Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/cJsB7oq5GtYLPrZlHVCWR7IlYKo.roa
File:                     cJsB7oq5GtYLPrZlHVCWR7IlYKo.roa (raw, json)
Hash identifier:          DkriFrsdwgnTUgiCacf+sv3RoHwVlRCjwbuCaXarzCo=
Subject key identifier:   70:9B:01:EE:8A:B9:1A:D6:0B:3E:B6:65:1D:50:96:47:B2:25:60:AA
Certificate issuer:       /CN=122a2ba3cc18c998501309ecde042706af5b845a
Certificate serial:       018A8EB841B06A233F96CDAE06EDAEAAD7EF
Authority key identifier: 12:2A:2B:A3:CC:18:C9:98:50:13:09:EC:DE:04:27:06:AF:5B:84:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Eioro8wYyZhQEwns3gQnBq9bhFo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/cJsB7oq5GtYLPrZlHVCWR7IlYKo.roa
Signing time:             Wed 13 Sep 2023 13:25:54 +0000
ROA not before:           Wed 13 Sep 2023 13:25:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56690
IP address blocks:        91.226.172.0/22 maxlen: 22
                          185.250.60.0/22 maxlen: 22
                          2a09:8880::/36 maxlen: 36

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8e:b8:41:b0:6a:23:3f:96:cd:ae:06:ed:ae:aa:d7:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=122a2ba3cc18c998501309ecde042706af5b845a
        Validity
            Not Before: Sep 13 13:25:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=709b01ee8ab91ad60b3eb6651d509647b22560aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:f1:8f:ef:6d:0f:2b:da:0b:38:e3:0e:39:05:
                    42:f9:cf:c8:5f:8f:cd:9c:4a:b2:75:c6:e0:a9:1e:
                    cf:83:72:c3:8a:f4:11:bd:43:65:6b:af:52:23:7b:
                    37:12:6e:4c:78:2b:b8:a8:ea:4e:de:56:ba:71:04:
                    2e:9a:54:c9:29:b3:3d:24:da:19:e4:5f:f4:4f:23:
                    1b:f2:32:7c:f7:b0:80:25:93:00:98:03:32:d0:ac:
                    5f:21:48:9b:45:f7:25:0b:7c:e9:3c:29:11:db:79:
                    ac:7e:b8:ad:da:00:de:f2:21:9d:3e:0c:79:82:6b:
                    7f:90:d3:31:a5:fa:54:49:cd:2d:26:24:a1:35:4a:
                    3d:00:2e:3f:48:64:74:21:4e:c6:14:15:f2:1a:ee:
                    91:ca:67:6c:e6:b1:e3:36:c3:59:aa:9e:c8:79:e7:
                    ce:ab:47:de:6a:d6:56:6a:7d:c2:ec:ea:12:2b:23:
                    33:ef:c3:53:4b:3a:85:ef:41:9e:36:fb:b0:cf:4f:
                    03:16:04:06:47:af:60:81:37:de:06:90:09:62:3e:
                    91:14:21:c0:1e:8e:87:5d:ce:d1:22:f2:f3:be:5d:
                    85:5b:24:b0:cf:92:18:55:9f:88:5c:ee:53:90:a0:
                    30:a5:b7:8d:38:94:67:b4:6a:86:d8:9e:04:4e:4b:
                    c0:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:9B:01:EE:8A:B9:1A:D6:0B:3E:B6:65:1D:50:96:47:B2:25:60:AA
            X509v3 Authority Key Identifier:
                keyid:12:2A:2B:A3:CC:18:C9:98:50:13:09:EC:DE:04:27:06:AF:5B:84:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eioro8wYyZhQEwns3gQnBq9bhFo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/cJsB7oq5GtYLPrZlHVCWR7IlYKo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/Eioro8wYyZhQEwns3gQnBq9bhFo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.226.172.0/22
                  185.250.60.0/22
                IPv6:
                  2a09:8880::/36

    Signature Algorithm: sha256WithRSAEncryption
         08:a0:ca:c3:6d:f1:80:8a:6d:31:87:69:ed:84:00:ca:9b:7e:
         f5:89:ad:72:fb:28:a5:72:b7:b1:86:cd:7f:2e:15:5f:d5:6c:
         ff:7b:27:2f:4c:67:4d:87:c1:f5:63:f3:fe:24:1e:63:2b:2a:
         a2:de:b8:ce:58:1c:5f:da:cd:75:9a:f9:49:ce:88:5f:58:a0:
         39:61:c3:58:70:a9:db:67:9d:8b:2b:12:4e:be:67:20:af:40:
         c7:4d:39:57:a4:8e:ed:6e:5c:20:a7:57:59:53:be:25:06:5f:
         09:40:c4:cc:59:9e:dd:20:59:8b:0a:0a:a3:f9:31:94:9a:a1:
         c9:31:a1:eb:03:80:06:11:30:0d:b0:15:8d:eb:1a:15:35:e1:
         c5:86:75:dd:76:00:45:1d:59:86:c0:a0:a3:14:3d:d0:5c:60:
         9f:29:26:74:cb:bb:79:79:9b:4b:aa:85:38:4f:52:9b:02:e7:
         c7:71:7f:a2:f6:4f:81:6c:b7:b9:3a:42:9a:95:20:bc:ca:f6:
         58:b6:53:58:1f:6d:b7:36:bf:1a:ca:f4:a4:9b:d1:f0:ef:a2:
         3a:4b:e5:64:d6:f8:6d:0e:aa:61:05:9b:69:24:54:eb:a2:11:
         24:ca:fb:6e:a2:a3:42:9b:32:4e:aa:7c:93:37:19:39:65:a4:
         c8:76:58:bd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYqOuEGwaiM/ls2uBu2uqtfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMmEyYmEzY2MxOGM5OTg1MDEzMDllY2RlMDQyNzA2YWY1
Yjg0NWEwHhcNMjMwOTEzMTMyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDliMDFlZThhYjkxYWQ2MGIzZWI2NjUxZDUwOTY0N2IyMjU2MGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/GP720PK9oLOOMOOQVC+c/IX4/N
nEqydcbgqR7Pg3LDivQRvUNla69SI3s3Em5MeCu4qOpO3la6cQQumlTJKbM9JNoZ
5F/0TyMb8jJ897CAJZMAmAMy0KxfIUibRfclC3zpPCkR23msfrit2gDe8iGdPgx5
gmt/kNMxpfpUSc0tJiShNUo9AC4/SGR0IU7GFBXyGu6Rymds5rHjNsNZqp7IeefO
q0featZWan3C7OoSKyMz78NTSzqF70GeNvuwz08DFgQGR69ggTfeBpAJYj6RFCHA
Ho6HXc7RIvLzvl2FWySwz5IYVZ+IXO5TkKAwpbeNOJRntGqG2J4ETkvAywIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHCbAe6KuRrWCz62ZR1QlkeyJWCqMB8GA1UdIwQY
MBaAFBIqK6PMGMmYUBMJ7N4EJwavW4RaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlvcm84d1l5WmhRRXduczNnUW5CcTliaEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mOTY0MzAtNjJkNC00MzEwLTg0OTMt
YWUxYWExNjU0Y2RlLzEvY0pzQjdvcTVHdFlMUHJabEhWQ1dSN0lsWUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mOTY0MzAtNjJkNC00MzEwLTg0OTMtYWUxYWExNjU0Y2Rl
LzEvRWlvcm84d1l5WmhRRXduczNnUW5CcTliaEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCW+KsAwQC
ufo8MA4EAgACMAgDBgQqCYiAADANBgkqhkiG9w0BAQsFAAOCAQEACKDKw23xgIpt
MYdp7YQAypt+9YmtcvsopXK3sYbNfy4VX9Vs/3snL0xnTYfB9WPz/iQeYysqot64
zlgcX9rNdZr5Sc6IX1igOWHDWHCp22ediysSTr5nIK9Ax005V6SO7W5cIKdXWVO+
JQZfCUDEzFme3SBZiwoKo/kxlJqhyTGh6wOABhEwDbAVjesaFTXhxYZ13XYARR1Z
hsCgoxQ90FxgnykmdMu7eXmbS6qFOE9SmwLnx3F/ovZPgWy3uTpCmpUgvMr2WLZT
WB9ttza/Gsr0pJvR8O+iOkvlZNb4bQ6qYQWbaSRU66IRJMr7bqKjQpsyTqp8kzcZ
OWWkyHZYvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:01 2024 by rpki-client on console-ams.rpki-client.org