Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ZAV6NUUbKc2uvceTGYNCjzxWnZE.roa
File:                     ZAV6NUUbKc2uvceTGYNCjzxWnZE.roa (raw, json)
Hash identifier:          YlTnya528MJygSYSdcptmqezaMdydYoyy1RclyJo7TY=
Subject key identifier:   64:05:7A:35:45:1B:29:CD:AE:BD:C7:93:19:83:42:8F:3C:56:9D:91
Certificate issuer:       /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial:       018CCA2A018234691C247DC328A39C4D9BED
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ZAV6NUUbKc2uvceTGYNCjzxWnZE.roa
Signing time:             Tue 02 Jan 2024 12:33:19 +0000
ROA not before:           Tue 02 Jan 2024 12:33:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199404
IP address blocks:        69.57.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 12:24:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:01:82:34:69:1c:24:7d:c3:28:a3:9c:4d:9b:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
        Validity
            Not Before: Jan  2 12:33:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=64057a35451b29cdaebdc7931983428f3c569d91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:2d:27:be:ff:12:e5:d5:4f:0c:b9:f5:f2:e8:
                    dd:80:6a:1a:cc:19:d9:91:0e:41:f1:2d:0f:61:42:
                    bc:86:c3:ef:47:82:8b:a4:e2:70:d0:ef:94:ce:2a:
                    42:25:1e:ee:be:c2:15:64:34:92:7b:74:3f:c8:fb:
                    fc:7b:95:d0:3d:67:11:39:7f:c8:67:3c:74:c4:24:
                    83:20:72:42:e8:b4:d7:a8:7a:3e:c1:e2:09:f7:42:
                    84:fd:9e:05:66:bb:29:3c:c1:64:9c:4e:e5:34:04:
                    46:01:36:3f:17:f0:85:2d:ac:d9:f8:0a:09:bb:66:
                    4c:aa:de:cf:55:e4:76:a6:21:16:c9:bb:85:e9:c9:
                    b5:b0:26:e9:c6:66:78:aa:e6:7b:0c:c9:34:11:82:
                    e9:f2:92:58:d7:3c:23:c6:00:ae:05:1d:d7:30:ec:
                    2d:95:0c:77:2a:eb:83:5f:e8:0d:86:c9:72:01:4b:
                    da:81:e7:f2:d0:8c:12:fa:14:2d:4e:df:b7:7a:3a:
                    8f:c7:2e:8f:08:e9:55:1f:c5:24:bb:24:07:d9:05:
                    b3:ad:2c:2b:af:b8:aa:3b:c8:65:fa:1c:8d:9c:3f:
                    92:ae:9a:5a:de:8f:18:07:dd:bb:95:a4:d9:eb:9c:
                    27:a6:ca:1b:11:55:0c:26:1d:74:b9:72:b7:65:ae:
                    d8:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:05:7A:35:45:1B:29:CD:AE:BD:C7:93:19:83:42:8F:3C:56:9D:91
            X509v3 Authority Key Identifier:
                keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ZAV6NUUbKc2uvceTGYNCjzxWnZE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.57.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:58:30:ec:08:a5:a7:97:05:7a:d1:af:24:54:b9:e2:d9:4c:
         1f:fe:16:ac:1d:ff:85:1a:dd:38:07:3c:14:95:6d:ca:10:b1:
         ab:c1:dd:37:8e:35:f1:61:fc:f9:42:f7:e1:64:d3:42:a1:3a:
         c9:fc:38:85:8a:48:b9:6b:b8:a1:68:e6:e0:1c:37:a1:0c:e4:
         82:d4:e3:3c:d5:05:ba:e2:35:83:1d:11:34:3f:91:0a:da:3e:
         c0:18:0f:f7:41:dc:7e:37:cc:8e:32:ca:a8:5e:3e:15:3f:27:
         64:fc:1c:12:10:ca:f7:a2:fe:0a:57:41:77:75:23:f1:c3:ec:
         90:4a:cc:86:95:f5:01:b6:6c:5d:52:d6:03:d2:6d:60:bd:70:
         f6:b3:ba:fc:53:42:9e:f4:6b:92:68:25:27:75:25:46:27:06:
         dd:e9:24:73:04:41:f6:d4:83:59:81:b6:f2:99:0d:9b:60:e8:
         74:61:c2:bc:c6:5d:e3:3f:0a:29:e0:90:17:23:54:79:e6:14:
         bd:d6:00:27:99:07:14:e5:8d:d6:41:3e:0b:79:47:e4:51:68:
         4f:f1:d7:b7:bf:15:3f:cb:0a:11:d5:5d:13:ac:e8:8e:d2:83:
         3c:8f:ac:c8:64:4a:fd:e4:7f:8c:87:4f:d0:8c:4d:c4:fa:b7:
         e2:1b:b1:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKgGCNGkcJH3DKKOcTZvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwMTAyMTIzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDA1N2EzNTQ1MWIyOWNkYWViZGM3OTMxOTgzNDI4ZjNjNTY5ZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzy0nvv8S5dVPDLn18ujdgGoazBnZ
kQ5B8S0PYUK8hsPvR4KLpOJw0O+UzipCJR7uvsIVZDSSe3Q/yPv8e5XQPWcROX/I
Zzx0xCSDIHJC6LTXqHo+weIJ90KE/Z4FZrspPMFknE7lNARGATY/F/CFLazZ+AoJ
u2ZMqt7PVeR2piEWybuF6cm1sCbpxmZ4quZ7DMk0EYLp8pJY1zwjxgCuBR3XMOwt
lQx3KuuDX+gNhslyAUvagefy0IwS+hQtTt+3ejqPxy6PCOlVH8UkuyQH2QWzrSwr
r7iqO8hl+hyNnD+Srppa3o8YB927laTZ65wnpsobEVUMJh10uXK3Za7Y2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQFejVFGynNrr3HkxmDQo88Vp2RMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvWkFWNk5VVWJLYzJ1dmNlVEdZTkNqenhXblpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQARTmsMA0G
CSqGSIb3DQEBCwUAA4IBAQAQWDDsCKWnlwV60a8kVLni2Uwf/hasHf+FGt04BzwU
lW3KELGrwd03jjXxYfz5QvfhZNNCoTrJ/DiFiki5a7ihaObgHDehDOSC1OM81QW6
4jWDHRE0P5EK2j7AGA/3Qdx+N8yOMsqoXj4VPydk/BwSEMr3ov4KV0F3dSPxw+yQ
SsyGlfUBtmxdUtYD0m1gvXD2s7r8U0Ke9GuSaCUndSVGJwbd6SRzBEH21INZgbby
mQ2bYOh0YcK8xl3jPwop4JAXI1R55hS91gAnmQcU5Y3WQT4LeUfkUWhP8de3vxU/
ywoR1V0TrOiO0oM8j6zIZEr95H+Mh0/QjE3E+rfiG7HR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:49 2024 by rpki-client on console-fra.rpki-client.org