Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0hYxoALqcL4EYBjYjjHfwaW_yI8.roa
File:                     0hYxoALqcL4EYBjYjjHfwaW_yI8.roa (raw, json)
Hash identifier:          SxPMxzJfuDgwtQoSe8PrngeHcqO+eryDb/+3Y3g1iX8=
Subject key identifier:   D2:16:31:A0:02:EA:70:BE:04:60:18:D8:8E:31:DF:C1:A5:BF:C8:8F
Certificate issuer:       /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial:       0188DD7E380B71F2358BFD4D275D6E46B02A
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0hYxoALqcL4EYBjYjjHfwaW_yI8.roa
Signing time:             Wed 21 Jun 2023 10:26:56 +0000
ROA not before:           Wed 21 Jun 2023 10:26:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35053
IP address blocks:        85.237.69.0/24 maxlen: 24
                          85.237.70.0/24 maxlen: 24
                          85.237.84.0/22 maxlen: 22
                          85.237.88.0/24 maxlen: 24
                          85.237.64.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 14:06:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:dd:7e:38:0b:71:f2:35:8b:fd:4d:27:5d:6e:46:b0:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
        Validity
            Not Before: Jun 21 10:26:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d21631a002ea70be046018d88e31dfc1a5bfc88f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:73:d3:de:90:0d:a2:13:bb:7a:b8:79:61:a0:
                    62:f8:db:27:46:ec:39:de:52:03:dd:90:2e:73:2b:
                    ec:89:d7:8f:67:6b:43:7c:70:59:56:93:b3:c0:03:
                    db:e1:e5:48:9c:84:b4:82:3b:91:27:b2:87:37:91:
                    d9:5b:89:d2:a5:ff:63:9e:7d:95:6c:b7:76:12:90:
                    c9:04:a9:ef:e9:87:cc:01:76:aa:f8:df:89:ac:0f:
                    cd:56:51:e9:e6:77:c4:e3:53:89:b6:82:c7:90:69:
                    cb:ea:8a:0b:4d:61:39:39:cc:df:d6:dd:c4:32:b9:
                    41:74:6e:e5:fd:b5:be:9f:e9:04:63:7b:e3:90:6b:
                    6f:e4:7e:b5:11:48:49:5e:5b:06:3a:ac:e7:f9:4c:
                    0e:04:3e:15:8e:fc:13:b9:3c:a0:ca:39:b9:a9:c3:
                    dd:9e:7f:59:8a:69:0e:f2:57:0d:84:9e:e0:c8:23:
                    37:53:f1:7f:29:a1:00:25:04:21:cf:c1:e3:72:cb:
                    42:b8:30:70:76:ef:7f:2a:83:91:1e:e1:65:9d:7a:
                    27:8d:c4:b3:97:1c:41:58:b9:40:81:f5:71:81:65:
                    f8:0c:f8:55:f0:1e:e9:ec:59:77:c5:ab:6b:22:95:
                    07:33:1a:e1:d2:b9:6a:f3:10:c7:cd:43:ca:09:32:
                    c9:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:16:31:A0:02:EA:70:BE:04:60:18:D8:8E:31:DF:C1:A5:BF:C8:8F
            X509v3 Authority Key Identifier:
                keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0hYxoALqcL4EYBjYjjHfwaW_yI8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.64.0/22
                  85.237.69.0-85.237.70.255
                  85.237.84.0-85.237.88.255

    Signature Algorithm: sha256WithRSAEncryption
         64:0d:af:94:ca:30:32:55:20:d9:f6:6d:b1:c5:02:d8:2b:94:
         ba:9f:0b:95:2d:55:61:c0:2b:9b:ff:b2:99:49:ca:84:dd:29:
         56:96:4e:95:f1:c7:0d:47:a5:dc:5f:01:5c:73:da:31:66:bf:
         64:a5:95:c0:8d:8c:c0:5e:b3:48:20:cb:ce:ae:34:24:9f:f8:
         f2:4e:c5:58:ff:91:39:4a:4f:7f:e0:90:c1:0f:87:a4:0a:37:
         8a:b3:19:a9:4f:6d:5b:fa:80:cc:0b:1f:18:17:62:fd:66:40:
         d9:53:2a:f9:bc:a6:5d:bf:e2:7b:ff:55:73:be:35:3c:a3:f3:
         c1:92:78:1e:77:6d:ff:f2:e7:82:f1:88:ad:19:f2:07:23:ee:
         b3:a5:b5:f2:a4:75:8b:5c:82:de:27:2c:63:de:15:54:02:18:
         85:45:0c:f6:01:eb:2f:25:b3:76:e7:4c:2e:2a:a2:55:ba:db:
         68:42:4e:3a:ac:49:e8:87:9d:e5:3e:84:b8:07:0a:d0:09:cb:
         53:af:5f:ea:d0:57:90:17:3b:b9:c6:e4:24:e2:3b:c8:3f:a2:
         92:08:59:0e:09:81:e5:fb:c3:94:c0:8e:d0:33:22:62:7d:91:
         94:6b:ed:72:91:34:a2:58:1a:61:d7:70:b2:b3:67:3e:c0:e6:
         20:b3:49:77
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYjdfjgLcfI1i/1NJ11uRrAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwNjIxMTAyNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjE2MzFhMDAyZWE3MGJlMDQ2MDE4ZDg4ZTMxZGZjMWE1YmZjODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHPT3pANohO7erh5YaBi+NsnRuw5
3lID3ZAucyvsidePZ2tDfHBZVpOzwAPb4eVInIS0gjuRJ7KHN5HZW4nSpf9jnn2V
bLd2EpDJBKnv6YfMAXaq+N+JrA/NVlHp5nfE41OJtoLHkGnL6ooLTWE5Oczf1t3E
MrlBdG7l/bW+n+kEY3vjkGtv5H61EUhJXlsGOqzn+UwOBD4VjvwTuTygyjm5qcPd
nn9ZimkO8lcNhJ7gyCM3U/F/KaEAJQQhz8HjcstCuDBwdu9/KoORHuFlnXonjcSz
lxxBWLlAgfVxgWX4DPhV8B7p7Fl3xatrIpUHMxrh0rlq8xDHzUPKCTLJfQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNIWMaAC6nC+BGAY2I4x38Glv8iPMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvMGhZeG9BTHFjTDRFWUJqWWpqSGZ3YVdfeUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVe1AMAwD
BABV7UUDBABV7UYwDAMEAlXtVAMEAFXtWDANBgkqhkiG9w0BAQsFAAOCAQEAZA2v
lMowMlUg2fZtscUC2CuUup8LlS1VYcArm/+ymUnKhN0pVpZOlfHHDUel3F8BXHPa
MWa/ZKWVwI2MwF6zSCDLzq40JJ/48k7FWP+ROUpPf+CQwQ+HpAo3irMZqU9tW/qA
zAsfGBdi/WZA2VMq+bymXb/ie/9Vc741PKPzwZJ4Hndt//LngvGIrRnyByPus6W1
8qR1i1yC3icsY94VVAIYhUUM9gHrLyWzdudMLiqiVbrbaEJOOqxJ6Ied5T6EuAcK
0AnLU69f6tBXkBc7ucbkJOI7yD+ikghZDgmB5fvDlMCO0DMiYn2RlGvtcpE0olga
YddwsrNnPsDmILNJdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org