Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/j68sUaNEJKqha-XEkdgsRAvKeFk.roa
File:                     j68sUaNEJKqha-XEkdgsRAvKeFk.roa (raw, json)
Hash identifier:          uXmKjGHtojXhLlzKsPFiA+EB058KvPTxS4oGbEewbs0=
Subject key identifier:   8F:AF:2C:51:A3:44:24:AA:A1:6B:E5:C4:91:D8:2C:44:0B:CA:78:59
Certificate issuer:       /CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Certificate serial:       0185DDB61A8EE76A74D52C2A475C9B2872ED
Authority key identifier: 8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/j68sUaNEJKqha-XEkdgsRAvKeFk.roa
Signing time:             Mon 23 Jan 2023 08:19:37 +0000
ROA not before:           Mon 23 Jan 2023 08:19:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29600
IP address blocks:        80.70.29.0/24 maxlen: 24
                          80.70.28.0/24 maxlen: 24
                          95.131.112.0/21 maxlen: 21
                          83.136.136.0/24 maxlen: 24
                          83.136.136.0/21 maxlen: 21
                          80.70.16.0/20 maxlen: 20
                          85.15.193.0/24 maxlen: 24
                          85.15.192.0/18 maxlen: 18
                          80.70.19.0/24 maxlen: 24
                          2a01:a880::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:dd:b6:1a:8e:e7:6a:74:d5:2c:2a:47:5c:9b:28:72:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f175225f386ce980119f69884f9be7c6a2b3b33
        Validity
            Not Before: Jan 23 08:19:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8faf2c51a34424aaa16be5c491d82c440bca7859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:25:87:3a:74:ea:d6:e7:7b:a1:58:a6:e7:b8:
                    05:70:39:f6:23:60:6c:dd:10:b3:e3:f5:2d:58:1d:
                    d2:53:45:7a:9e:66:2d:bf:c2:01:84:13:6f:fa:5c:
                    9d:c7:f0:df:58:40:9b:39:68:e3:68:11:14:7e:0d:
                    37:05:9e:07:03:e9:87:ae:5b:89:7f:04:88:fe:b5:
                    b4:52:04:e2:50:b8:2f:d4:b9:a4:35:0e:b1:12:25:
                    a9:42:6d:c9:f2:63:ae:b9:7a:e5:5d:6d:3c:b3:bc:
                    89:c2:11:5f:47:5f:f4:40:d9:d6:c4:41:62:3c:41:
                    59:c0:30:2d:f4:af:d3:e3:83:82:1b:72:c2:04:45:
                    e4:f5:00:82:a8:50:fe:56:e0:c2:9a:e9:22:7c:d5:
                    44:07:83:39:ca:af:f6:5f:41:ba:9d:b6:ae:1b:72:
                    05:4f:f7:3a:44:06:82:c5:0e:f2:65:b8:b9:65:4a:
                    03:b9:6a:f6:5a:be:3c:f5:2f:ea:6e:24:df:40:53:
                    00:7d:16:fb:a1:0d:f0:f8:0e:dc:a7:e2:8d:0e:5a:
                    42:01:01:0b:25:27:cb:bf:a0:e7:f4:e3:56:92:54:
                    62:39:a9:bd:69:ad:ab:34:88:c9:7b:cd:bb:4a:4a:
                    d5:b7:86:e2:0d:0d:dd:b3:2b:2e:4a:50:ef:27:b6:
                    1c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:AF:2C:51:A3:44:24:AA:A1:6B:E5:C4:91:D8:2C:44:0B:CA:78:59
            X509v3 Authority Key Identifier:
                keyid:8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/j68sUaNEJKqha-XEkdgsRAvKeFk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.70.16.0/20
                  83.136.136.0/21
                  85.15.192.0/18
                  95.131.112.0/21
                IPv6:
                  2a01:a880::/29

    Signature Algorithm: sha256WithRSAEncryption
         84:f5:e9:e7:1d:05:71:7a:20:15:0e:01:aa:1e:49:c8:7a:d4:
         dd:93:ce:ff:53:bf:b9:73:50:c7:26:ad:a0:40:83:10:bb:bd:
         f0:46:9a:fa:e4:48:23:6b:fe:50:8c:3b:1e:6d:12:80:df:f3:
         4d:1e:0e:dd:86:df:73:62:28:e5:9e:f7:bb:68:e1:d7:87:90:
         f9:65:41:15:65:cc:c6:2c:b6:50:04:fa:09:71:f9:6a:65:76:
         23:59:62:18:c2:2e:b2:01:92:b8:e1:75:82:77:24:c4:4f:eb:
         17:61:1b:76:e4:cf:52:69:c5:8d:01:5d:0c:6b:d8:14:6d:ee:
         02:b4:5a:34:34:12:53:3d:5a:6d:0b:f7:cf:2c:14:11:0f:a8:
         57:af:42:72:84:d5:10:c3:4d:b6:d1:7b:5d:44:50:df:4f:17:
         93:9c:ce:14:a1:bf:71:42:b5:85:5d:79:d2:14:fb:d0:7d:7b:
         2d:e0:c5:87:bc:94:7a:40:9c:f0:72:c4:3a:af:c3:82:83:d7:
         15:1c:00:66:3b:86:3a:2d:98:15:6f:8f:33:3b:22:1d:ea:1e:
         7d:98:8c:78:fd:d6:cc:24:ab:3f:62:9e:3e:43:4d:9c:ba:c3:
         7d:34:cc:75:46:9b:6b:5d:ee:5f:9c:c5:12:f0:e3:00:04:b0:
         b4:c7:8b:4d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYXdthqO52p01SwqR1ybKHLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTc1MjI1ZjM4NmNlOTgwMTE5ZjY5ODg0ZjliZTdjNmEy
YjNiMzMwHhcNMjMwMTIzMDgxOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmFmMmM1MWEzNDQyNGFhYTE2YmU1YzQ5MWQ4MmM0NDBiY2E3ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iWHOnTq1ud7oVim57gFcDn2I2Bs
3RCz4/UtWB3SU0V6nmYtv8IBhBNv+lydx/DfWECbOWjjaBEUfg03BZ4HA+mHrluJ
fwSI/rW0UgTiULgv1LmkNQ6xEiWpQm3J8mOuuXrlXW08s7yJwhFfR1/0QNnWxEFi
PEFZwDAt9K/T44OCG3LCBEXk9QCCqFD+VuDCmukifNVEB4M5yq/2X0G6nbauG3IF
T/c6RAaCxQ7yZbi5ZUoDuWr2Wr489S/qbiTfQFMAfRb7oQ3w+A7cp+KNDlpCAQEL
JSfLv6Dn9ONWklRiOam9aa2rNIjJe827SkrVt4biDQ3dsysuSlDvJ7YcqQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI+vLFGjRCSqoWvlxJHYLEQLynhZMB8GA1UdIwQY
MBaAFI8XUiXzhs6YARn2mIT5vnxqKzszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjct
NjFiNzcyZDc1MWVjLzEvajY4c1VhTkVKS3FoYS1YRWtkZ3NSQXZLZUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjctNjFiNzcyZDc1MWVj
LzEvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEYQAwQD
U4iIAwQGVQ/AAwQDX4NwMA0EAgACMAcDBQMqAaiAMA0GCSqGSIb3DQEBCwUAA4IB
AQCE9ennHQVxeiAVDgGqHknIetTdk87/U7+5c1DHJq2gQIMQu73wRpr65Egja/5Q
jDsebRKA3/NNHg7dht9zYijlnve7aOHXh5D5ZUEVZczGLLZQBPoJcflqZXYjWWIY
wi6yAZK44XWCdyTET+sXYRt25M9SacWNAV0Ma9gUbe4CtFo0NBJTPVptC/fPLBQR
D6hXr0JyhNUQw0220XtdRFDfTxeTnM4Uob9xQrWFXXnSFPvQfXst4MWHvJR6QJzw
csQ6r8OCg9cVHABmO4Y6LZgVb48zOyId6h59mIx4/dbMJKs/Yp4+Q02cusN9NMx1
RptrXe5fnMUS8OMABLC0x4tN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org