:eb:d6:
         72:e5:76:5f:38:b4:52:53:e8:d7:a0:66:62:3c:15:4f:5d:49:
         ce:cb:f7:4f:c2:14:da:61:67:c2:ee:c5:ce:fa:03:53:99:16:
         75:aa:ba:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbFuOXL2gHcKYkHdRv9mbnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Y2Y4Yjc5NDI5MTdlOTYwZjE3Mjk3ZGM2MTc0N2JjYjA3
NjhlMTEwHhcNMjMwMzA5MDkzNDM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzI4ZDA0OWNiNDM2MDQ2NWQxOWU0NGY4ZDM3NTk3ZGNmMmViMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfmH6FWwRkBIpK6mzG/TGLg/Yoex
XcI7nQ0yD2upVTQ44MWzKSSrpFJtvSE0AT16aGrFYp6NU/e7AWI8BUrSar/07RO1
gAeIa7M1RGI+JqFUiTN2VzyvgR9fnjxYp6ZOzBCP8sQBldaU2MHa5URIi1u3CD8o
HnR1S0xwOndfIDge0mjFh7KehgZwv1cYkTlCq6+f5mWpYPIx8qRzUEvxhICysXeJ
ywq6geGReqq7iZAnQlDsfZouI9V7e1W5JbnksbF6XB4LRvbBS6mCC/ar2j+9rp9Y
8cryqdOVvCRNZJ29zIMf0VUfkJ8gCO74lOCegrh02hPcO42F5yk7KE8tywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBMo0EnLQ2BGXRnkT403WX3PLrIyMB8GA1UdIwQY
MBaAFHnPi3lCkX6WDxcpfcYXR7ywdo4RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWMtTGVVS1JmcFlQRnlsOXhoZEh2TEIyamhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC80NDRkMjItNGIwNS00YjgzLWI4ZTct
Nzc5ODIwYTZjODFjLzEvRXlqUVNjdERZRVpkR2VSUGpUZFpmYzh1c2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC80NDRkMjItNGIwNS00YjgzLWI4ZTctNzc5ODIwYTZjODFj
LzEvZWMtTGVVS1JmcFlQRnlsOXhoZEh2TEIyamhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RJaMA0G
CSqGSIb3DQEBCwUAA4IBAQBjwewpVFYKyVQD6ct017hNfw/+C2MNbp3Xa4nFTcby
tzVnzu26yuY/D7vW+NOi915NgMmWH6124qU8gKtTQVg2Odm2w7UU0vR1bitGefJL
oHjVPeBFkmSAw8Ce0IOaPOpeM/Sgrdq2+2YaYfw4iC/XAFI6e9FSJUoJ5ug2r84V
SeWzJzp/X2y75gMZooamq6kYv3ex+C1pr/5nk+v2JnzQfaS1IoTMzhtzs5MA3jLM
GzaPYcmYYw/1fF6TBsggnfK0klBqu9pOCps/TkGCu1kMKLwVLilu69Zy5XZfOLRS
U+jXoGZiPBVPXUnOy/dPwhTaYWfC7sXO+gNTmRZ1qro+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:38 2024 by rpki-client on console-ams.rpki-client.org