Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/SzbZ3sJcnURUGoUtBYBapNbrZTw.roa
File:                     SzbZ3sJcnURUGoUtBYBapNbrZTw.roa (raw, json)
Hash identifier:          Cuqzp7Nf85cfd1iyrNcgH6KJ3TMuw77+mFL5NKVrY08=
Subject key identifier:   4B:36:D9:DE:C2:5C:9D:44:54:1A:85:2D:05:80:5A:A4:D6:EB:65:3C
Certificate issuer:       /CN=de14a429e6658abb70a3792c172d7ed62eb8fa26
Certificate serial:       018B52BCA3B922EAF5AC5328D41DDA34528C
Authority key identifier: DE:14:A4:29:E6:65:8A:BB:70:A3:79:2C:17:2D:7E:D6:2E:B8:FA:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hSkKeZlirtwo3ksFy1-1i64-iY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/SzbZ3sJcnURUGoUtBYBapNbrZTw.roa
Signing time:             Sat 21 Oct 2023 14:56:16 +0000
ROA not before:           Sat 21 Oct 2023 14:56:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62105
IP address blocks:        185.128.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:52:bc:a3:b9:22:ea:f5:ac:53:28:d4:1d:da:34:52:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de14a429e6658abb70a3792c172d7ed62eb8fa26
        Validity
            Not Before: Oct 21 14:56:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b36d9dec25c9d44541a852d05805aa4d6eb653c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f1:6c:f9:67:df:6f:10:14:9d:60:e7:45:1e:
                    4a:40:7b:6c:cc:f1:e7:5e:c8:ea:b7:19:46:9c:48:
                    3e:06:c6:92:d0:e2:2a:8d:11:1d:84:61:66:b3:cb:
                    20:50:b6:e3:91:ee:cb:85:9a:99:4b:be:ff:80:7a:
                    59:87:63:95:a4:b0:03:43:38:fa:1b:d2:49:b2:29:
                    e4:eb:4c:34:b5:81:67:22:6e:ba:e6:14:a3:c4:92:
                    16:a5:9e:01:00:2e:f9:a3:36:12:8f:35:29:43:23:
                    b1:4d:48:23:d8:47:e3:8a:b1:d6:cb:8a:39:4c:fb:
                    08:9f:6b:fd:6f:ed:c8:1a:ee:10:bd:c3:97:30:35:
                    9b:c9:9f:79:11:d7:24:dd:54:57:f6:8a:95:6d:1d:
                    0c:1a:7c:58:8d:39:f6:41:08:5b:b5:ef:7d:49:4c:
                    b8:f5:74:07:80:fe:0b:98:61:cd:2a:e5:89:ae:d7:
                    43:75:19:1e:af:e3:af:fa:31:28:19:ea:a7:4f:52:
                    d9:49:43:fa:11:5e:6d:6a:0d:48:3c:01:f8:62:a2:
                    18:46:b0:81:6b:67:c2:d0:48:1b:7b:10:bb:b3:e0:
                    2d:57:08:8a:5c:87:36:b0:77:ef:7f:35:10:52:2c:
                    ef:98:ea:67:ed:69:ac:1d:d7:27:57:23:e2:3c:75:
                    fb:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:36:D9:DE:C2:5C:9D:44:54:1A:85:2D:05:80:5A:A4:D6:EB:65:3C
            X509v3 Authority Key Identifier:
                keyid:DE:14:A4:29:E6:65:8A:BB:70:A3:79:2C:17:2D:7E:D6:2E:B8:FA:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hSkKeZlirtwo3ksFy1-1i64-iY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/SzbZ3sJcnURUGoUtBYBapNbrZTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/3hSkKeZlirtwo3ksFy1-1i64-iY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.128.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:52:78:95:35:3f:37:4e:93:28:4d:e1:e4:7c:18:c4:ab:3e:
         7b:2b:09:0c:eb:cc:00:f3:45:50:f4:63:1b:9e:10:a6:e8:83:
         6b:7f:c8:9f:62:6d:c3:f0:ca:3b:67:a2:d1:03:c4:f4:b7:79:
         2e:60:ff:49:08:0d:22:e3:dd:1e:33:70:9c:10:3a:ec:ae:ac:
         cf:9e:a7:00:22:5e:c4:1b:4c:97:fb:97:84:db:0b:30:b8:b5:
         1e:c5:98:b8:5b:e0:a4:38:cd:a3:ef:3d:af:5e:63:e8:43:c8:
         33:08:e7:ee:86:94:e8:5e:25:84:dc:2a:c4:5c:5b:73:08:30:
         5e:15:74:d4:2f:f2:f5:81:b1:5a:1f:8b:a2:78:b5:7c:e5:41:
         b2:ad:d2:13:1e:e4:7c:2c:a0:73:b3:2c:58:0b:a4:6d:17:04:
         6b:2b:ae:d9:e2:e8:56:9a:0b:0a:12:87:b6:55:48:25:66:2b:
         45:7a:ed:c3:13:24:fb:b2:ee:32:a2:8f:fa:bc:68:11:b3:12:
         ce:27:80:cf:f5:84:c2:83:b0:30:7f:f9:48:8b:cd:ab:d2:33:
         9f:34:d5:0f:54:8b:4c:af:99:06:7d:bc:d6:31:2e:75:bc:aa:
         91:33:da:66:c4:bb:15:52:55:2a:2a:7c:bd:d5:e2:c1:03:56:
         32:73:b6:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtSvKO5Iur1rFMo1B3aNFKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTRhNDI5ZTY2NThhYmI3MGEzNzkyYzE3MmQ3ZWQ2MmVi
OGZhMjYwHhcNMjMxMDIxMTQ1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM2ZDlkZWMyNWM5ZDQ0NTQxYTg1MmQwNTgwNWFhNGQ2ZWI2NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/Fs+WffbxAUnWDnRR5KQHtszPHn
XsjqtxlGnEg+BsaS0OIqjREdhGFms8sgULbjke7LhZqZS77/gHpZh2OVpLADQzj6
G9JJsink60w0tYFnIm665hSjxJIWpZ4BAC75ozYSjzUpQyOxTUgj2EfjirHWy4o5
TPsIn2v9b+3IGu4QvcOXMDWbyZ95Edck3VRX9oqVbR0MGnxYjTn2QQhbte99SUy4
9XQHgP4LmGHNKuWJrtdDdRker+Ov+jEoGeqnT1LZSUP6EV5tag1IPAH4YqIYRrCB
a2fC0EgbexC7s+AtVwiKXIc2sHfvfzUQUizvmOpn7WmsHdcnVyPiPHX7uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEs22d7CXJ1EVBqFLQWAWqTW62U8MB8GA1UdIwQY
MBaAFN4UpCnmZYq7cKN5LBctftYuuPomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hTa0tlWmxpcnR3bzNrc0Z5MS0xaTY0LWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83M2QxOTctMzNjMC00MmU4LWEyOTEt
MDVkOWMxY2Q3NDI1LzEvU3piWjNzSmNuVVJVR29VdEJZQmFwTmJyWlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83M2QxOTctMzNjMC00MmU4LWEyOTEtMDVkOWMxY2Q3NDI1
LzEvM2hTa0tlWmxpcnR3bzNrc0Z5MS0xaTY0LWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYALMA0G
CSqGSIb3DQEBCwUAA4IBAQDMUniVNT83TpMoTeHkfBjEqz57KwkM68wA80VQ9GMb
nhCm6INrf8ifYm3D8Mo7Z6LRA8T0t3kuYP9JCA0i490eM3CcEDrsrqzPnqcAIl7E
G0yX+5eE2wswuLUexZi4W+CkOM2j7z2vXmPoQ8gzCOfuhpToXiWE3CrEXFtzCDBe
FXTUL/L1gbFaH4uieLV85UGyrdITHuR8LKBzsyxYC6RtFwRrK67Z4uhWmgsKEoe2
VUglZitFeu3DEyT7su4yoo/6vGgRsxLOJ4DP9YTCg7Awf/lIi82r0jOfNNUPVItM
r5kGfbzWMS51vKqRM9pmxLsVUlUqKny91eLBA1Yyc7aB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:45 2024 by rpki-client on console-fra.rpki-client.org