Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z1HwNFvNMK6bnsG6hlE8AeYQ2x4.roa
File:                     z1HwNFvNMK6bnsG6hlE8AeYQ2x4.roa (raw, json)
Hash identifier:          ayUwCJoPmKy2dX2y77O20h1Mqpvs3ppcB7/G266iiKY=
Subject key identifier:   CF:51:F0:34:5B:CD:30:AE:9B:9E:C1:BA:86:51:3C:01:E6:10:DB:1E
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D81F23A3FF5E15B9B30EA4500B19AF6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z1HwNFvNMK6bnsG6hlE8AeYQ2x4.roa
Signing time:             Sun 01 Jan 2023 13:25:10 +0000
ROA not before:           Sun 01 Jan 2023 13:25:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50368
IP address blocks:        87.121.128.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:f2:3a:3f:f5:e1:5b:9b:30:ea:45:00:b1:9a:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf51f0345bcd30ae9b9ec1ba86513c01e610db1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ee:84:92:7b:6b:92:63:b1:1c:b6:e2:14:d6:
                    97:78:a3:1f:af:cc:f8:04:45:35:e4:30:76:90:7e:
                    55:b5:4d:fe:4a:9f:0d:b7:f3:43:ef:e0:c0:31:bf:
                    bd:71:8c:f3:c6:6e:1c:df:17:07:da:19:1c:96:f9:
                    9a:7e:e0:a1:16:70:d1:61:b4:e1:e2:18:65:58:f0:
                    50:74:15:7d:47:a3:2f:0d:e1:5e:a3:1c:4b:98:bd:
                    97:83:40:66:47:20:3f:80:7e:df:4b:d9:45:f3:07:
                    ea:1c:0d:3e:0f:e6:52:c1:30:dc:5b:36:a2:d5:44:
                    d5:31:04:f9:30:22:fc:1f:a5:4b:86:1f:45:3a:e9:
                    75:13:e7:19:e8:17:45:37:5a:78:a2:f3:78:48:30:
                    75:3b:a7:15:66:b2:2b:cc:3f:89:f9:ae:41:fc:a9:
                    f5:c5:36:ca:d7:46:d9:7f:05:66:54:b3:ea:ac:36:
                    05:19:76:7d:3d:8b:54:67:40:68:9c:3e:1e:08:2d:
                    7a:58:6e:f2:72:f1:64:dc:e3:ba:11:35:a2:95:c1:
                    6b:48:ac:cf:10:6b:4c:4b:fc:51:91:b3:0e:09:25:
                    49:95:3e:5f:f9:ea:91:ba:15:b2:f8:c5:c8:77:94:
                    16:ab:34:bb:b3:58:76:6f:53:62:3a:94:bb:fa:81:
                    b2:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:51:F0:34:5B:CD:30:AE:9B:9E:C1:BA:86:51:3C:01:E6:10:DB:1E
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z1HwNFvNMK6bnsG6hlE8AeYQ2x4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.121.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         52:f2:fe:bd:93:40:48:1d:26:5c:75:de:20:f5:ff:7e:a4:88:
         05:da:88:99:cf:b2:db:e3:2d:61:24:3e:43:af:c0:e3:86:68:
         13:b3:fc:ae:85:b6:da:99:9a:cb:f1:53:17:89:22:2d:6e:16:
         b9:15:51:4b:83:f9:8f:ee:18:30:73:53:7a:29:27:ff:9c:f9:
         53:91:87:dd:60:78:9a:f4:64:14:d7:aa:21:11:8a:ad:cd:40:
         d3:3a:ad:f0:1a:de:9e:0b:c5:db:59:dc:5b:8f:7f:9b:00:56:
         88:09:f5:d0:44:35:59:82:69:c3:ee:50:0e:71:5e:5a:2f:04:
         ef:31:94:c1:29:f4:e1:ea:32:49:8d:70:b2:ab:74:e5:c6:63:
         54:c3:1a:b8:89:7d:08:6c:fc:5b:78:3b:16:17:88:67:ab:86:
         5c:ca:f5:3b:8a:bc:95:0d:51:66:67:5e:6e:92:20:ff:21:9f:
         13:08:b7:08:31:a2:02:c1:16:5d:4e:d6:8a:a7:16:fb:8e:94:
         25:10:c7:7f:c9:e6:96:68:be:02:75:af:11:64:48:56:76:5f:
         e7:7c:a9:17:1d:92:3f:da:16:84:d5:8b:bc:cd:ea:e9:97:7d:
         38:b5:07:7c:08:74:d1:a2:62:45:3f:5d:78:71:8e:bc:31:8b:
         b1:e2:59:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgfI6P/XhW5sw6kUAsZr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjUxZjAzNDViY2QzMGFlOWI5ZWMxYmE4NjUxM2MwMWU2MTBkYjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu6EkntrkmOxHLbiFNaXeKMfr8z4
BEU15DB2kH5VtU3+Sp8Nt/ND7+DAMb+9cYzzxm4c3xcH2hkclvmafuChFnDRYbTh
4hhlWPBQdBV9R6MvDeFeoxxLmL2Xg0BmRyA/gH7fS9lF8wfqHA0+D+ZSwTDcWzai
1UTVMQT5MCL8H6VLhh9FOul1E+cZ6BdFN1p4ovN4SDB1O6cVZrIrzD+J+a5B/Kn1
xTbK10bZfwVmVLPqrDYFGXZ9PYtUZ0BonD4eCC16WG7ycvFk3OO6ETWilcFrSKzP
EGtMS/xRkbMOCSVJlT5f+eqRuhWy+MXId5QWqzS7s1h2b1NiOpS7+oGygQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9R8DRbzTCum57BuoZRPAHmENseMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvejFId05Gdk5NSzZibnNHNmhsRThBZVlRMng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV3mAMA0G
CSqGSIb3DQEBCwUAA4IBAQBS8v69k0BIHSZcdd4g9f9+pIgF2oiZz7Lb4y1hJD5D
r8DjhmgTs/yuhbbamZrL8VMXiSItbha5FVFLg/mP7hgwc1N6KSf/nPlTkYfdYHia
9GQU16ohEYqtzUDTOq3wGt6eC8XbWdxbj3+bAFaICfXQRDVZgmnD7lAOcV5aLwTv
MZTBKfTh6jJJjXCyq3TlxmNUwxq4iX0IbPxbeDsWF4hnq4ZcyvU7iryVDVFmZ15u
kiD/IZ8TCLcIMaICwRZdTtaKpxb7jpQlEMd/yeaWaL4Cda8RZEhWdl/nfKkXHZI/
2haE1Yu8zerpl304tQd8CHTRomJFP114cY68MYux4llt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:22 2024 by rpki-client on console-fra.rpki-client.org