Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/Z-PUUlqXjEraCwlk7Dmyi4VzdYg.roa
File:                     Z-PUUlqXjEraCwlk7Dmyi4VzdYg.roa (raw, json)
Hash identifier:          LQAQNrJ9RWX7XJxJ+pvzUnPrg2qDImQFNP7Us9Yq/LQ=
Subject key identifier:   67:E3:D4:52:5A:97:8C:4A:DA:0B:09:64:EC:39:B2:8B:85:73:75:88
Certificate issuer:       /CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Certificate serial:       018BCCB63E20AE7C06A4EDC896046636BA42
Authority key identifier: 6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/Z-PUUlqXjEraCwlk7Dmyi4VzdYg.roa
Signing time:             Tue 14 Nov 2023 07:22:57 +0000
ROA not before:           Tue 14 Nov 2023 07:22:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63018
IP address blocks:        195.137.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:cc:b6:3e:20:ae:7c:06:a4:ed:c8:96:04:66:36:ba:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
        Validity
            Not Before: Nov 14 07:22:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67e3d4525a978c4ada0b0964ec39b28b85737588
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:4d:b5:c9:57:ca:75:00:43:e0:06:68:d9:14:
                    e2:38:65:9e:2d:09:2d:7f:7b:f9:ce:c0:bf:39:7b:
                    da:50:5d:99:c1:df:83:4c:0f:94:8c:c5:63:62:e3:
                    df:6b:91:14:d5:5e:f1:81:3a:3a:7c:7c:73:49:e5:
                    13:3c:f5:94:ff:0c:1b:64:a1:c3:b5:38:2f:a3:ec:
                    90:2e:74:b8:f3:ee:03:fd:ab:3d:19:50:5b:55:fe:
                    02:43:ea:33:5a:28:18:ab:e3:fc:0f:9d:7f:a5:ec:
                    ea:a2:e0:a3:23:d2:c2:3d:10:7f:2a:89:8f:b6:f5:
                    9f:df:ac:86:ac:ec:d6:83:55:b6:f3:97:7e:06:a9:
                    41:c1:b4:e6:43:d9:a7:02:59:4e:17:95:40:08:cf:
                    ca:a2:e1:74:83:12:2f:05:ff:65:37:80:b8:03:fb:
                    19:ed:79:29:b3:9d:15:dd:e1:d0:20:2e:63:66:25:
                    15:0e:03:bc:0e:af:b3:29:30:2e:1a:3e:3a:be:d9:
                    ed:c4:c5:79:5a:e5:0e:58:8e:f8:f7:8e:93:db:8b:
                    49:6d:cd:6d:1c:f7:1e:68:96:8b:6a:71:54:26:41:
                    cc:bf:53:a6:0b:4c:8d:36:e8:f6:bd:69:f4:e7:1e:
                    79:8b:ac:ac:8b:e1:24:16:76:0e:8e:03:20:61:c0:
                    fa:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:E3:D4:52:5A:97:8C:4A:DA:0B:09:64:EC:39:B2:8B:85:73:75:88
            X509v3 Authority Key Identifier:
                keyid:6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/Z-PUUlqXjEraCwlk7Dmyi4VzdYg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.137.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:2b:c4:86:78:b7:be:f1:2c:57:38:bf:01:9e:ce:5e:8d:56:
         90:ef:ee:23:0e:30:22:9a:ea:72:9e:2c:c7:4d:ff:02:55:ac:
         24:1e:0e:c8:21:d0:a0:2c:c3:33:66:4e:7e:86:b7:6d:11:5e:
         df:3d:ae:6d:43:3f:a1:8f:ec:0b:a7:a3:de:44:81:6a:6a:41:
         96:1f:6d:21:61:cd:da:ed:b5:de:4b:51:8b:ba:92:8b:e3:88:
         fb:b2:f0:97:67:bd:36:e4:f1:7d:e3:39:24:c0:10:07:8b:15:
         bf:19:e0:ed:9d:4c:b6:0d:38:3b:43:07:5a:08:01:6c:78:9a:
         90:cb:02:e4:f0:09:0d:25:35:f3:0b:a9:7c:1e:1f:91:ac:0c:
         d6:20:83:35:27:c0:98:11:67:56:c4:b7:cd:54:a8:42:99:03:
         d7:0f:4e:b3:8d:09:09:f7:5e:ef:97:0b:cb:db:01:6f:29:03:
         f1:4e:19:6f:4c:62:09:52:47:bd:5e:85:65:39:c8:0e:40:f2:
         1c:6d:cb:66:fa:46:a5:33:2d:1d:a9:90:87:05:a7:f3:ce:c9:
         e5:81:85:0b:f7:7e:33:a6:4a:72:72:5a:b7:7f:cb:9c:0b:a6:
         68:4b:dc:62:34:ad:99:f4:d8:91:42:0c:f3:f7:9a:34:53:5d:
         54:00:c6:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvMtj4grnwGpO3IlgRmNrpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNzk4ZjBmZTRmNGRmZmRmZWQyYzhlNjJkMjM1NDMwZjQ5
Mzc3Y2QwHhcNMjMxMTE0MDcyMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UzZDQ1MjVhOTc4YzRhZGEwYjA5NjRlYzM5YjI4Yjg1NzM3NTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg021yVfKdQBD4AZo2RTiOGWeLQkt
f3v5zsC/OXvaUF2Zwd+DTA+UjMVjYuPfa5EU1V7xgTo6fHxzSeUTPPWU/wwbZKHD
tTgvo+yQLnS48+4D/as9GVBbVf4CQ+ozWigYq+P8D51/pezqouCjI9LCPRB/KomP
tvWf36yGrOzWg1W285d+BqlBwbTmQ9mnAllOF5VACM/KouF0gxIvBf9lN4C4A/sZ
7Xkps50V3eHQIC5jZiUVDgO8Dq+zKTAuGj46vtntxMV5WuUOWI74946T24tJbc1t
HPceaJaLanFUJkHMv1OmC0yNNuj2vWn05x55i6ysi+EkFnYOjgMgYcD6bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfj1FJal4xK2gsJZOw5souFc3WIMB8GA1UdIwQY
MBaAFGp5jw/k9N/9/tLI5i0jVDD0k3fNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMt
NzdjZjgxMDQxMDgzLzEvWi1QVVVscVhqRXJhQ3dsazdEbXlpNFZ6ZFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMtNzdjZjgxMDQxMDgz
LzEvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4ncMA0G
CSqGSIb3DQEBCwUAA4IBAQDEK8SGeLe+8SxXOL8Bns5ejVaQ7+4jDjAimupynizH
Tf8CVawkHg7IIdCgLMMzZk5+hrdtEV7fPa5tQz+hj+wLp6PeRIFqakGWH20hYc3a
7bXeS1GLupKL44j7svCXZ7025PF94zkkwBAHixW/GeDtnUy2DTg7QwdaCAFseJqQ
ywLk8AkNJTXzC6l8Hh+RrAzWIIM1J8CYEWdWxLfNVKhCmQPXD06zjQkJ917vlwvL
2wFvKQPxThlvTGIJUke9XoVlOcgOQPIcbctm+kalMy0dqZCHBafzzsnlgYUL934z
pkpyclq3f8ucC6ZoS9xiNK2Z9NiRQgzz95o0U11UAMbk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org