Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/a1-ZBX977igtbgTsioPhClOZExU.roa
File:                     a1-ZBX977igtbgTsioPhClOZExU.roa (raw, json)
Hash identifier:          6xT/7MoJnzeVyoj1r0KVrX2p9H3svzeyHveAbWGpoWg=
Subject key identifier:   6B:5F:99:05:7F:7B:EE:28:2D:6E:04:EC:8A:83:E1:0A:53:99:13:15
Certificate issuer:       /CN=f177817124f20772743bd30594a8853b2bdec6aa
Certificate serial:       018CC94E37684EAF54EBAF3903D67BB2BA1B
Authority key identifier: F1:77:81:71:24:F2:07:72:74:3B:D3:05:94:A8:85:3B:2B:DE:C6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/a1-ZBX977igtbgTsioPhClOZExU.roa
Signing time:             Tue 02 Jan 2024 08:33:15 +0000
ROA not before:           Tue 02 Jan 2024 08:33:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49935
IP address blocks:        185.94.136.0/22 maxlen: 27
                          185.1.243.0/24 maxlen: 28
                          195.62.90.0/23 maxlen: 27
                          185.135.191.0/24 maxlen: 27
                          2a10:1740::/29 maxlen: 126
                          2001:7f8:12d::/48 maxlen: 126
                          2001:678:9ac::/48 maxlen: 126

Validation:               Failed, certificate revoked on Mon 27 May 2024 15:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:37:68:4e:af:54:eb:af:39:03:d6:7b:b2:ba:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f177817124f20772743bd30594a8853b2bdec6aa
        Validity
            Not Before: Jan  2 08:33:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6b5f99057f7bee282d6e04ec8a83e10a53991315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4c:0d:4d:b3:d8:79:6c:88:43:42:72:6c:63:
                    83:1e:30:a4:47:c8:1b:fd:b9:27:18:94:6a:84:6d:
                    3d:55:b6:6c:14:14:3d:1c:d7:00:d9:e5:6b:5b:41:
                    60:92:f9:26:29:cd:65:b9:cd:04:eb:2e:43:d4:c4:
                    e6:43:a4:3e:fa:0a:ee:4b:65:58:64:b3:cd:06:95:
                    8d:e9:b3:e1:41:7f:b1:2e:8c:1d:0d:a9:b3:22:74:
                    de:2f:d3:50:c5:98:d9:b3:8d:7b:ff:67:7a:a0:0d:
                    e7:95:ff:e5:9b:9c:b8:f3:49:1c:a3:36:83:8a:f5:
                    5f:43:49:a4:c2:4c:1a:ba:b5:c1:22:9b:07:78:d0:
                    72:93:7f:3a:cd:2a:16:53:a6:05:dc:c7:1e:6a:56:
                    89:1b:bc:f5:56:35:36:44:58:f1:14:fd:ce:4a:11:
                    56:db:a2:62:c3:86:e3:a5:14:0b:b7:da:29:5d:da:
                    64:7b:5b:df:8c:ae:23:e7:4e:a0:8a:b9:6b:af:bd:
                    da:bb:a6:e3:76:c2:4c:72:59:13:19:bf:11:3e:7b:
                    c5:ff:34:a9:e4:55:11:80:fa:8b:cc:b7:64:1e:fc:
                    f5:61:97:39:0d:32:b3:ef:75:d0:3a:0d:b4:dc:34:
                    81:eb:3c:44:8d:00:64:6f:5f:9f:68:28:66:ab:21:
                    5f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:5F:99:05:7F:7B:EE:28:2D:6E:04:EC:8A:83:E1:0A:53:99:13:15
            X509v3 Authority Key Identifier:
                keyid:F1:77:81:71:24:F2:07:72:74:3B:D3:05:94:A8:85:3B:2B:DE:C6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/a1-ZBX977igtbgTsioPhClOZExU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/8XeBcSTyB3J0O9MFlKiFOyvexqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.243.0/24
                  185.94.136.0/22
                  185.135.191.0/24
                  195.62.90.0/23
                IPv6:
                  2001:678:9ac::/48
                  2001:7f8:12d::/48
                  2a10:1740::/29

    Signature Algorithm: sha256WithRSAEncryption
         9e:57:c7:82:7b:4f:2b:31:ac:2c:6f:b5:78:49:57:5c:70:08:
         0b:a1:50:ea:69:b8:be:40:de:7a:e8:51:9b:fa:34:ef:b7:87:
         3f:79:9d:73:2b:0f:44:2b:fd:47:d0:92:b9:35:be:a7:4f:01:
         88:a9:d9:2a:48:d6:81:89:52:1e:2b:5b:79:e2:13:e3:8d:83:
         a1:9d:f2:19:37:f4:54:16:93:49:8e:4a:eb:55:ed:40:2a:68:
         10:51:ef:1a:20:5d:31:ab:8b:16:28:ef:b4:35:e2:b2:85:43:
         4b:32:b6:6b:a7:34:e1:3b:91:f4:67:e5:e6:2d:12:7c:c6:c6:
         d8:2d:b0:c6:20:8e:3e:26:98:ab:e9:e1:3f:a9:d2:9c:6c:23:
         49:f6:32:d3:9b:24:c0:a0:f6:5f:ac:da:59:ff:0e:79:90:75:
         e5:5f:2d:3f:4d:cd:a6:25:c8:84:76:29:3e:6b:89:6a:74:11:
         0f:66:c8:5a:2c:b8:78:b6:f0:20:f1:81:ab:bb:34:20:67:ab:
         f0:13:99:8f:02:86:d6:65:42:02:e5:d2:a9:66:06:46:46:f0:
         13:a6:a8:57:65:27:a9:7c:3a:6e:e4:85:19:c2:8a:9e:67:3e:
         b0:00:c9:09:d4:31:b5:be:3a:2f:4d:86:c9:c3:e6:00:fc:9f:
         27:3b:86:54
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzJTjdoTq9U6685A9Z7srobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNzc4MTcxMjRmMjA3NzI3NDNiZDMwNTk0YTg4NTNiMmJk
ZWM2YWEwHhcNMjQwMTAyMDgzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjVmOTkwNTdmN2JlZTI4MmQ2ZTA0ZWM4YTgzZTEwYTUzOTkxMzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUwNTbPYeWyIQ0JybGODHjCkR8gb
/bknGJRqhG09VbZsFBQ9HNcA2eVrW0FgkvkmKc1luc0E6y5D1MTmQ6Q++gruS2VY
ZLPNBpWN6bPhQX+xLowdDamzInTeL9NQxZjZs417/2d6oA3nlf/lm5y480kcozaD
ivVfQ0mkwkwaurXBIpsHeNByk386zSoWU6YF3McealaJG7z1VjU2RFjxFP3OShFW
26Jiw4bjpRQLt9opXdpke1vfjK4j506girlrr73au6bjdsJMclkTGb8RPnvF/zSp
5FURgPqLzLdkHvz1YZc5DTKz73XQOg203DSB6zxEjQBkb1+faChmqyFf5QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGtfmQV/e+4oLW4E7IqD4QpTmRMVMB8GA1UdIwQY
MBaAFPF3gXEk8gdydDvTBZSohTsr3saqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFhlQmNTVHlCM0owTzlNRmxLaUZPeXZleHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMDQ0ZTItYTg0Mi00OGFiLWJjNTQt
NjI1NDIyMjgyOTFjLzEvYTEtWkJYOTc3aWd0YmdUc2lvUGhDbE9aRXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMDQ0ZTItYTg0Mi00OGFiLWJjNTQtNjI1NDIyMjgyOTFj
LzEvOFhlQmNTVHlCM0owTzlNRmxLaUZPeXZleHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAeBAIAATAYAwQAuQHzAwQC
uV6IAwQAuYe/AwQBwz5aMB8EAgACMBkDBwAgAQZ4CawDBwAgAQf4AS0DBQMqEBdA
MA0GCSqGSIb3DQEBCwUAA4IBAQCeV8eCe08rMawsb7V4SVdccAgLoVDqabi+QN56
6FGb+jTvt4c/eZ1zKw9EK/1H0JK5Nb6nTwGIqdkqSNaBiVIeK1t54hPjjYOhnfIZ
N/RUFpNJjkrrVe1AKmgQUe8aIF0xq4sWKO+0NeKyhUNLMrZrpzThO5H0Z+XmLRJ8
xsbYLbDGII4+Jpir6eE/qdKcbCNJ9jLTmyTAoPZfrNpZ/w55kHXlXy0/Tc2mJciE
dik+a4lqdBEPZshaLLh4tvAg8YGruzQgZ6vwE5mPAobWZUIC5dKpZgZGRvATpqhX
ZSepfDpu5IUZwoqeZz6wAMkJ1DG1vjovTYbJw+YA/J8nO4ZU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:16 2024 by rpki-client on console-ams.rpki-client.org