Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/tc1d5e6xkpi9zGMCXzDg5kO29nw.roa
File:                     tc1d5e6xkpi9zGMCXzDg5kO29nw.roa (raw, json)
Hash identifier:          99EkI4Aua8DLTgYbWzti1L8vOpPfuOs2XSMCOZGK0sw=
Subject key identifier:   B5:CD:5D:E5:EE:B1:92:98:BD:CC:63:02:5F:30:E0:E6:43:B6:F6:7C
Certificate issuer:       /CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Certificate serial:       01857039824D4E2CE8257A8B4DF0DC966BB8
Authority key identifier: A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/tc1d5e6xkpi9zGMCXzDg5kO29nw.roa
Signing time:             Mon 02 Jan 2023 02:04:55 +0000
ROA not before:           Mon 02 Jan 2023 02:04:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48685
IP address blocks:        94.142.152.0/21 maxlen: 21
                          185.25.252.0/22 maxlen: 22
                          176.10.32.0/21 maxlen: 21
                          185.169.188.0/22 maxlen: 22
                          185.169.188.0/23 maxlen: 23
                          176.57.224.0/20 maxlen: 20
                          2a06:a100::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:82:4d:4e:2c:e8:25:7a:8b:4d:f0:dc:96:6b:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
        Validity
            Not Before: Jan  2 02:04:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b5cd5de5eeb19298bdcc63025f30e0e643b6f67c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5b:df:fe:10:f2:52:3d:54:cb:75:76:2a:77:
                    87:b9:88:d8:34:e6:31:02:b8:4c:5a:18:40:22:e2:
                    3d:5f:55:fc:1a:77:fe:8c:db:3b:8d:b9:af:12:9b:
                    da:2a:11:d4:81:01:c8:16:d2:48:60:b2:26:60:4c:
                    fc:f6:a1:dc:40:8f:22:d4:f7:21:4f:84:7f:b4:a0:
                    f9:82:f9:ef:52:37:0f:02:e8:43:a1:f1:4e:3c:fa:
                    75:c1:00:e1:5e:83:a8:04:0d:6c:83:76:7d:5c:4c:
                    2f:2e:0e:ab:03:4e:27:c0:d7:45:2e:58:78:50:bc:
                    02:2c:5a:f8:de:a8:e3:cf:52:5e:fb:73:50:b9:c6:
                    ce:96:c9:e4:67:97:6b:7f:fe:92:2b:8c:22:cc:f2:
                    95:68:1b:bd:c7:7a:1b:94:be:2f:a3:78:ec:43:85:
                    8c:1d:64:00:93:b7:2f:96:40:f1:fe:38:1d:a4:70:
                    49:e6:8e:97:33:51:23:29:0c:0d:39:cf:a1:08:4e:
                    58:aa:5f:41:8d:a9:d3:f6:35:fc:59:88:97:15:aa:
                    15:fd:10:41:52:07:ea:23:87:f0:ed:d7:fc:f2:0d:
                    c2:13:96:40:ac:5c:80:f0:9e:65:2b:a2:92:a3:6b:
                    4b:fe:65:f2:be:98:90:69:eb:4e:9d:03:74:fc:11:
                    f9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:CD:5D:E5:EE:B1:92:98:BD:CC:63:02:5F:30:E0:E6:43:B6:F6:7C
            X509v3 Authority Key Identifier:
                keyid:A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/tc1d5e6xkpi9zGMCXzDg5kO29nw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.142.152.0/21
                  176.10.32.0/21
                  176.57.224.0/20
                  185.25.252.0/22
                  185.169.188.0/22
                IPv6:
                  2a06:a100::/29

    Signature Algorithm: sha256WithRSAEncryption
         7c:b7:1b:db:d3:b2:87:4a:01:8d:1c:64:08:63:04:bb:d7:80:
         96:a8:a8:e9:c3:b1:f0:d8:87:98:c0:6b:d6:9f:64:d2:34:5e:
         35:71:48:3a:30:5c:f8:39:2a:0d:80:49:b0:af:c7:42:34:3a:
         39:86:cf:12:9d:55:dd:cf:01:fe:c2:18:89:13:bb:ed:90:85:
         f5:e2:0f:bb:81:4b:82:69:16:3c:cd:b4:dd:78:7d:94:78:04:
         85:64:e5:46:52:41:89:da:50:f5:1c:2f:b8:09:13:16:89:1f:
         97:98:b4:9b:4e:4d:9b:20:ee:6d:9e:08:7c:5e:89:16:3c:68:
         0d:4f:58:e7:a4:b7:7e:22:8c:cd:15:9c:09:8d:11:83:70:87:
         e1:5f:82:04:c4:15:2c:29:ca:d2:da:13:db:23:f7:fb:28:18:
         d3:12:c7:c7:b4:68:2a:27:9d:54:50:84:4c:ca:41:75:74:e4:
         3c:41:ef:26:8d:ad:4d:d7:36:68:45:6d:49:52:6b:4a:05:d4:
         18:cc:fc:ab:0f:97:5d:86:a1:a1:80:69:21:ae:c0:4e:55:ad:
         a0:e4:00:e1:0d:28:0c:09:4c:58:9d:21:4f:d1:4e:55:18:e6:
         11:56:42:be:73:ce:e6:0f:70:59:d7:6c:c2:48:0c:fa:4b:44:
         b0:ee:0a:4e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVwOYJNTizoJXqLTfDclmu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjY2NmNiMGU1NDk2MTE2ZWI3YWU2NzE0ZDkwNTUzMDli
YTY5YWMwHhcNMjMwMTAyMDIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWNkNWRlNWVlYjE5Mjk4YmRjYzYzMDI1ZjMwZTBlNjQzYjZmNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1vf/hDyUj1Uy3V2KneHuYjYNOYx
ArhMWhhAIuI9X1X8Gnf+jNs7jbmvEpvaKhHUgQHIFtJIYLImYEz89qHcQI8i1Pch
T4R/tKD5gvnvUjcPAuhDofFOPPp1wQDhXoOoBA1sg3Z9XEwvLg6rA04nwNdFLlh4
ULwCLFr43qjjz1Je+3NQucbOlsnkZ5drf/6SK4wizPKVaBu9x3oblL4vo3jsQ4WM
HWQAk7cvlkDx/jgdpHBJ5o6XM1EjKQwNOc+hCE5Yql9BjanT9jX8WYiXFaoV/RBB
UgfqI4fw7df88g3CE5ZArFyA8J5lK6KSo2tL/mXyvpiQaetOnQN0/BH5oQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLXNXeXusZKYvcxjAl8w4OZDtvZ8MB8GA1UdIwQY
MBaAFKS2ZssOVJYRbreuZxTZBVMJummsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExabXl3NVVsaEZ1dDY1bkZOa0ZVd202YWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mNzQyODAtY2M2ZC00MWMxLTg1OGEt
YjUzNjgzMzBiYWYyLzEvdGMxZDVlNnhrcGk5ekdNQ1h6RGc1a08yOW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mNzQyODAtY2M2ZC00MWMxLTg1OGEtYjUzNjgzMzBiYWYy
LzEvcExabXl3NVVsaEZ1dDY1bkZOa0ZVd202YWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDXo6YAwQD
sAogAwQEsDngAwQCuRn8AwQCuam8MA0EAgACMAcDBQMqBqEAMA0GCSqGSIb3DQEB
CwUAA4IBAQB8txvb07KHSgGNHGQIYwS714CWqKjpw7Hw2IeYwGvWn2TSNF41cUg6
MFz4OSoNgEmwr8dCNDo5hs8SnVXdzwH+whiJE7vtkIX14g+7gUuCaRY8zbTdeH2U
eASFZOVGUkGJ2lD1HC+4CRMWiR+XmLSbTk2bIO5tngh8XokWPGgNT1jnpLd+IozN
FZwJjRGDcIfhX4IExBUsKcrS2hPbI/f7KBjTEsfHtGgqJ51UUIRMykF1dOQ8Qe8m
ja1N1zZoRW1JUmtKBdQYzPyrD5ddhqGhgGkhrsBOVa2g5ADhDSgMCUxYnSFP0U5V
GOYRVkK+c87mD3BZ12zCSAz6S0Sw7gpO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:55 2024 by rpki-client on console-fra.rpki-client.org