Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/m4EgKP_YYg126Syxi0yASeTpDgU.roa
File:                     m4EgKP_YYg126Syxi0yASeTpDgU.roa (raw, json)
Hash identifier:          vGS6+5fsdixvXUMV3uE66ihfj104J6YXbiqXAAbSS8k=
Subject key identifier:   9B:81:20:28:FF:D8:62:0D:76:E9:2C:B1:8B:4C:80:49:E4:E9:0E:05
Certificate issuer:       /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial:       018B5E31FCFB396ECFD66BC436C5C963BDFC
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/m4EgKP_YYg126Syxi0yASeTpDgU.roa
Signing time:             Mon 23 Oct 2023 20:20:16 +0000
ROA not before:           Mon 23 Oct 2023 20:20:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        85.237.76.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5e:31:fc:fb:39:6e:cf:d6:6b:c4:36:c5:c9:63:bd:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
        Validity
            Not Before: Oct 23 20:20:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b812028ffd8620d76e92cb18b4c8049e4e90e05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:1c:1f:f4:99:69:29:f4:c3:9a:b2:e4:1b:6c:
                    83:b4:8d:5b:09:de:73:60:18:18:60:99:ec:57:23:
                    93:4c:57:d0:1c:ac:74:94:cd:1b:eb:a3:2d:9d:59:
                    f2:ed:23:26:91:e0:1a:b8:39:0d:0e:5e:a8:a9:d5:
                    e9:4a:2d:05:1c:74:33:b8:e3:e5:41:a9:14:d9:15:
                    34:79:6a:cd:d5:1a:b1:ae:c7:34:d1:52:0c:c9:b2:
                    3b:bd:c4:19:c5:49:67:26:01:ba:df:a9:34:bb:0f:
                    1a:4f:77:5b:b3:48:84:86:f2:f9:b3:14:d8:a1:85:
                    44:81:94:0f:7c:c7:e1:46:fb:1b:25:be:ec:46:ff:
                    67:1c:43:1f:ae:06:57:3d:dc:9b:49:c4:66:3c:94:
                    09:d2:c3:ae:ed:6e:04:a0:f5:d6:88:0b:f1:73:6d:
                    62:36:27:15:f0:42:78:2a:ed:78:0a:90:dd:09:fc:
                    19:26:e3:a8:d1:98:79:bb:44:1b:99:66:cc:66:90:
                    c4:19:79:5e:37:cc:f1:d7:7a:74:56:bc:99:dd:7c:
                    32:f5:9d:6c:99:22:ca:f5:a0:38:b5:41:f2:24:81:
                    33:1a:3e:ad:56:29:23:ea:fa:4d:c0:f1:73:56:fd:
                    fb:80:90:40:b2:31:6c:50:63:dd:ba:b1:1a:d3:c5:
                    94:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:81:20:28:FF:D8:62:0D:76:E9:2C:B1:8B:4C:80:49:E4:E9:0E:05
            X509v3 Authority Key Identifier:
                keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/m4EgKP_YYg126Syxi0yASeTpDgU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:88:88:56:e1:34:bc:3f:b9:c6:eb:55:91:22:ef:eb:b4:93:
         23:19:b6:7a:9e:7c:52:ee:b2:6c:bb:f3:e1:ac:0a:d6:b7:1b:
         00:b5:40:b7:82:b4:97:a5:54:a0:92:2d:c8:61:48:65:e7:a6:
         5e:26:8c:0b:4d:3c:11:f6:27:19:c3:6a:f4:e9:ed:51:1c:9a:
         00:a4:e2:1d:8a:d1:18:81:62:c5:e6:87:d2:bb:ad:4e:3d:6a:
         be:02:c8:8a:2b:01:5b:7e:2e:e7:68:02:38:dc:66:de:fc:ba:
         43:ec:06:7f:81:b8:b3:d4:e4:8b:ac:cb:7b:d3:9b:06:e3:9a:
         38:91:e4:b9:6c:e2:9c:3a:8f:3d:86:8e:93:02:70:0f:ff:4a:
         fb:35:0a:4f:8a:58:16:b3:72:59:1b:cd:ea:0b:a4:5d:ac:5f:
         57:5f:b0:fe:fc:a1:cc:4a:86:20:1b:57:e5:21:f1:2d:30:b0:
         16:7c:50:f6:b8:16:62:7e:30:0c:12:b0:1f:4d:be:70:fd:d3:
         84:69:69:da:4e:93:c8:6b:82:86:89:16:cf:d7:e3:60:2c:47:
         77:ed:5b:99:1c:e5:fa:90:d7:60:1f:09:68:a4:4a:fe:72:cc:
         7d:8f:c1:f5:29:1f:e5:ab:9b:dc:fc:1b:09:e8:76:73:56:71:
         8e:27:43:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYteMfz7OW7P1mvENsXJY738MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjMxMDIzMjAyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjgxMjAyOGZmZDg2MjBkNzZlOTJjYjE4YjRjODA0OWU0ZTkwZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRwf9JlpKfTDmrLkG2yDtI1bCd5z
YBgYYJnsVyOTTFfQHKx0lM0b66MtnVny7SMmkeAauDkNDl6oqdXpSi0FHHQzuOPl
QakU2RU0eWrN1Rqxrsc00VIMybI7vcQZxUlnJgG636k0uw8aT3dbs0iEhvL5sxTY
oYVEgZQPfMfhRvsbJb7sRv9nHEMfrgZXPdybScRmPJQJ0sOu7W4EoPXWiAvxc21i
NicV8EJ4Ku14CpDdCfwZJuOo0Zh5u0QbmWbMZpDEGXleN8zx13p0VryZ3Xwy9Z1s
mSLK9aA4tUHyJIEzGj6tVikj6vpNwPFzVv37gJBAsjFsUGPdurEa08WUMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJuBICj/2GINdukssYtMgEnk6Q4FMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvbTRFZ0tQX1lZZzEyNlN5eGkweUFTZVRwRGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe1MMA0G
CSqGSIb3DQEBCwUAA4IBAQA4iIhW4TS8P7nG61WRIu/rtJMjGbZ6nnxS7rJsu/Ph
rArWtxsAtUC3grSXpVSgki3IYUhl56ZeJowLTTwR9icZw2r06e1RHJoApOIditEY
gWLF5ofSu61OPWq+AsiKKwFbfi7naAI43Gbe/LpD7AZ/gbiz1OSLrMt705sG45o4
keS5bOKcOo89ho6TAnAP/0r7NQpPilgWs3JZG83qC6RdrF9XX7D+/KHMSoYgG1fl
IfEtMLAWfFD2uBZifjAMErAfTb5w/dOEaWnaTpPIa4KGiRbP1+NgLEd37VuZHOX6
kNdgHwlopEr+csx9j8H1KR/lq5vc/BsJ6HZzVnGOJ0Pb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org