Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/IELvGtIcw-99ZrNLkxPsraZxx04.roa
File:                     IELvGtIcw-99ZrNLkxPsraZxx04.roa (raw, json)
Hash identifier:          eJOKR6DCIytTcwlAP8wolK4NNIXZkgSp4/dyXLooiDw=
Subject key identifier:   20:42:EF:1A:D2:1C:C3:EF:7D:66:B3:4B:93:13:EC:AD:A6:71:C7:4E
Certificate issuer:       /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial:       0186DCF9584DD276DE46AE1F8429E3FE255F
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/IELvGtIcw-99ZrNLkxPsraZxx04.roa
Signing time:             Mon 13 Mar 2023 21:56:13 +0000
ROA not before:           Mon 13 Mar 2023 21:56:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60751
IP address blocks:        185.104.216.0/22 maxlen: 24
                          185.24.233.0/24 maxlen: 24
                          185.24.234.0/23 maxlen: 24
                          185.24.234.0/24 maxlen: 24
                          2a04:2e01::/32 maxlen: 36
                          2a04:2e00::/32 maxlen: 36

Validation:               Failed, certificate revoked on Tue 14 Mar 2023 08:53:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:dc:f9:58:4d:d2:76:de:46:ae:1f:84:29:e3:fe:25:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
        Validity
            Not Before: Mar 13 21:56:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2042ef1ad21cc3ef7d66b34b9313ecada671c74e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:62:8a:ec:b7:1c:29:da:eb:3f:4b:e0:fa:34:
                    dd:15:57:80:68:9b:7e:37:e6:60:1b:b4:19:f3:93:
                    2e:15:57:f3:c7:9f:91:28:53:71:d4:b4:57:5a:bc:
                    33:e9:03:84:da:63:d0:f2:48:3d:2d:01:c0:bb:5d:
                    ef:18:ad:ce:98:95:df:71:6a:32:b6:d1:d1:10:6f:
                    8d:08:23:25:3a:22:96:2b:69:2e:07:d9:ec:01:1e:
                    ea:3d:7b:9e:59:44:60:97:b5:32:a5:46:2b:25:97:
                    04:fa:9d:38:f1:37:a0:c1:4d:3d:e4:af:ee:6a:b4:
                    e6:33:65:ae:dc:eb:eb:ff:6d:12:4a:99:4d:7a:24:
                    55:b6:d5:95:84:97:c7:44:20:71:4b:01:b4:a7:16:
                    2a:06:6a:45:db:98:bb:71:81:16:8a:06:96:11:2a:
                    d5:27:82:58:0c:e4:22:b0:82:66:d6:55:24:2b:f9:
                    48:df:82:61:75:ec:02:0f:e5:eb:d9:28:03:20:0f:
                    b8:3a:e4:b2:e4:f1:cd:2f:ca:5a:d9:10:db:b0:fc:
                    37:1a:fe:b9:36:b3:1e:9b:27:5a:10:68:8f:0a:7a:
                    f9:50:88:e7:c5:e8:8f:dc:e1:a6:b0:3b:bc:12:2c:
                    1e:bd:01:d5:fb:44:88:b5:94:16:55:e7:1b:e7:f3:
                    2f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:42:EF:1A:D2:1C:C3:EF:7D:66:B3:4B:93:13:EC:AD:A6:71:C7:4E
            X509v3 Authority Key Identifier:
                keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/IELvGtIcw-99ZrNLkxPsraZxx04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.24.233.0-185.24.235.255
                  185.104.216.0/22
                IPv6:
                  2a04:2e00::/31

    Signature Algorithm: sha256WithRSAEncryption
         98:07:fc:55:64:e0:ca:fb:8a:a5:d6:b9:91:fd:10:49:5a:91:
         60:2d:2f:0f:b0:3f:42:be:e7:fc:aa:5f:1d:1c:2a:8c:89:ef:
         ea:97:4d:4d:fd:88:0f:ec:75:e3:4c:69:01:50:27:f9:59:bb:
         db:5c:61:05:5f:2f:6b:48:93:2b:5e:c3:13:c7:89:03:21:f9:
         7b:e2:3b:04:52:c6:52:89:e3:ab:bc:3d:18:7a:91:a0:bb:ea:
         a9:76:0f:54:61:bc:e7:2f:df:92:5b:5e:1e:57:45:2f:56:a8:
         3e:c1:81:93:4a:09:b8:55:e6:ea:36:4e:c5:51:bd:b6:8f:2b:
         14:d3:70:c7:2e:22:fb:08:5c:b4:04:2b:43:d0:f4:7a:90:04:
         f8:df:a1:3f:53:f5:e8:c3:e8:d8:d4:1f:27:13:21:c8:2e:c0:
         eb:ec:54:10:22:3e:b0:fb:18:7d:99:7e:89:3c:0c:49:d5:36:
         95:98:75:8b:9d:c5:91:28:66:bc:af:52:83:df:b5:0c:f9:84:
         9e:fb:22:4f:24:36:2a:ff:af:1e:bc:cd:ae:25:9b:38:70:80:
         50:e2:57:db:75:ab:ef:21:60:4e:92:f4:38:7f:eb:ea:10:78:
         b1:68:06:40:29:ee:c8:da:8b:b6:97:1b:0b:30:e3:d9:0f:f4:
         0f:0e:10:fb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYbc+VhN0nbeRq4fhCnj/iVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjMwMzEzMjE1NjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQyZWYxYWQyMWNjM2VmN2Q2NmIzNGI5MzEzZWNhZGE2NzFjNzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWKK7LccKdrrP0vg+jTdFVeAaJt+
N+ZgG7QZ85MuFVfzx5+RKFNx1LRXWrwz6QOE2mPQ8kg9LQHAu13vGK3OmJXfcWoy
ttHREG+NCCMlOiKWK2kuB9nsAR7qPXueWURgl7UypUYrJZcE+p048TegwU095K/u
arTmM2Wu3Ovr/20SSplNeiRVttWVhJfHRCBxSwG0pxYqBmpF25i7cYEWigaWESrV
J4JYDOQisIJm1lUkK/lI34JhdewCD+Xr2SgDIA+4OuSy5PHNL8pa2RDbsPw3Gv65
NrMemydaEGiPCnr5UIjnxeiP3OGmsDu8EiwevQHV+0SItZQWVecb5/MvDwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCBC7xrSHMPvfWazS5MT7K2mccdOMB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvSUVMdkd0SWN3LTk5WnJOTGt4UHNyYVp4eDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5GOkD
BAK5GOgDBAK5aNgwDQQCAAIwBwMFASoELgAwDQYJKoZIhvcNAQELBQADggEBAJgH
/FVk4Mr7iqXWuZH9EElakWAtLw+wP0K+5/yqXx0cKoyJ7+qXTU39iA/sdeNMaQFQ
J/lZu9tcYQVfL2tIkytewxPHiQMh+XviOwRSxlKJ46u8PRh6kaC76ql2D1RhvOcv
35JbXh5XRS9WqD7BgZNKCbhV5uo2TsVRvbaPKxTTcMcuIvsIXLQEK0PQ9HqQBPjf
oT9T9ejD6NjUHycTIcguwOvsVBAiPrD7GH2Zfok8DEnVNpWYdYudxZEoZryvUoPf
tQz5hJ77Ik8kNir/rx68za4lmzhwgFDiV9t1q+8hYE6S9Dh/6+oQeLFoBkAp7sja
i7aXGwsw49kP9A8OEPs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:13 2024 by rpki-client on console-ams.rpki-client.org