Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/bFM14s8IH_AUc5Mn8bzj4ao3tp8.roa
File:                     bFM14s8IH_AUc5Mn8bzj4ao3tp8.roa (raw, json)
Hash identifier:          7YGMufDUbwMHm5Oe48I9YbnOkftda/JzaXkAOHahHwY=
Subject key identifier:   6C:53:35:E2:CF:08:1F:F0:14:73:93:27:F1:BC:E3:E1:AA:37:B6:9F
Certificate issuer:       /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial:       018722E7E937B26DA22F60E7BBF977A91716
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/bFM14s8IH_AUc5Mn8bzj4ao3tp8.roa
Signing time:             Mon 27 Mar 2023 11:50:36 +0000
ROA not before:           Mon 27 Mar 2023 11:50:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137409
IP address blocks:        85.237.72.0/21 maxlen: 24
                          85.237.90.0/23 maxlen: 24
                          85.237.92.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Mar 2023 10:28:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:22:e7:e9:37:b2:6d:a2:2f:60:e7:bb:f9:77:a9:17:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
        Validity
            Not Before: Mar 27 11:50:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c5335e2cf081ff014739327f1bce3e1aa37b69f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:b4:93:29:20:89:cc:b7:f2:c1:7b:bb:37:4e:
                    95:e3:c6:94:6f:41:13:c2:fc:9e:e1:06:53:01:0f:
                    b9:b9:8c:04:a2:ce:59:55:00:b8:c1:2f:04:e7:64:
                    46:16:5c:cf:df:e0:78:e8:0e:13:df:6b:59:fe:de:
                    5a:70:28:11:8f:42:59:a0:fa:cf:21:00:f0:2a:03:
                    8f:c9:31:5b:a8:b4:36:5e:0a:9c:ec:23:9e:08:4c:
                    7c:4f:d9:32:d3:ba:be:05:94:52:52:d6:2e:c3:e0:
                    a7:ee:66:2b:25:ec:e6:e5:48:40:ea:65:1c:66:c8:
                    4b:d2:03:fa:69:82:83:2a:df:f5:bd:17:ae:78:3f:
                    6f:ba:df:07:b7:d4:7b:8c:71:7a:3f:5e:09:aa:85:
                    58:8a:30:c5:1c:ce:d0:2f:83:c4:bf:68:66:9d:79:
                    ad:6d:e7:7f:be:a7:9a:27:b9:ef:96:e4:da:30:da:
                    e7:94:4a:2e:37:f9:af:58:21:0f:00:c3:79:b5:8f:
                    08:7c:a7:b4:dd:31:76:47:03:03:d8:bc:f2:f7:30:
                    d8:eb:8d:80:8d:ee:ca:12:2e:a6:63:21:df:a9:be:
                    a7:ac:59:56:c1:a8:77:3b:9c:0e:bf:55:c9:05:ce:
                    68:80:50:58:d0:58:cd:00:9c:d4:47:ad:cc:38:72:
                    ea:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:53:35:E2:CF:08:1F:F0:14:73:93:27:F1:BC:E3:E1:AA:37:B6:9F
            X509v3 Authority Key Identifier:
                keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/bFM14s8IH_AUc5Mn8bzj4ao3tp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.72.0/21
                  85.237.90.0-85.237.95.255

    Signature Algorithm: sha256WithRSAEncryption
         1f:8e:3f:36:29:62:0a:14:e8:c3:a3:e2:26:18:9e:57:34:a0:
         2e:b4:4f:b5:75:df:7a:e2:f8:a5:e1:84:c4:73:f2:19:d0:3a:
         dc:6a:17:93:b4:4a:86:15:a2:05:f4:ba:ca:ea:6c:28:ea:cf:
         51:a7:52:38:e6:96:c5:7f:4f:14:77:31:c2:d2:e4:c2:70:76:
         ed:a1:f5:b3:2f:37:fc:7e:65:c7:da:99:08:97:e8:a5:da:a0:
         f4:58:da:25:5f:19:20:2e:a8:d7:b1:36:e8:cb:50:77:e4:52:
         4d:e8:be:a3:13:7e:c8:73:4a:c7:cd:ce:c5:89:10:60:79:e2:
         a6:d0:24:6a:6b:6e:12:f9:41:30:59:92:e9:9e:8f:d7:99:33:
         01:2d:a0:ed:41:e6:e0:00:71:ae:8c:1f:dd:47:f2:11:f4:4f:
         86:9e:70:cb:c3:d4:69:a6:ab:10:b2:8b:b1:5d:60:70:ef:0e:
         86:2a:5a:7d:77:f6:6c:09:51:70:1b:13:60:93:8a:40:3c:5c:
         a7:f6:a7:f7:99:e5:fb:18:96:01:ba:56:bf:be:6a:14:24:51:
         dd:51:cb:e2:96:33:d2:d7:e3:a8:16:78:58:ed:36:68:be:14:
         bf:a7:f3:91:ec:1a:4b:b5:6e:9e:c1:fc:a8:58:cc:54:2c:0c:
         3c:75:05:cc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYci5+k3sm2iL2Dnu/l3qRcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwMzI3MTE1MDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzUzMzVlMmNmMDgxZmYwMTQ3MzkzMjdmMWJjZTNlMWFhMzdiNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbSTKSCJzLfywXu7N06V48aUb0ET
wvye4QZTAQ+5uYwEos5ZVQC4wS8E52RGFlzP3+B46A4T32tZ/t5acCgRj0JZoPrP
IQDwKgOPyTFbqLQ2Xgqc7COeCEx8T9ky07q+BZRSUtYuw+Cn7mYrJezm5UhA6mUc
ZshL0gP6aYKDKt/1vReueD9vut8Ht9R7jHF6P14JqoVYijDFHM7QL4PEv2hmnXmt
bed/vqeaJ7nvluTaMNrnlEouN/mvWCEPAMN5tY8IfKe03TF2RwMD2Lzy9zDY642A
je7KEi6mYyHfqb6nrFlWwah3O5wOv1XJBc5ogFBY0FjNAJzUR63MOHLqpwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGxTNeLPCB/wFHOTJ/G84+GqN7afMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvYkZNMTRzOElIX0FVYzVNbjhiemo0YW8zdHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDVe1IMAwD
BAFV7VoDBAVV7UAwDQYJKoZIhvcNAQELBQADggEBAB+OPzYpYgoU6MOj4iYYnlc0
oC60T7V133ri+KXhhMRz8hnQOtxqF5O0SoYVogX0usrqbCjqz1GnUjjmlsV/TxR3
McLS5MJwdu2h9bMvN/x+ZcfamQiX6KXaoPRY2iVfGSAuqNexNujLUHfkUk3ovqMT
fshzSsfNzsWJEGB54qbQJGprbhL5QTBZkumej9eZMwEtoO1B5uAAca6MH91H8hH0
T4aecMvD1GmmqxCyi7FdYHDvDoYqWn139mwJUXAbE2CTikA8XKf2p/eZ5fsYlgG6
Vr++ahQkUd1Ry+KWM9LX46gWeFjtNmi+FL+n85HsGku1bp7B/KhYzFQsDDx1Bcw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org