Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/kIjdJrz6w-z_pS1HjeY1_1Vjz6c.roa
File:                     kIjdJrz6w-z_pS1HjeY1_1Vjz6c.roa (raw, json)
Hash identifier:          aFYJNako27hU4i8WqHgjsVX39PyVnBL5RQaszFLHEHQ=
Subject key identifier:   90:88:DD:26:BC:FA:C3:EC:FF:A5:2D:47:8D:E6:35:FF:55:63:CF:A7
Certificate issuer:       /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial:       018B72328786088A967853D1F54A30F7B729
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/kIjdJrz6w-z_pS1HjeY1_1Vjz6c.roa
Signing time:             Fri 27 Oct 2023 17:33:15 +0000
ROA not before:           Fri 27 Oct 2023 17:33:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8070
IP address blocks:        194.41.16.0/24 maxlen: 24
                          194.41.17.0/24 maxlen: 24
                          62.10.0.0/15 maxlen: 15

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:72:32:87:86:08:8a:96:78:53:d1:f5:4a:30:f7:b7:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
        Validity
            Not Before: Oct 27 17:33:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9088dd26bcfac3ecffa52d478de635ff5563cfa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:77:f8:6e:4b:92:9a:8f:1a:66:4b:8c:21:0b:
                    f9:fa:71:bf:a2:28:f0:f3:02:13:64:b5:25:9d:ff:
                    f2:25:aa:17:5d:ee:74:c1:04:49:ef:26:17:4e:75:
                    f3:c5:1d:05:4d:84:2f:10:e8:f9:ed:6f:f5:24:a2:
                    59:a9:4b:ba:d0:b6:7f:af:ba:6e:39:a4:38:54:85:
                    2f:bb:e2:d5:c2:e5:c6:56:f5:d5:d9:4c:d7:ee:dc:
                    cb:03:ab:cb:c3:ef:2d:aa:fd:ee:ac:86:51:16:5d:
                    34:ca:a7:73:03:ce:89:89:b0:80:79:e4:3e:14:40:
                    18:95:a9:88:72:18:cd:27:c5:38:b2:d4:e0:f1:90:
                    5d:1f:ed:8c:e0:86:c6:f4:03:3f:10:fc:5a:45:08:
                    01:b7:da:f7:5c:3b:31:c8:d7:3f:44:35:18:1c:62:
                    8a:1e:ed:7e:e1:81:f7:9a:ab:44:16:ea:be:81:6a:
                    0b:e2:af:3a:7d:74:55:90:18:c5:9b:e2:56:c6:26:
                    3a:04:00:9c:01:60:c5:8b:a6:77:bd:34:78:fd:28:
                    4f:85:35:e2:59:5d:fb:87:35:a4:52:e8:a1:40:ac:
                    36:f2:89:31:30:e3:dc:e0:5b:f7:fa:ed:c8:4f:20:
                    20:9b:46:ed:31:82:e9:f3:e3:60:f0:0b:c9:86:ea:
                    c9:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:88:DD:26:BC:FA:C3:EC:FF:A5:2D:47:8D:E6:35:FF:55:63:CF:A7
            X509v3 Authority Key Identifier:
                keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/kIjdJrz6w-z_pS1HjeY1_1Vjz6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.10.0.0/15
                  194.41.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6a:a1:d3:2e:36:a2:95:60:4a:ec:47:5c:d6:e1:1f:1a:bd:26:
         c0:3d:a3:03:88:05:02:e0:28:39:6f:76:a3:2b:07:e8:4e:82:
         2c:45:ef:5e:ef:e4:2e:20:d5:a4:d4:e2:19:a1:48:b9:1a:4f:
         30:ea:73:bf:71:cf:41:e2:9e:d5:d6:e6:7b:55:6f:4f:f0:cc:
         c1:e8:9c:50:54:5d:7e:8d:3c:d7:ba:e3:db:c9:d2:bc:94:75:
         86:3f:9f:14:99:36:93:4f:8e:78:c8:d7:3e:1f:69:84:c4:46:
         25:f5:71:d6:1b:01:85:60:01:6f:ca:f1:02:a3:50:99:6a:92:
         16:e3:bc:46:56:7d:bd:21:cb:d1:3e:e5:b5:d3:2b:fa:dd:0b:
         4a:8c:e8:85:6a:e7:bf:67:fd:26:84:d7:15:41:47:6e:a3:1b:
         c3:3a:4f:c9:61:b0:b2:66:ef:4d:6c:c4:b2:41:44:93:8e:49:
         6e:8a:b5:ec:ef:92:77:59:e6:c8:44:af:56:27:c8:1b:6e:91:
         5c:8b:80:e9:57:07:fe:fc:76:c5:e5:b0:13:69:d2:59:28:35:
         cc:16:74:99:83:4f:bf:bd:97:50:c3:fb:6f:12:3a:89:33:97:
         8a:fa:2e:b7:bc:4b:aa:5a:f0:67:61:fb:43:a6:32:92:6f:ac:
         97:e6:dc:de
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYtyMoeGCIqWeFPR9Uow97cpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjMxMDI3MTczMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDg4ZGQyNmJjZmFjM2VjZmZhNTJkNDc4ZGU2MzVmZjU1NjNjZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonf4bkuSmo8aZkuMIQv5+nG/oijw
8wITZLUlnf/yJaoXXe50wQRJ7yYXTnXzxR0FTYQvEOj57W/1JKJZqUu60LZ/r7pu
OaQ4VIUvu+LVwuXGVvXV2UzX7tzLA6vLw+8tqv3urIZRFl00yqdzA86JibCAeeQ+
FEAYlamIchjNJ8U4stTg8ZBdH+2M4IbG9AM/EPxaRQgBt9r3XDsxyNc/RDUYHGKK
Hu1+4YH3mqtEFuq+gWoL4q86fXRVkBjFm+JWxiY6BACcAWDFi6Z3vTR4/ShPhTXi
WV37hzWkUuihQKw28okxMOPc4Fv3+u3ITyAgm0btMYLp8+Ng8AvJhurJQQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFJCI3Sa8+sPs/6UtR43mNf9VY8+nMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEva0lqZEpyejZ3LXpfcFMxSGplWTFfMVZqejZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMBPgoDBAHC
KRAwDQYJKoZIhvcNAQELBQADggEBAGqh0y42opVgSuxHXNbhHxq9JsA9owOIBQLg
KDlvdqMrB+hOgixF717v5C4g1aTU4hmhSLkaTzDqc79xz0HintXW5ntVb0/wzMHo
nFBUXX6NPNe649vJ0ryUdYY/nxSZNpNPjnjI1z4faYTERiX1cdYbAYVgAW/K8QKj
UJlqkhbjvEZWfb0hy9E+5bXTK/rdC0qM6IVq579n/SaE1xVBR26jG8M6T8lhsLJm
701sxLJBRJOOSW6KtezvkndZ5shEr1YnyBtukVyLgOlXB/78dsXlsBNp0lkoNcwW
dJmDT7+9l1DD+28SOokzl4r6Lre8S6pa8Gdh+0OmMpJvrJfm3N4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org