Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dzB0FIFa06BVkTAHqMwUijYC7o0.roa
File:                     dzB0FIFa06BVkTAHqMwUijYC7o0.roa (raw, json)
Hash identifier:          CYDNzYHnvFlNbMAR6VFSwY5vHZuczuhM3RvLwPSfT1U=
Subject key identifier:   77:30:74:14:81:5A:D3:A0:55:91:30:07:A8:CC:14:8A:36:02:EE:8D
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018722582CE4D55251DAF7497C9787124235
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dzB0FIFa06BVkTAHqMwUijYC7o0.roa
Signing time:             Mon 27 Mar 2023 09:13:36 +0000
ROA not before:           Mon 27 Mar 2023 09:13:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     17447
IP address blocks:        195.133.73.0/24 maxlen: 24
                          194.87.162.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Mar 2023 13:47:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:22:58:2c:e4:d5:52:51:da:f7:49:7c:97:87:12:42:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar 27 09:13:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77307414815ad3a055913007a8cc148a3602ee8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:9a:4a:bc:9b:1b:36:a7:36:f2:b8:75:4a:23:
                    55:e3:f3:0a:eb:83:3e:5c:df:84:ef:36:8d:45:80:
                    ec:b1:2f:be:ab:f1:b8:64:7d:7c:56:23:51:88:cb:
                    e1:1f:8e:f7:dc:a9:67:43:54:f5:46:6a:4b:6a:09:
                    c2:cf:4a:3e:55:69:38:a8:b1:04:7e:3c:4c:a6:35:
                    7c:81:86:8c:79:0e:2f:87:60:c0:ec:f9:fe:26:b7:
                    34:44:2f:0c:07:22:3f:b5:56:49:e7:89:23:8b:47:
                    a9:0a:f0:a9:27:82:6d:d2:17:c6:04:26:e6:2a:90:
                    0f:dd:98:ff:92:04:9d:1f:3d:0b:4a:69:17:85:20:
                    a0:01:74:c8:10:db:46:ac:f9:25:1e:07:c2:a4:e0:
                    8c:19:5d:54:e5:4c:a4:22:b8:8e:39:df:28:80:0d:
                    b4:69:ef:88:70:1f:a0:fd:14:e9:a2:02:ac:c4:fe:
                    bc:01:59:e9:89:77:7f:b5:63:b7:35:39:dd:8d:be:
                    80:6c:37:94:03:7b:4f:6a:20:59:2a:b1:a2:7a:16:
                    1d:3f:5b:78:81:09:9a:36:00:aa:eb:be:b2:cd:a6:
                    8b:de:66:4d:42:d1:bc:a4:1b:3d:74:14:56:a5:65:
                    8f:19:0d:d8:70:52:dd:43:a5:f7:79:27:d9:63:f2:
                    82:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:30:74:14:81:5A:D3:A0:55:91:30:07:A8:CC:14:8A:36:02:EE:8D
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/dzB0FIFa06BVkTAHqMwUijYC7o0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.162.0/24
                  195.133.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:19:81:37:bb:68:4d:7c:0d:18:76:f8:b9:6a:6a:b4:74:96:
         48:ab:f0:a7:b3:8c:9a:34:cc:57:dc:5e:67:d2:54:57:15:28:
         fd:15:9b:3b:1c:56:ee:d3:06:b2:1e:55:93:34:6a:f3:f4:32:
         50:68:4e:6c:60:64:b0:77:4c:3a:41:a5:f6:86:80:e5:da:4a:
         72:31:7c:c7:92:e1:9f:5d:8b:1e:2e:e2:b8:25:de:10:13:ab:
         fa:4c:11:20:be:40:5b:e5:70:db:b1:b7:14:9e:9f:c0:c3:d0:
         ff:83:dd:72:b6:19:38:cb:bf:a1:4b:f5:cf:77:0b:6d:e9:89:
         79:44:05:49:db:52:dd:87:ee:3c:87:e7:7b:54:75:f8:12:a8:
         0b:3c:a7:d9:17:96:1e:2f:d7:d7:17:f2:1f:d3:62:0b:f6:fd:
         0d:ce:c0:0c:18:fb:ef:71:bc:43:1f:0e:4f:ca:05:dc:d6:8d:
         c0:77:83:39:fa:fc:53:79:61:3b:bb:e0:78:70:81:63:ef:83:
         a2:8a:36:a0:4e:ca:92:82:02:33:27:5d:7a:bb:1c:df:2b:91:
         ae:a4:0e:38:b3:77:88:99:45:d0:c2:60:f9:04:11:81:db:57:
         95:65:c8:b8:96:b0:17:b6:d6:c0:52:69:cb:c8:c1:9a:7e:99:
         2f:e4:9f:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYciWCzk1VJR2vdJfJeHEkI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzI3MDkxMzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzMwNzQxNDgxNWFkM2EwNTU5MTMwMDdhOGNjMTQ4YTM2MDJlZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZpKvJsbNqc28rh1SiNV4/MK64M+
XN+E7zaNRYDssS++q/G4ZH18ViNRiMvhH4733KlnQ1T1RmpLagnCz0o+VWk4qLEE
fjxMpjV8gYaMeQ4vh2DA7Pn+Jrc0RC8MByI/tVZJ54kji0epCvCpJ4Jt0hfGBCbm
KpAP3Zj/kgSdHz0LSmkXhSCgAXTIENtGrPklHgfCpOCMGV1U5UykIriOOd8ogA20
ae+IcB+g/RTpogKsxP68AVnpiXd/tWO3NTndjb6AbDeUA3tPaiBZKrGiehYdP1t4
gQmaNgCq676yzaaL3mZNQtG8pBs9dBRWpWWPGQ3YcFLdQ6X3eSfZY/KCfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHcwdBSBWtOgVZEwB6jMFIo2Au6NMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZHpCMEZJRmEwNkJWa1RBSHFNd1VpallDN28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwleiAwQA
w4VJMA0GCSqGSIb3DQEBCwUAA4IBAQAzGYE3u2hNfA0Ydvi5amq0dJZIq/Cns4ya
NMxX3F5n0lRXFSj9FZs7HFbu0wayHlWTNGrz9DJQaE5sYGSwd0w6QaX2hoDl2kpy
MXzHkuGfXYseLuK4Jd4QE6v6TBEgvkBb5XDbsbcUnp/Aw9D/g91ythk4y7+hS/XP
dwtt6Yl5RAVJ21Ldh+48h+d7VHX4EqgLPKfZF5YeL9fXF/If02IL9v0NzsAMGPvv
cbxDHw5PygXc1o3Ad4M5+vxTeWE7u+B4cIFj74OiijagTsqSggIzJ116uxzfK5Gu
pA44s3eImUXQwmD5BBGB21eVZci4lrAXttbAUmnLyMGafpkv5J/P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:22 2024 by rpki-client on console-fra.rpki-client.org