Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/EqIb8i03VkMh9irZG1k6QKKxUyo.roa
File:                     EqIb8i03VkMh9irZG1k6QKKxUyo.roa (raw, json)
Hash identifier:          +A2egDRUdfPVMzZxi631eyt0G/sR7/raqxN9Vq3+80E=
Subject key identifier:   12:A2:1B:F2:2D:37:56:43:21:F6:2A:D9:1B:59:3A:40:A2:B1:53:2A
Certificate issuer:       /CN=69507f066f2bb0389dd88436074e1426114f2d92
Certificate serial:       01863167BF3881B61DDF4533018A1EAC438C
Authority key identifier: 69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/EqIb8i03VkMh9irZG1k6QKKxUyo.roa
Signing time:             Wed 08 Feb 2023 14:22:08 +0000
ROA not before:           Wed 08 Feb 2023 14:22:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        178.208.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:31:67:bf:38:81:b6:1d:df:45:33:01:8a:1e:ac:43:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69507f066f2bb0389dd88436074e1426114f2d92
        Validity
            Not Before: Feb  8 14:22:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=12a21bf22d37564321f62ad91b593a40a2b1532a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:89:ab:fb:ea:5c:9b:e5:60:74:01:b8:b0:d3:
                    73:3d:dd:e6:3a:e1:b2:f8:3a:55:22:21:11:01:62:
                    94:91:ec:8b:7a:e9:c4:09:63:5b:73:ce:fa:84:6c:
                    8e:df:6e:e0:49:3c:02:43:04:33:1a:6d:2f:94:87:
                    12:2a:49:a2:9f:d7:11:86:89:bd:99:00:94:fd:3d:
                    42:e6:86:a5:cf:89:e9:45:c5:57:7f:c9:dd:c8:3b:
                    5e:64:18:f4:42:b9:a9:2e:8f:5b:7b:4a:89:54:31:
                    00:49:02:80:da:f3:fb:c9:37:03:3e:55:fe:6f:e2:
                    dc:ca:c5:4a:dd:19:9c:79:97:40:fa:34:75:74:60:
                    b5:93:84:dc:95:83:9a:36:63:7c:b9:69:6d:a0:b7:
                    00:83:b8:01:18:b3:15:e6:54:e7:a6:14:6e:5e:66:
                    e9:0e:5a:f8:bd:f3:cb:56:19:68:80:57:cf:c3:d1:
                    8c:26:78:43:90:20:6d:95:3b:99:e5:ae:8c:c9:4c:
                    8b:53:95:6b:8c:5b:4a:f4:28:23:c6:e4:fa:a7:ac:
                    d0:7d:2d:2d:5e:d3:6e:eb:d0:1a:3c:4b:14:7d:0f:
                    ae:22:c1:f8:aa:cb:65:4c:a8:1b:9b:fe:df:9a:44:
                    02:df:6b:60:35:fd:4d:e9:02:86:e6:7c:5a:c9:f2:
                    e8:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:A2:1B:F2:2D:37:56:43:21:F6:2A:D9:1B:59:3A:40:A2:B1:53:2A
            X509v3 Authority Key Identifier:
                keyid:69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/EqIb8i03VkMh9irZG1k6QKKxUyo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.208.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:06:fd:c6:5a:8c:af:ab:ed:fb:0f:34:f7:f6:8e:90:c4:e0:
         3e:d3:0d:f4:08:75:10:75:fb:35:97:be:36:4e:46:55:f5:59:
         97:46:49:19:d0:46:5a:fe:e9:34:ff:46:6e:3e:fd:d6:b1:60:
         af:47:77:53:a9:f4:bc:0a:ac:89:ac:87:ee:d8:f4:55:c6:14:
         7f:1c:81:17:9a:9a:90:5a:7e:ef:0a:c1:cf:e2:4e:60:ef:83:
         47:8b:6b:7a:e8:fd:66:6a:f9:0d:ed:22:42:57:57:39:ed:f1:
         97:b2:49:47:ee:f6:a5:a1:1b:ae:a8:43:6e:f2:1f:36:51:c0:
         10:18:2f:0b:df:15:2e:4b:94:91:de:9f:7b:91:5a:e9:87:59:
         5b:2c:c4:2e:87:75:e4:07:ef:7d:d6:1e:c5:5a:01:61:02:94:
         c3:33:91:22:27:d4:4d:76:5f:e4:b2:60:62:35:17:08:a5:d6:
         bd:98:8a:e1:ab:44:b9:b4:05:2d:84:05:45:05:c1:47:eb:95:
         27:46:fa:4e:38:da:9b:37:a0:dc:c4:0b:f6:bc:14:e2:f7:d3:
         34:12:7d:7f:19:fe:83:db:65:88:2a:c1:bf:9f:e7:f8:d7:f3:
         41:98:b6:d0:c3:22:58:32:89:0a:c2:92:48:4f:03:14:6d:25:
         24:b6:f3:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYxZ784gbYd30UzAYoerEOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTA3ZjA2NmYyYmIwMzg5ZGQ4ODQzNjA3NGUxNDI2MTE0
ZjJkOTIwHhcNMjMwMjA4MTQyMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmEyMWJmMjJkMzc1NjQzMjFmNjJhZDkxYjU5M2E0MGEyYjE1MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4mr++pcm+VgdAG4sNNzPd3mOuGy
+DpVIiERAWKUkeyLeunECWNbc876hGyO327gSTwCQwQzGm0vlIcSKkmin9cRhom9
mQCU/T1C5oalz4npRcVXf8ndyDteZBj0QrmpLo9be0qJVDEASQKA2vP7yTcDPlX+
b+LcysVK3RmceZdA+jR1dGC1k4TclYOaNmN8uWltoLcAg7gBGLMV5lTnphRuXmbp
Dlr4vfPLVhlogFfPw9GMJnhDkCBtlTuZ5a6MyUyLU5VrjFtK9CgjxuT6p6zQfS0t
XtNu69AaPEsUfQ+uIsH4qstlTKgbm/7fmkQC32tgNf1N6QKG5nxayfLoSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBKiG/ItN1ZDIfYq2RtZOkCisVMqMB8GA1UdIwQY
MBaAFGlQfwZvK7A4ndiENgdOFCYRTy2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEt
MGUxYjhmZWE4OTEzLzEvRXFJYjhpMDNWa01oOWlyWkcxazZRS0t4VXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEtMGUxYjhmZWE4OTEz
LzEvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstBXMA0G
CSqGSIb3DQEBCwUAA4IBAQA7Bv3GWoyvq+37DzT39o6QxOA+0w30CHUQdfs1l742
TkZV9VmXRkkZ0EZa/uk0/0ZuPv3WsWCvR3dTqfS8CqyJrIfu2PRVxhR/HIEXmpqQ
Wn7vCsHP4k5g74NHi2t66P1mavkN7SJCV1c57fGXsklH7valoRuuqENu8h82UcAQ
GC8L3xUuS5SR3p97kVrph1lbLMQuh3XkB+991h7FWgFhApTDM5EiJ9RNdl/ksmBi
NRcIpda9mIrhq0S5tAUthAVFBcFH65UnRvpOONqbN6DcxAv2vBTi99M0En1/Gf6D
22WIKsG/n+f41/NBmLbQwyJYMokKwpJITwMUbSUktvO0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:20 2024 by rpki-client on console-ams.rpki-client.org