Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/ZwO9yHczwHNbYK5lxbI_eyBlCpo.roa
File:                     ZwO9yHczwHNbYK5lxbI_eyBlCpo.roa (raw, json)
Hash identifier:          mr+0zwBi+LUvC4aa8Zgcnwq45knWJ+B0um4FJSCUfPE=
Subject key identifier:   67:03:BD:C8:77:33:C0:73:5B:60:AE:65:C5:B2:3F:7B:20:65:0A:9A
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       0186C14921C870677B3978AF265B9A0B8FBE
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/ZwO9yHczwHNbYK5lxbI_eyBlCpo.roa
Signing time:             Wed 08 Mar 2023 12:54:00 +0000
ROA not before:           Wed 08 Mar 2023 12:54:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     149766
IP address blocks:        185.84.160.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c1:49:21:c8:70:67:7b:39:78:af:26:5b:9a:0b:8f:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Mar  8 12:54:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6703bdc87733c0735b60ae65c5b23f7b20650a9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:75:eb:45:eb:aa:f3:bc:e9:4d:49:72:2a:6b:
                    68:e6:9a:e4:a3:88:88:9d:63:45:14:1f:24:cf:db:
                    5e:00:5d:3f:35:f9:59:db:8b:8a:ef:34:5e:f3:cd:
                    c0:d1:5b:f5:8c:08:98:a3:48:14:9f:28:6e:e8:c4:
                    84:db:44:96:c7:d3:8d:8b:b7:f6:6a:c2:86:9b:a8:
                    ae:dc:72:0b:6a:36:5c:ba:b3:8a:9e:bc:20:eb:27:
                    c1:fe:88:76:47:5f:f7:1b:27:07:f7:8f:d9:0e:d5:
                    28:78:bd:77:d1:b6:0b:b4:8f:bc:d1:8c:cf:0a:0b:
                    51:44:70:02:d3:d9:72:24:f1:82:0c:5c:4a:5e:59:
                    14:0f:41:c0:64:ea:cd:d1:c1:73:7c:09:43:07:dc:
                    8c:1d:dd:ca:37:b3:5b:9f:0d:e9:1a:95:8b:69:bd:
                    0d:2b:dc:37:a1:c9:2f:3b:5e:46:4d:42:5a:27:db:
                    61:1b:a4:00:eb:09:1a:18:96:1d:e9:1c:1b:da:e2:
                    0f:2f:81:06:f0:fa:71:1a:a8:db:33:67:f1:e5:3a:
                    af:e1:6d:c8:a5:af:29:3e:e2:fb:48:01:a1:50:16:
                    28:50:23:f8:ca:bd:0b:80:b1:1b:37:58:c0:14:6a:
                    e1:e3:54:eb:29:a9:5b:5a:1f:9d:2c:4c:42:36:83:
                    e6:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:03:BD:C8:77:33:C0:73:5B:60:AE:65:C5:B2:3F:7B:20:65:0A:9A
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/ZwO9yHczwHNbYK5lxbI_eyBlCpo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ee:64:b9:2e:c6:a1:81:e1:26:58:6e:0e:c2:ad:cd:3a:6a:3a:
         d3:3e:b1:bb:20:96:bb:5f:27:b5:45:2f:3f:cf:4b:2a:06:5d:
         6b:75:81:7e:46:0e:43:92:e0:9f:02:10:7a:a9:c3:72:a7:8a:
         a0:87:80:64:e3:36:22:2d:c8:28:fd:e9:9d:b2:34:c0:4e:ff:
         5a:fc:f4:54:8e:a0:2a:2f:3a:32:3a:45:4d:3c:3c:46:09:e2:
         d5:32:84:d2:d8:7f:fa:47:af:3f:65:9f:5a:ae:20:4d:f2:b6:
         1a:7c:a3:51:ea:e8:24:6c:9e:75:5f:e0:7a:d9:ba:1b:5c:fe:
         fc:7b:54:7b:cf:10:e6:8b:c4:7d:fb:f5:42:db:1d:8c:af:0d:
         2d:e6:16:f1:6e:69:52:01:61:f4:f5:d3:32:30:63:8a:90:f1:
         e7:45:61:36:18:32:36:30:2b:94:40:1a:0f:85:5b:25:af:f9:
         15:94:65:fc:97:a8:75:b5:86:32:e2:b3:76:2e:cb:f2:31:c5:
         90:e5:c6:b5:6b:a6:34:c7:61:de:2a:8b:ab:d0:2e:00:25:69:
         58:de:0f:d7:b1:80:4e:13:1d:98:15:56:f0:37:61:71:9e:31:
         c9:3d:90:ee:9f:e5:be:4c:7f:01:b1:3c:12:f0:6f:bb:d4:49:
         fa:aa:06:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbBSSHIcGd7OXivJluaC4++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMwMzA4MTI1NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzAzYmRjODc3MzNjMDczNWI2MGFlNjVjNWIyM2Y3YjIwNjUwYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunXrReuq87zpTUlyKmto5prko4iI
nWNFFB8kz9teAF0/NflZ24uK7zRe883A0Vv1jAiYo0gUnyhu6MSE20SWx9ONi7f2
asKGm6iu3HILajZcurOKnrwg6yfB/oh2R1/3GycH94/ZDtUoeL130bYLtI+80YzP
CgtRRHAC09lyJPGCDFxKXlkUD0HAZOrN0cFzfAlDB9yMHd3KN7Nbnw3pGpWLab0N
K9w3ockvO15GTUJaJ9thG6QA6wkaGJYd6Rwb2uIPL4EG8PpxGqjbM2fx5Tqv4W3I
pa8pPuL7SAGhUBYoUCP4yr0LgLEbN1jAFGrh41TrKalbWh+dLExCNoPmvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcDvch3M8BzW2CuZcWyP3sgZQqaMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvWndPOXlIY3p3SE5iWUs1bHhiSV9leUJsQ3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVSgMA0G
CSqGSIb3DQEBCwUAA4IBAQDuZLkuxqGB4SZYbg7Crc06ajrTPrG7IJa7Xye1RS8/
z0sqBl1rdYF+Rg5DkuCfAhB6qcNyp4qgh4Bk4zYiLcgo/emdsjTATv9a/PRUjqAq
LzoyOkVNPDxGCeLVMoTS2H/6R68/ZZ9ariBN8rYafKNR6ugkbJ51X+B62bobXP78
e1R7zxDmi8R9+/VC2x2Mrw0t5hbxbmlSAWH09dMyMGOKkPHnRWE2GDI2MCuUQBoP
hVslr/kVlGX8l6h1tYYy4rN2LsvyMcWQ5ca1a6Y0x2HeKour0C4AJWlY3g/XsYBO
Ex2YFVbwN2FxnjHJPZDun+W+TH8BsTwS8G+71En6qgZA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org