Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/ztI_BiVMa_Jihk7CVg60cmaFUkg.roa
File:                     ztI_BiVMa_Jihk7CVg60cmaFUkg.roa (raw, json)
Hash identifier:          FM2AZ2yTjx7uBGBpMO2h9QJtoUEe55raIPXIeM7JHY4=
Subject key identifier:   CE:D2:3F:06:25:4C:6B:F2:62:86:4E:C2:56:0E:B4:72:66:85:52:48
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       0188A687B7E19FFAF8E55C1BF1967FD1F90E
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/ztI_BiVMa_Jihk7CVg60cmaFUkg.roa
Signing time:             Sat 10 Jun 2023 18:18:12 +0000
ROA not before:           Sat 10 Jun 2023 18:18:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        212.30.35.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jul 2023 11:37:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:a6:87:b7:e1:9f:fa:f8:e5:5c:1b:f1:96:7f:d1:f9:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Jun 10 18:18:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ced23f06254c6bf262864ec2560eb47266855248
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e6:a4:67:e6:2a:96:06:53:a8:70:e9:df:42:
                    fa:1e:b0:6b:7b:bd:db:b1:1f:fb:76:a4:41:e3:0d:
                    34:83:0b:63:a6:0e:ba:20:65:e8:36:f6:25:4a:f5:
                    19:01:74:96:44:ef:49:2e:1c:1c:a2:a9:d5:58:d7:
                    5d:fd:f2:02:25:0d:d1:5f:43:56:52:d0:2a:c5:8f:
                    b6:96:6a:6f:df:7c:2e:34:49:73:b5:eb:6b:d2:3e:
                    39:ff:f5:6e:93:70:6c:f4:26:9f:a7:1e:ae:ed:95:
                    d9:be:45:c9:19:c3:c0:3b:dd:5d:88:4d:2a:9f:8d:
                    ec:17:97:4b:2b:b1:9a:25:eb:13:26:73:f8:ba:ba:
                    53:72:b2:3f:46:b5:2d:42:2c:e4:ad:ab:6a:4e:bb:
                    da:25:d9:85:a4:25:b5:79:e4:b2:fe:8b:be:75:65:
                    6f:ae:db:d7:69:d9:83:75:96:d5:e8:33:48:03:f2:
                    18:ed:66:53:0f:47:06:09:13:5d:24:94:27:d4:2d:
                    e3:65:73:13:5b:2a:46:e4:75:39:77:6b:17:6b:16:
                    2d:c8:57:f9:29:1b:79:43:a1:94:f6:e5:55:2b:d5:
                    53:d8:30:d9:06:81:06:db:b5:f4:11:65:c0:19:68:
                    59:3f:98:a6:b1:0b:7f:2f:b6:37:46:db:98:f8:bd:
                    c3:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:D2:3F:06:25:4C:6B:F2:62:86:4E:C2:56:0E:B4:72:66:85:52:48
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/ztI_BiVMa_Jihk7CVg60cmaFUkg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.30.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:dd:35:e3:08:0e:a2:fb:fe:26:64:6f:09:f9:0d:31:7b:bf:
         1e:ed:1a:cf:85:5e:78:70:be:80:9d:fc:20:dc:d3:b7:6c:e0:
         26:19:47:89:f9:8b:5d:00:0e:4d:aa:21:c4:94:0e:6e:9a:0d:
         ff:10:1d:60:fa:2f:04:6c:fd:24:c3:be:32:64:21:05:86:90:
         2c:2c:89:7a:df:9a:f5:2f:f6:8e:b4:0b:91:53:ef:e4:f7:af:
         4b:1b:44:7b:ea:ed:6a:66:dc:79:a8:57:1a:3c:8b:dc:fd:55:
         1f:f1:85:2d:1f:ae:eb:db:55:2b:84:10:ae:5e:26:c4:67:6b:
         30:86:44:ef:84:a2:66:ea:85:bf:4c:51:f1:27:93:99:6c:c8:
         98:dd:d7:fa:f5:ce:9a:d3:e4:d3:13:7a:a5:30:30:1f:06:d3:
         58:d8:b8:61:62:7e:54:f2:e6:5f:37:4d:52:8f:94:41:4d:dd:
         3a:ba:4e:4b:77:42:84:38:a7:d1:71:a8:0c:67:7a:33:f0:aa:
         5e:4f:bd:cc:79:66:d6:24:73:cb:16:10:8e:5a:45:8b:9b:a5:
         12:fe:f3:6d:6d:32:69:de:7e:b1:de:f2:e0:c5:72:3d:3c:25:
         ee:40:59:ea:7b:d0:c8:40:7a:de:83:1e:3f:4c:db:90:7c:d6:
         00:a7:4a:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYimh7fhn/r45Vwb8ZZ/0fkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjMwNjEwMTgxODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQyM2YwNjI1NGM2YmYyNjI4NjRlYzI1NjBlYjQ3MjY2ODU1MjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+akZ+YqlgZTqHDp30L6HrBre73b
sR/7dqRB4w00gwtjpg66IGXoNvYlSvUZAXSWRO9JLhwcoqnVWNdd/fICJQ3RX0NW
UtAqxY+2lmpv33wuNElztetr0j45//Vuk3Bs9Cafpx6u7ZXZvkXJGcPAO91diE0q
n43sF5dLK7GaJesTJnP4urpTcrI/RrUtQizkratqTrvaJdmFpCW1eeSy/ou+dWVv
rtvXadmDdZbV6DNIA/IY7WZTD0cGCRNdJJQn1C3jZXMTWypG5HU5d2sXaxYtyFf5
KRt5Q6GU9uVVK9VT2DDZBoEG27X0EWXAGWhZP5imsQt/L7Y3RtuY+L3DfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7SPwYlTGvyYoZOwlYOtHJmhVJIMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvenRJX0JpVk1hX0ppaGs3Q1ZnNjBjbWFGVWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B4jMA0G
CSqGSIb3DQEBCwUAA4IBAQAT3TXjCA6i+/4mZG8J+Q0xe78e7RrPhV54cL6Anfwg
3NO3bOAmGUeJ+YtdAA5NqiHElA5umg3/EB1g+i8EbP0kw74yZCEFhpAsLIl635r1
L/aOtAuRU+/k969LG0R76u1qZtx5qFcaPIvc/VUf8YUtH67r21UrhBCuXibEZ2sw
hkTvhKJm6oW/TFHxJ5OZbMiY3df69c6a0+TTE3qlMDAfBtNY2LhhYn5U8uZfN01S
j5RBTd06uk5Ld0KEOKfRcagMZ3oz8KpeT73MeWbWJHPLFhCOWkWLm6US/vNtbTJp
3n6x3vLgxXI9PCXuQFnqe9DIQHregx4/TNuQfNYAp0pi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:28 2024 by rpki-client on console-ams.rpki-client.org