Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/Vgzt2WeHdXLwELJ1f3N5bzUc-bM.roa
File:                     Vgzt2WeHdXLwELJ1f3N5bzUc-bM.roa (raw, json)
Hash identifier:          VRogNfzUov41CeMKayu1NwLO5M0f13ToEWrw9CPTtC4=
Subject key identifier:   56:0C:ED:D9:67:87:75:72:F0:10:B2:75:7F:73:79:6F:35:1C:F9:B3
Certificate issuer:       /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial:       01896A400204EB263D01EA4D433CED01D055
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/Vgzt2WeHdXLwELJ1f3N5bzUc-bM.roa
Signing time:             Tue 18 Jul 2023 18:25:26 +0000
ROA not before:           Tue 18 Jul 2023 18:25:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        85.237.72.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 08:43:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6a:40:02:04:eb:26:3d:01:ea:4d:43:3c:ed:01:d0:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
        Validity
            Not Before: Jul 18 18:25:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=560cedd967877572f010b2757f73796f351cf9b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:97:49:7d:c1:19:89:56:40:84:56:4b:dc:1b:
                    75:ac:5c:e4:71:a4:68:f1:d6:3f:6b:e5:8c:3c:dd:
                    df:c6:1e:f8:b4:a1:c5:86:96:d4:5f:1f:b2:b6:8e:
                    bf:83:81:8d:ec:19:22:b6:03:59:1c:31:63:1f:b7:
                    ab:93:e0:82:2d:5b:46:5d:82:b6:48:e1:7a:9a:fb:
                    b6:c4:8e:7d:f0:36:3e:98:7c:9c:1b:7b:b9:44:44:
                    e3:2e:9c:49:08:f2:1d:91:54:77:54:3a:f6:98:fd:
                    26:cc:96:86:87:fa:8b:37:a3:44:42:f1:49:4e:ca:
                    29:f9:f9:f5:63:be:75:8b:a2:c7:4e:78:83:95:85:
                    c0:19:43:0e:92:c5:68:07:b1:19:e9:db:42:01:02:
                    82:f4:36:5a:4b:e7:c4:8e:27:6b:b1:d6:85:26:b5:
                    6a:e4:65:7a:a7:2e:66:f2:4d:0a:c0:84:f6:2f:66:
                    cf:98:c6:b6:b8:2f:65:2e:b5:26:6c:ec:2d:71:e8:
                    10:c1:41:0b:2e:05:fc:39:e4:9e:58:09:8f:af:0b:
                    e3:98:43:c4:61:64:27:4e:ee:98:24:38:41:a9:8a:
                    64:25:b5:16:79:00:f6:50:5f:9f:d4:c5:e1:9b:05:
                    be:b5:66:18:ca:08:8e:4e:fc:d3:59:b4:5d:b7:9b:
                    ae:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:0C:ED:D9:67:87:75:72:F0:10:B2:75:7F:73:79:6F:35:1C:F9:B3
            X509v3 Authority Key Identifier:
                keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/Vgzt2WeHdXLwELJ1f3N5bzUc-bM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:6a:2d:1d:e5:08:68:b6:ba:2d:5f:7a:0a:f7:93:94:20:c8:
         ca:b4:25:6f:c7:a1:b9:fd:74:f3:b6:60:9c:c6:40:39:58:20:
         80:80:ba:0d:60:8b:f8:2c:96:44:a2:de:8c:74:15:2e:f7:8f:
         c7:28:3e:cd:b9:f9:05:d0:d7:c6:29:84:69:b7:10:23:b4:a3:
         4d:57:24:43:da:69:0b:33:f6:cb:4c:f5:1e:db:f0:64:c4:49:
         ad:00:35:e7:15:5b:81:03:f2:55:e8:72:1d:59:b2:28:8a:c3:
         58:3c:78:9b:bc:10:53:c8:65:1e:53:2f:a8:19:8b:69:a3:96:
         30:c6:d0:c2:0c:7c:13:4f:4e:74:e2:93:d3:6c:84:2c:0f:f8:
         14:18:1c:ef:64:9d:95:cc:7e:d3:52:ff:10:e5:dd:e4:a5:3f:
         3b:f0:f1:cc:1b:a3:db:f6:74:72:50:d7:ef:2e:f5:e8:8e:36:
         38:d7:64:aa:7a:50:c1:87:ac:70:08:ad:bf:9d:d7:48:cd:91:
         fe:02:56:d8:be:fc:0f:10:44:fc:67:fb:55:d6:8f:07:f0:3e:
         9a:f2:aa:7c:0f:1f:c3:17:42:b8:6a:98:60:39:96:7c:6f:0b:
         40:66:78:f1:5c:5e:0e:98:39:22:cb:e6:87:86:53:e2:f7:fd:
         fd:0f:c7:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlqQAIE6yY9AepNQzztAdBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwNzE4MTgyNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjBjZWRkOTY3ODc3NTcyZjAxMGIyNzU3ZjczNzk2ZjM1MWNmOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JdJfcEZiVZAhFZL3Bt1rFzkcaRo
8dY/a+WMPN3fxh74tKHFhpbUXx+yto6/g4GN7BkitgNZHDFjH7erk+CCLVtGXYK2
SOF6mvu2xI598DY+mHycG3u5RETjLpxJCPIdkVR3VDr2mP0mzJaGh/qLN6NEQvFJ
Tsop+fn1Y751i6LHTniDlYXAGUMOksVoB7EZ6dtCAQKC9DZaS+fEjidrsdaFJrVq
5GV6py5m8k0KwIT2L2bPmMa2uC9lLrUmbOwtcegQwUELLgX8OeSeWAmPrwvjmEPE
YWQnTu6YJDhBqYpkJbUWeQD2UF+f1MXhmwW+tWYYygiOTvzTWbRdt5uuBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYM7dlnh3Vy8BCydX9zeW81HPmzMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvVmd6dDJXZUhkWEx3RUxKMWYzTjVielVjLWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe1IMA0G
CSqGSIb3DQEBCwUAA4IBAQAZai0d5QhotrotX3oK95OUIMjKtCVvx6G5/XTztmCc
xkA5WCCAgLoNYIv4LJZEot6MdBUu94/HKD7NufkF0NfGKYRptxAjtKNNVyRD2mkL
M/bLTPUe2/BkxEmtADXnFVuBA/JV6HIdWbIoisNYPHibvBBTyGUeUy+oGYtpo5Yw
xtDCDHwTT0504pPTbIQsD/gUGBzvZJ2VzH7TUv8Q5d3kpT878PHMG6Pb9nRyUNfv
LvXojjY412SqelDBh6xwCK2/nddIzZH+AlbYvvwPEET8Z/tV1o8H8D6a8qp8Dx/D
F0K4aphgOZZ8bwtAZnjxXF4OmDkiy+aHhlPi9/39D8f5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org