Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/ANEuiDRN5eXkUPkU-5JG0qlf68w.roa
File:                     ANEuiDRN5eXkUPkU-5JG0qlf68w.roa (raw, json)
Hash identifier:          a8Y2wmhcsjmhW4+m/mvfgAjRzOk1nSHGtl8yacLS2Cs=
Subject key identifier:   00:D1:2E:88:34:4D:E5:E5:E4:50:F9:14:FB:92:46:D2:A9:5F:EB:CC
Certificate issuer:       /CN=bb8321c05d501edb499190c0c4a3089d246c5b76
Certificate serial:       0186DFB2484A9DE0DD287D4FB96A741DB497
Authority key identifier: BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/ANEuiDRN5eXkUPkU-5JG0qlf68w.roa
Signing time:             Tue 14 Mar 2023 10:37:28 +0000
ROA not before:           Tue 14 Mar 2023 10:37:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211500
IP address blocks:        85.208.10.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:df:b2:48:4a:9d:e0:dd:28:7d:4f:b9:6a:74:1d:b4:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb8321c05d501edb499190c0c4a3089d246c5b76
        Validity
            Not Before: Mar 14 10:37:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00d12e88344de5e5e450f914fb9246d2a95febcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d4:28:99:44:f4:eb:41:7d:a3:6f:78:a6:5a:
                    84:0c:88:77:9f:dd:c7:db:fa:50:68:7a:3f:ab:26:
                    de:0f:c7:09:74:ba:ae:c9:af:6f:d2:24:09:30:c3:
                    73:e5:31:55:c9:16:28:e2:a3:2d:af:e1:31:4c:c1:
                    1a:65:22:60:dc:f7:7b:ce:ba:70:74:ad:ac:b2:80:
                    91:00:a5:88:87:e0:3d:c4:be:cc:ed:b2:d9:eb:77:
                    f3:f3:a5:b4:cb:f7:10:48:b3:fa:d3:9a:23:03:d1:
                    98:fc:69:6e:70:a1:8b:c0:7a:59:df:9d:d1:8f:22:
                    ee:c7:e4:25:af:6d:c3:bb:89:73:9f:c9:e1:8f:58:
                    a8:01:3b:f8:4d:09:31:6a:f0:93:9c:34:3b:37:6c:
                    6d:1c:57:d2:68:91:6c:1c:29:fe:81:fd:cf:d0:cf:
                    bf:b3:a7:b9:12:2b:45:03:f1:bf:50:70:bc:4b:4a:
                    99:d8:38:b5:97:6b:68:6a:27:23:ce:32:e6:c1:35:
                    af:77:71:27:05:97:ef:7a:33:94:b3:41:05:e4:fe:
                    88:9d:ac:ac:d4:f0:b0:5d:ac:17:6f:82:94:a5:20:
                    fb:ff:c5:a4:04:70:47:61:b5:02:6a:c1:3d:6f:59:
                    51:4b:4d:b6:9c:ac:33:b7:88:ed:c8:a4:a1:f1:8b:
                    b9:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:D1:2E:88:34:4D:E5:E5:E4:50:F9:14:FB:92:46:D2:A9:5F:EB:CC
            X509v3 Authority Key Identifier:
                keyid:BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/ANEuiDRN5eXkUPkU-5JG0qlf68w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/u4MhwF1QHttJkZDAxKMInSRsW3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         53:d1:60:c5:77:3e:cc:4e:c5:d9:69:07:84:65:93:e6:19:d2:
         b0:e6:19:51:67:e1:79:c2:fa:01:3c:ba:e6:f1:5c:05:d2:bd:
         ae:7f:f5:7a:f3:8e:0d:ff:68:27:85:29:ac:fe:ec:f3:b4:4c:
         dd:d5:3e:46:42:f9:33:d3:2c:7c:20:23:eb:39:86:b8:76:d0:
         85:28:13:29:b1:1c:c0:41:b3:dc:0b:41:22:7c:a6:ef:a6:aa:
         ab:73:51:06:9d:9c:a8:5b:7f:f0:ac:64:30:88:31:e3:95:7d:
         8f:88:a6:6d:42:bb:44:67:14:94:37:49:6f:13:90:8f:1a:b5:
         aa:b8:c6:72:8d:86:d7:5d:fd:82:b4:cc:05:d2:ea:69:96:a5:
         42:37:00:f6:cf:c3:3c:46:cb:6e:26:2e:0e:e4:05:e7:68:af:
         35:be:cd:2c:3d:94:38:2c:e5:21:31:86:29:14:8c:b0:94:38:
         88:8d:6d:18:e3:c2:36:15:5c:fe:c1:b4:8e:48:fb:1c:07:13:
         7c:12:d0:c0:09:82:2b:57:84:42:cc:43:13:b3:17:65:e6:c9:
         c9:26:4f:c8:ca:bb:47:96:ed:4f:45:43:af:ec:1d:f5:59:16:
         ae:f9:a6:de:5a:bf:81:2f:60:2d:db:3e:bb:82:4b:bc:1d:ab:
         cf:1b:eb:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbfskhKneDdKH1PuWp0HbSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMyMWMwNWQ1MDFlZGI0OTkxOTBjMGM0YTMwODlkMjQ2
YzViNzYwHhcNMjMwMzE0MTAzNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGQxMmU4ODM0NGRlNWU1ZTQ1MGY5MTRmYjkyNDZkMmE5NWZlYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9QomUT060F9o294plqEDIh3n93H
2/pQaHo/qybeD8cJdLquya9v0iQJMMNz5TFVyRYo4qMtr+ExTMEaZSJg3Pd7zrpw
dK2ssoCRAKWIh+A9xL7M7bLZ63fz86W0y/cQSLP605ojA9GY/GlucKGLwHpZ353R
jyLux+Qlr23Du4lzn8nhj1ioATv4TQkxavCTnDQ7N2xtHFfSaJFsHCn+gf3P0M+/
s6e5EitFA/G/UHC8S0qZ2Di1l2toaicjzjLmwTWvd3EnBZfvejOUs0EF5P6Inays
1PCwXawXb4KUpSD7/8WkBHBHYbUCasE9b1lRS022nKwzt4jtyKSh8Yu53QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADRLog0TeXl5FD5FPuSRtKpX+vMMB8GA1UdIwQY
MBaAFLuDIcBdUB7bSZGQwMSjCJ0kbFt2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWIt
NWQ0MmUxZmE0NWI5LzEvQU5FdWlEUk41ZVhrVVBrVS01SkcwcWxmNjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWItNWQ0MmUxZmE0NWI5
LzEvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdAKMA0G
CSqGSIb3DQEBCwUAA4IBAQBT0WDFdz7MTsXZaQeEZZPmGdKw5hlRZ+F5wvoBPLrm
8VwF0r2uf/V6844N/2gnhSms/uzztEzd1T5GQvkz0yx8ICPrOYa4dtCFKBMpsRzA
QbPcC0EifKbvpqqrc1EGnZyoW3/wrGQwiDHjlX2PiKZtQrtEZxSUN0lvE5CPGrWq
uMZyjYbXXf2CtMwF0upplqVCNwD2z8M8RstuJi4O5AXnaK81vs0sPZQ4LOUhMYYp
FIywlDiIjW0Y48I2FVz+wbSOSPscBxN8EtDACYIrV4RCzEMTsxdl5snJJk/IyrtH
lu1PRUOv7B31WRau+abeWr+BL2At2z67gku8HavPG+sz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:02 2024 by rpki-client on console-fra.rpki-client.org