Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/fBRrwAbIuejL2exSUpDJ6yPAl1U.roa
File:                     fBRrwAbIuejL2exSUpDJ6yPAl1U.roa (raw, json)
Hash identifier:          trJj2FGKnpD+m/w3RN9Mmug9DrelCXwELrLeHikhwsQ=
Subject key identifier:   7C:14:6B:C0:06:C8:B9:E8:CB:D9:EC:52:52:90:C9:EB:23:C0:97:55
Certificate issuer:       /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial:       018572310BD4793CA417650BAAB24C83AEB4
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/fBRrwAbIuejL2exSUpDJ6yPAl1U.roa
Signing time:             Mon 02 Jan 2023 11:14:54 +0000
ROA not before:           Mon 02 Jan 2023 11:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137409
IP address blocks:        85.237.90.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Mar 2023 11:44:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:31:0b:d4:79:3c:a4:17:65:0b:aa:b2:4c:83:ae:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
        Validity
            Not Before: Jan  2 11:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c146bc006c8b9e8cbd9ec525290c9eb23c09755
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6c:31:75:46:67:97:8e:f1:e6:48:62:18:de:
                    3a:22:c5:79:82:98:a6:07:13:b5:c4:31:18:e8:a3:
                    ae:18:04:be:5c:c4:f1:49:47:ea:c3:96:f0:20:6f:
                    31:84:ab:b8:7f:01:2d:a4:f8:da:40:c9:9c:41:37:
                    80:22:c7:80:c8:52:cf:76:e4:bb:56:da:0a:9b:6a:
                    82:e9:9b:e0:73:4f:fb:5f:82:5e:a8:6b:73:ed:5d:
                    a7:0f:22:d0:d9:90:69:ef:84:5b:f3:63:c0:5c:6b:
                    cc:28:23:54:21:a0:c3:68:d5:c7:25:d0:7e:24:fc:
                    47:e2:b8:94:26:39:a2:2c:4b:c9:63:f4:f4:e1:d7:
                    76:20:31:48:51:18:cd:d9:a1:75:bd:38:b9:d9:31:
                    e7:24:07:a4:6f:7f:e5:cd:79:bf:51:6a:b2:e3:b7:
                    f3:24:6c:db:78:be:d5:e1:ad:23:e5:dd:fa:e9:b0:
                    bd:a3:01:cc:38:50:87:fc:e2:33:02:43:fe:cb:d1:
                    10:a4:46:ee:c0:a5:80:e0:43:37:31:49:15:f9:b1:
                    4e:24:3a:ed:d6:48:26:a1:fb:b3:62:48:a6:60:3c:
                    ca:72:80:c3:52:c7:aa:0b:3e:21:b8:ef:27:7a:40:
                    da:40:5c:31:33:5a:21:bb:96:12:5d:8e:8f:22:96:
                    1e:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:14:6B:C0:06:C8:B9:E8:CB:D9:EC:52:52:90:C9:EB:23:C0:97:55
            X509v3 Authority Key Identifier:
                keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/fBRrwAbIuejL2exSUpDJ6yPAl1U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         54:d2:8d:22:21:34:45:63:80:00:58:bb:7c:e1:cb:ab:20:c3:
         ee:b7:a4:e9:2f:bb:1a:25:d6:36:cc:fa:2a:c9:52:29:85:30:
         c2:81:ad:b5:38:6d:cc:95:c3:c1:0f:96:d3:56:89:23:88:da:
         e1:01:a8:d7:a5:0e:db:ef:d4:17:87:14:de:35:ec:a1:6c:52:
         a8:86:d6:97:99:24:10:6c:72:64:9a:23:c8:66:7c:59:44:04:
         aa:bf:0c:7e:8a:46:ed:47:9c:54:a7:7b:58:44:ef:37:29:b5:
         6f:85:6c:08:da:35:02:79:e4:f2:1d:8b:24:51:b2:c3:d7:6f:
         89:21:22:20:ad:7c:3d:e0:e5:4b:eb:53:db:e2:b9:83:2a:6c:
         15:31:0c:73:1f:77:70:2b:47:86:93:dc:88:a9:df:80:af:96:
         ae:cb:d0:c0:a1:14:02:d1:c4:78:32:e3:81:0d:49:6e:0c:41:
         6d:bb:5d:75:64:ed:11:3c:2a:26:40:60:20:2d:1f:2b:5c:3b:
         51:87:ee:f8:7f:9a:ba:07:59:f2:d1:3d:66:e5:98:81:a5:93:
         ee:d8:a5:c3:f2:95:71:97:59:66:3e:60:5c:a3:9c:f6:c9:a1:
         6f:19:4d:88:70:6f:4c:4e:e8:4f:e7:13:cf:43:4b:59:e1:b1:
         da:2a:cb:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMQvUeTykF2ULqrJMg660MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMwMTAyMTExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzE0NmJjMDA2YzhiOWU4Y2JkOWVjNTI1MjkwYzllYjIzYzA5NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWwxdUZnl47x5khiGN46IsV5gpim
BxO1xDEY6KOuGAS+XMTxSUfqw5bwIG8xhKu4fwEtpPjaQMmcQTeAIseAyFLPduS7
VtoKm2qC6Zvgc0/7X4JeqGtz7V2nDyLQ2ZBp74Rb82PAXGvMKCNUIaDDaNXHJdB+
JPxH4riUJjmiLEvJY/T04dd2IDFIURjN2aF1vTi52THnJAekb3/lzXm/UWqy47fz
JGzbeL7V4a0j5d366bC9owHMOFCH/OIzAkP+y9EQpEbuwKWA4EM3MUkV+bFOJDrt
1kgmofuzYkimYDzKcoDDUseqCz4huO8nekDaQFwxM1ohu5YSXY6PIpYeaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwUa8AGyLnoy9nsUlKQyesjwJdVMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvZkJScndBYkl1ZWpMMmV4U1VwREo2eVBBbDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVe1aMA0G
CSqGSIb3DQEBCwUAA4IBAQBU0o0iITRFY4AAWLt84curIMPut6TpL7saJdY2zPoq
yVIphTDCga21OG3MlcPBD5bTVokjiNrhAajXpQ7b79QXhxTeNeyhbFKohtaXmSQQ
bHJkmiPIZnxZRASqvwx+ikbtR5xUp3tYRO83KbVvhWwI2jUCeeTyHYskUbLD12+J
ISIgrXw94OVL61Pb4rmDKmwVMQxzH3dwK0eGk9yIqd+Ar5auy9DAoRQC0cR4MuOB
DUluDEFtu111ZO0RPComQGAgLR8rXDtRh+74f5q6B1ny0T1m5ZiBpZPu2KXD8pVx
l1lmPmBco5z2yaFvGU2IcG9MTuhP5xPPQ0tZ4bHaKstn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org