Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/zkHA1O9a-iqxtgVzfEoL09YU8NQ.roa
File:                     zkHA1O9a-iqxtgVzfEoL09YU8NQ.roa (raw, json)
Hash identifier:          xu6OIorb5xIp8EsR+yUv57lnNFXYmbGn6I2PFSzFP98=
Subject key identifier:   CE:41:C0:D4:EF:5A:FA:2A:B1:B6:05:73:7C:4A:0B:D3:D6:14:F0:D4
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       018DA7F9CB6CA0E00982052BB277E8DA450C
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/zkHA1O9a-iqxtgVzfEoL09YU8NQ.roa
Signing time:             Wed 14 Feb 2024 14:16:22 +0000
ROA not before:           Wed 14 Feb 2024 14:16:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199760
IP address blocks:        212.30.38.0/24 maxlen: 24
                          212.30.44.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sat 17 Feb 2024 16:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a7:f9:cb:6c:a0:e0:09:82:05:2b:b2:77:e8:da:45:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Feb 14 14:16:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ce41c0d4ef5afa2ab1b605737c4a0bd3d614f0d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ca:a3:47:b2:ae:54:04:11:e2:6a:8c:a0:ce:
                    5e:5c:f1:75:20:27:e5:6b:1c:88:e9:f7:de:37:05:
                    2c:e7:b9:b4:39:21:6d:2e:51:1d:c6:ea:fe:64:33:
                    1c:9f:10:f1:a6:d6:31:4b:34:30:d4:f3:64:06:8e:
                    d8:af:f6:57:31:f3:a3:fa:2a:0b:cc:0b:ba:c5:85:
                    be:25:fc:a0:7a:c7:59:27:b7:91:51:65:37:d7:43:
                    e5:92:62:f4:de:a1:2a:92:d4:29:6e:b4:2a:cc:2a:
                    40:4d:69:3d:56:56:44:38:6b:b5:86:ca:c5:ca:b5:
                    0d:0a:05:aa:79:a5:b9:87:67:fa:55:32:e2:c6:34:
                    4a:9c:84:42:3e:61:f8:b4:7d:ef:35:2a:94:3c:0f:
                    19:6d:97:dd:45:28:22:ff:1f:5b:91:a0:6a:3d:03:
                    22:e6:8d:ed:1d:ca:04:4d:9f:8e:6a:42:bc:a4:ad:
                    c1:c8:76:b4:fe:b4:30:e5:a7:8d:8a:6b:2b:56:4f:
                    c1:ef:00:83:a3:59:9e:47:79:81:f6:20:39:4f:f9:
                    8a:95:88:f9:ea:be:33:8a:0b:a2:d2:86:4a:d0:0c:
                    21:b4:00:3f:21:99:47:fc:59:5f:07:8d:ef:e9:43:
                    4d:e5:ad:9b:49:b0:f5:f1:68:73:75:03:ff:b5:8a:
                    e1:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:41:C0:D4:EF:5A:FA:2A:B1:B6:05:73:7C:4A:0B:D3:D6:14:F0:D4
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/zkHA1O9a-iqxtgVzfEoL09YU8NQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.30.38.0/24
                  212.30.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:f6:3d:b1:1d:50:78:e1:74:1d:82:3e:7b:f2:30:55:c6:c3:
         04:09:80:c2:3e:6d:46:4d:76:a9:a3:b3:cd:ed:e2:dc:2d:54:
         16:d5:0d:3a:d0:54:ce:5d:8a:2f:d7:7e:e4:2d:6e:55:b5:ca:
         07:85:e4:21:6b:a3:ab:4c:09:d4:e0:96:63:f4:be:ad:7e:96:
         05:93:5f:c0:b5:20:a2:38:8f:7f:1d:71:f8:9d:c8:f3:9f:a3:
         39:ba:94:89:2d:a1:e1:0c:13:30:7b:72:7f:f9:d6:5f:d5:a2:
         07:88:8e:c8:61:85:b6:d0:46:32:6c:c2:c2:f0:73:f0:2b:bf:
         98:d2:60:e9:f8:8f:51:31:91:25:2f:bb:9a:10:b6:03:17:96:
         75:4d:23:68:74:b9:97:53:cd:37:b1:3f:03:de:0a:07:ab:b4:
         64:a4:1d:94:14:1b:ca:1c:fe:7b:b0:a8:85:8c:bf:85:f4:ff:
         69:a8:77:b3:5f:93:da:98:c4:24:99:9b:e4:18:8f:d0:c0:e6:
         3a:1d:a5:e3:0c:82:d7:e3:9a:f1:ac:55:ce:44:88:cf:60:27:
         dd:61:64:8b:d4:be:f8:d0:c6:7c:a6:83:03:58:ee:fa:27:90:
         b9:6b:be:ec:15:b2:c9:11:91:33:3b:25:f4:73:b6:8e:51:68:
         9e:ce:95:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2n+ctsoOAJggUrsnfo2kUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMjE0MTQxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTQxYzBkNGVmNWFmYTJhYjFiNjA1NzM3YzRhMGJkM2Q2MTRmMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsqjR7KuVAQR4mqMoM5eXPF1ICfl
axyI6ffeNwUs57m0OSFtLlEdxur+ZDMcnxDxptYxSzQw1PNkBo7Yr/ZXMfOj+ioL
zAu6xYW+JfygesdZJ7eRUWU310PlkmL03qEqktQpbrQqzCpATWk9VlZEOGu1hsrF
yrUNCgWqeaW5h2f6VTLixjRKnIRCPmH4tH3vNSqUPA8ZbZfdRSgi/x9bkaBqPQMi
5o3tHcoETZ+OakK8pK3ByHa0/rQw5aeNimsrVk/B7wCDo1meR3mB9iA5T/mKlYj5
6r4zigui0oZK0AwhtAA/IZlH/FlfB43v6UNN5a2bSbD18WhzdQP/tYrhDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM5BwNTvWvoqsbYFc3xKC9PWFPDUMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvemtIQTFPOWEtaXF4dGdWemZFb0wwOVlVOE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1B4mAwQC
1B4sMA0GCSqGSIb3DQEBCwUAA4IBAQAo9j2xHVB44XQdgj578jBVxsMECYDCPm1G
TXapo7PN7eLcLVQW1Q060FTOXYov137kLW5VtcoHheQha6OrTAnU4JZj9L6tfpYF
k1/AtSCiOI9/HXH4ncjzn6M5upSJLaHhDBMwe3J/+dZf1aIHiI7IYYW20EYybMLC
8HPwK7+Y0mDp+I9RMZElL7uaELYDF5Z1TSNodLmXU803sT8D3goHq7RkpB2UFBvK
HP57sKiFjL+F9P9pqHezX5PamMQkmZvkGI/QwOY6HaXjDILX45rxrFXORIjPYCfd
YWSL1L740MZ8poMDWO76J5C5a77sFbLJEZEzOyX0c7aOUWiezpXv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:28 2024 by rpki-client on console-ams.rpki-client.org