Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/490f3c-6f7c-4564-9c6b-66979a0480b0/1/7_seyCwxND2PHv99PN0ic8YTo4A.roa
File:                     7_seyCwxND2PHv99PN0ic8YTo4A.roa (raw, json)
Hash identifier:          4d6N++kpO3mhXgsNJZ3KV0oFX4HV1PofMIpQtmk8xCg=
Subject key identifier:   EF:FB:1E:C8:2C:31:34:3D:8F:1E:FF:7D:3C:DD:22:73:C6:13:A3:80
Certificate issuer:       /CN=55ac802b857fe4257223a8e55085a50b3b770ec6
Certificate serial:       01856E5D6877EDB4A280D856D08372CFAD1D
Authority key identifier: 55:AC:80:2B:85:7F:E4:25:72:23:A8:E5:50:85:A5:0B:3B:77:0E:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VayAK4V_5CVyI6jlUIWlCzt3DsY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/490f3c-6f7c-4564-9c6b-66979a0480b0/1/7_seyCwxND2PHv99PN0ic8YTo4A.roa
Signing time:             Sun 01 Jan 2023 17:24:53 +0000
ROA not before:           Sun 01 Jan 2023 17:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33941
IP address blocks:        84.21.128.0/19 maxlen: 19
                          84.21.136.0/22 maxlen: 22
                          84.21.142.0/23 maxlen: 23
                          84.21.145.0/24 maxlen: 24
                          84.21.151.0/24 maxlen: 24
                          84.21.150.0/23 maxlen: 23
                          84.21.150.0/24 maxlen: 24
                          84.21.152.0/23 maxlen: 23
                          84.21.146.0/23 maxlen: 23
                          84.21.152.0/24 maxlen: 24
                          84.21.153.0/24 maxlen: 24
                          2a01:570:1::/48 maxlen: 48
                          2a01:570::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:5d:68:77:ed:b4:a2:80:d8:56:d0:83:72:cf:ad:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55ac802b857fe4257223a8e55085a50b3b770ec6
        Validity
            Not Before: Jan  1 17:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=effb1ec82c31343d8f1eff7d3cdd2273c613a380
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:57:38:e1:4d:c6:c5:f2:da:c3:a8:1b:11:61:
                    db:3b:23:10:9e:8b:60:f4:00:ab:45:1d:5b:dd:c9:
                    2b:81:f0:33:cf:e1:92:f9:a7:ac:d7:d5:db:42:6f:
                    bf:b9:04:e5:a4:75:5c:d9:ba:eb:c9:e4:2d:37:71:
                    66:18:47:18:99:16:9b:62:38:96:70:be:a5:5e:d4:
                    eb:6a:25:69:91:fa:80:af:09:63:d9:74:c1:4d:ee:
                    7b:27:3b:ec:df:c7:1b:79:19:6f:7f:34:31:fe:ae:
                    30:00:6b:aa:1c:c1:9f:cf:cf:c9:a9:fa:2c:f9:0c:
                    f3:9a:22:66:e4:fb:b0:9e:78:4a:0e:e1:59:49:d5:
                    be:00:5c:fe:bf:0e:ff:e3:8c:94:12:ad:4c:53:4c:
                    7a:49:4c:ba:c4:e2:38:a2:97:fb:5f:0b:1e:d9:7e:
                    90:f9:38:fc:2d:3d:76:89:c2:24:6a:20:a2:aa:92:
                    98:8d:62:7d:5b:82:19:aa:55:3a:f1:88:aa:fb:44:
                    cf:03:8e:b8:db:98:b6:b8:46:00:dc:55:92:4a:0b:
                    84:e2:be:d0:ce:7d:66:d1:11:7c:fd:40:f5:7b:c3:
                    3c:20:26:74:ed:7e:63:af:2d:25:5c:fa:cc:78:f8:
                    d6:01:42:55:e4:fa:31:6c:a6:09:15:b8:60:70:6a:
                    ad:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:FB:1E:C8:2C:31:34:3D:8F:1E:FF:7D:3C:DD:22:73:C6:13:A3:80
            X509v3 Authority Key Identifier:
                keyid:55:AC:80:2B:85:7F:E4:25:72:23:A8:E5:50:85:A5:0B:3B:77:0E:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VayAK4V_5CVyI6jlUIWlCzt3DsY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/490f3c-6f7c-4564-9c6b-66979a0480b0/1/7_seyCwxND2PHv99PN0ic8YTo4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/490f3c-6f7c-4564-9c6b-66979a0480b0/1/VayAK4V_5CVyI6jlUIWlCzt3DsY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.21.128.0/19
                IPv6:
                  2a01:570::/32

    Signature Algorithm: sha256WithRSAEncryption
         4c:80:5c:af:6c:c7:db:d9:71:0e:2d:9d:df:79:5c:0b:7f:ad:
         51:b4:e3:07:77:4c:0d:8f:f6:9c:e6:9b:bb:3e:53:a0:d2:77:
         e4:c1:c8:32:79:6c:ef:81:52:2d:ea:cd:46:c7:69:2f:c0:b9:
         13:6d:a7:61:45:5e:71:e3:be:45:fc:28:69:17:05:5f:d3:0b:
         ad:fe:8d:7a:75:1d:a4:21:f0:44:81:b1:60:63:b6:07:08:ed:
         a9:79:e6:64:16:b5:4b:94:67:a2:c4:54:ca:bc:3f:b8:14:cb:
         1a:59:d8:0c:98:21:88:2a:b9:bb:5d:e5:fb:ed:ed:81:16:99:
         54:ca:8d:1f:d6:25:47:e8:57:d1:14:f7:cb:be:69:77:8a:ec:
         49:14:c6:08:bd:b6:ce:e4:7c:c0:37:b4:ae:08:94:bd:60:d9:
         1d:53:b1:62:f4:36:eb:1f:e0:2d:b4:f6:e8:7a:9d:a2:0a:08:
         a3:b1:79:19:be:5e:10:88:27:31:5d:63:6a:ba:3a:24:8b:a3:
         f7:24:8c:29:62:fb:d6:90:f2:a8:99:0a:46:8a:67:55:1a:48:
         ac:b3:10:26:67:6e:f9:5f:77:35:77:9a:10:97:57:e8:0d:cf:
         a1:d0:97:1d:67:6d:88:24:96:10:e6:ec:0f:52:20:59:b1:b9:
         08:0d:39:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuXWh37bSigNhW0INyz60dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YWM4MDJiODU3ZmU0MjU3MjIzYThlNTUwODVhNTBiM2I3
NzBlYzYwHhcNMjMwMTAxMTcyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmZiMWVjODJjMzEzNDNkOGYxZWZmN2QzY2RkMjI3M2M2MTNhMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplc44U3GxfLaw6gbEWHbOyMQnotg
9ACrRR1b3ckrgfAzz+GS+aes19XbQm+/uQTlpHVc2brryeQtN3FmGEcYmRabYjiW
cL6lXtTraiVpkfqArwlj2XTBTe57Jzvs38cbeRlvfzQx/q4wAGuqHMGfz8/Jqfos
+QzzmiJm5PuwnnhKDuFZSdW+AFz+vw7/44yUEq1MU0x6SUy6xOI4opf7Xwse2X6Q
+Tj8LT12icIkaiCiqpKYjWJ9W4IZqlU68Yiq+0TPA46425i2uEYA3FWSSguE4r7Q
zn1m0RF8/UD1e8M8ICZ07X5jry0lXPrMePjWAUJV5PoxbKYJFbhgcGqtmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO/7HsgsMTQ9jx7/fTzdInPGE6OAMB8GA1UdIwQY
MBaAFFWsgCuFf+QlciOo5VCFpQs7dw7GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmF5QUs0Vl81Q1Z5STZqbFVJV2xDenQzRHNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80OTBmM2MtNmY3Yy00NTY0LTljNmIt
NjY5NzlhMDQ4MGIwLzEvN19zZXlDd3hORDJQSHY5OVBOMGljOFlUbzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80OTBmM2MtNmY3Yy00NTY0LTljNmItNjY5NzlhMDQ4MGIw
LzEvVmF5QUs0Vl81Q1Z5STZqbFVJV2xDenQzRHNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVBWAMA0E
AgACMAcDBQAqAQVwMA0GCSqGSIb3DQEBCwUAA4IBAQBMgFyvbMfb2XEOLZ3feVwL
f61RtOMHd0wNj/ac5pu7PlOg0nfkwcgyeWzvgVIt6s1Gx2kvwLkTbadhRV5x475F
/ChpFwVf0wut/o16dR2kIfBEgbFgY7YHCO2peeZkFrVLlGeixFTKvD+4FMsaWdgM
mCGIKrm7XeX77e2BFplUyo0f1iVH6FfRFPfLvml3iuxJFMYIvbbO5HzAN7SuCJS9
YNkdU7Fi9DbrH+AttPboep2iCgijsXkZvl4QiCcxXWNqujoki6P3JIwpYvvWkPKo
mQpGimdVGkissxAmZ275X3c1d5oQl1foDc+h0JcdZ22IJJYQ5uwPUiBZsbkIDTne
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:07 2024 by rpki-client on console-fra.rpki-client.org