Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/hH_0PGqfd2r85btTlGfYVhuU2VU.roa
File:                     hH_0PGqfd2r85btTlGfYVhuU2VU.roa (raw, json)
Hash identifier:          vsdBpuoR0Y6bNRQJxlqLYxNcP26h4PoM60ZX7mWFWaw=
Subject key identifier:   84:7F:F4:3C:6A:9F:77:6A:FC:E5:BB:53:94:67:D8:56:1B:94:D9:55
Certificate issuer:       /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial:       018BA48EFBFA34492DE9A4E8844CBEC1A8B8
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/hH_0PGqfd2r85btTlGfYVhuU2VU.roa
Signing time:             Mon 06 Nov 2023 12:15:15 +0000
ROA not before:           Mon 06 Nov 2023 12:15:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        85.237.72.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 11 Nov 2023 09:55:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a4:8e:fb:fa:34:49:2d:e9:a4:e8:84:4c:be:c1:a8:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
        Validity
            Not Before: Nov  6 12:15:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=847ff43c6a9f776afce5bb539467d8561b94d955
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:60:60:5a:39:02:5d:00:22:ed:60:cd:a3:28:
                    2b:b1:3a:92:3e:ce:cd:fa:ec:f5:21:f9:95:37:4f:
                    a8:73:4b:77:ad:95:6a:e8:f6:38:75:07:ba:79:9c:
                    3b:6c:7d:d0:b5:fe:9c:37:aa:f3:19:38:99:8c:30:
                    8e:c8:e8:2d:60:8a:e7:03:85:ec:13:5c:ad:49:c5:
                    ab:b5:7f:74:4f:e2:0f:ff:d2:e2:98:d9:a8:76:9e:
                    e3:2b:e6:bf:99:09:9d:f7:cc:23:bd:0b:15:19:31:
                    2b:81:fe:54:51:2f:df:8b:a5:8d:b3:c8:c5:c6:39:
                    e3:5f:a7:2c:76:a6:d0:0b:12:5a:27:5e:d6:a0:d1:
                    8d:40:b6:65:3a:e1:9b:0a:75:f1:d8:b7:5c:71:b9:
                    2a:2d:57:f9:46:7a:82:d2:fd:d0:d0:d9:ed:91:b8:
                    37:88:0c:3c:31:35:85:a2:7a:ea:ac:31:43:fc:c6:
                    38:07:4e:cc:f6:ca:c0:63:65:6b:8a:91:70:8b:51:
                    54:d6:5f:cb:2a:13:85:71:2a:18:cd:02:a7:0b:2a:
                    72:1c:fb:2a:c4:71:1e:75:1d:fd:eb:61:ab:2a:32:
                    e6:a7:57:49:a5:3c:14:18:ba:08:d8:50:64:bd:32:
                    59:48:e3:d5:3a:be:1a:eb:2c:b5:52:1a:c0:de:fa:
                    25:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:7F:F4:3C:6A:9F:77:6A:FC:E5:BB:53:94:67:D8:56:1B:94:D9:55
            X509v3 Authority Key Identifier:
                keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/hH_0PGqfd2r85btTlGfYVhuU2VU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a2:35:d7:52:59:84:45:2c:4e:5c:a8:23:6a:d0:68:5e:35:c5:
         7b:fa:41:bc:db:6a:b5:b6:30:10:a7:98:ff:8b:5a:3c:45:99:
         0d:35:71:7b:01:74:69:0d:53:d2:4a:7a:76:77:4b:f1:99:0a:
         e2:c5:36:d0:de:dd:55:69:e0:1a:f7:27:04:b4:19:6c:40:06:
         0d:64:e0:5e:60:75:20:3d:1f:f0:96:38:45:92:fa:14:de:00:
         08:dd:d7:01:14:08:8f:de:55:c6:a9:3f:c6:00:e4:9f:ce:48:
         88:49:eb:ab:bf:61:7f:8d:b5:5e:af:fe:85:0d:c5:c5:ae:5e:
         da:ed:4f:3d:99:85:56:4d:24:14:20:fb:00:71:c3:11:06:7e:
         93:46:17:8a:3f:46:a9:24:9d:97:24:c9:24:e3:ae:2b:5d:7f:
         4e:2c:24:a5:12:23:f9:1a:bf:75:a7:f0:e8:e0:b4:19:e5:a1:
         6d:d1:e0:32:14:7e:b5:51:13:8e:78:d7:e6:06:e4:86:10:2f:
         be:63:21:65:62:8b:32:23:cb:3d:9c:0b:29:63:b4:57:45:5f:
         b3:28:f3:9c:e5:0a:d0:8a:47:61:24:3c:47:cf:66:d4:82:65:
         be:72:28:42:d4:26:9c:db:59:a8:49:0c:ca:17:5a:94:58:a6:
         c3:df:8e:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYukjvv6NEkt6aTohEy+wai4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMxMTA2MTIxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDdmZjQzYzZhOWY3NzZhZmNlNWJiNTM5NDY3ZDg1NjFiOTRkOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGBgWjkCXQAi7WDNoygrsTqSPs7N
+uz1IfmVN0+oc0t3rZVq6PY4dQe6eZw7bH3Qtf6cN6rzGTiZjDCOyOgtYIrnA4Xs
E1ytScWrtX90T+IP/9LimNmodp7jK+a/mQmd98wjvQsVGTErgf5UUS/fi6WNs8jF
xjnjX6csdqbQCxJaJ17WoNGNQLZlOuGbCnXx2LdccbkqLVf5RnqC0v3Q0Nntkbg3
iAw8MTWFonrqrDFD/MY4B07M9srAY2VripFwi1FU1l/LKhOFcSoYzQKnCypyHPsq
xHEedR3962GrKjLmp1dJpTwUGLoI2FBkvTJZSOPVOr4a6yy1UhrA3voliQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIR/9Dxqn3dq/OW7U5Rn2FYblNlVMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvaEhfMFBHcWZkMnI4NWJ0VGxHZllWaHVVMlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe1IMA0G
CSqGSIb3DQEBCwUAA4IBAQCiNddSWYRFLE5cqCNq0GheNcV7+kG822q1tjAQp5j/
i1o8RZkNNXF7AXRpDVPSSnp2d0vxmQrixTbQ3t1VaeAa9ycEtBlsQAYNZOBeYHUg
PR/wljhFkvoU3gAI3dcBFAiP3lXGqT/GAOSfzkiISeurv2F/jbVer/6FDcXFrl7a
7U89mYVWTSQUIPsAccMRBn6TRheKP0apJJ2XJMkk464rXX9OLCSlEiP5Gr91p/Do
4LQZ5aFt0eAyFH61UROOeNfmBuSGEC++YyFlYosyI8s9nAspY7RXRV+zKPOc5QrQ
ikdhJDxHz2bUgmW+cihC1Cac21moSQzKF1qUWKbD345D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org