Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/zEZCXUz9INGectbDElq9RHk1-rw.roa
File:                     zEZCXUz9INGectbDElq9RHk1-rw.roa (raw, json)
Hash identifier:          EzZQSVlP/ZNKSlGiqweC9/hKzzvLqVQjHuW/rxXZtHg=
Subject key identifier:   CC:46:42:5D:4C:FD:20:D1:9E:72:D6:C3:12:5A:BD:44:79:35:FA:BC
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       01899C533ADEACC3041AA0E74AFAAA9CB8CE
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/zEZCXUz9INGectbDElq9RHk1-rw.roa
Signing time:             Fri 28 Jul 2023 11:47:27 +0000
ROA not before:           Fri 28 Jul 2023 11:47:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        185.169.180.0/24 maxlen: 24
                          45.133.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:9c:53:3a:de:ac:c3:04:1a:a0:e7:4a:fa:aa:9c:b8:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Jul 28 11:47:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cc46425d4cfd20d19e72d6c3125abd447935fabc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:30:64:48:69:35:33:28:6b:89:02:c1:87:ff:
                    82:d7:17:53:ed:80:f3:90:7b:fd:4b:b3:01:2c:d6:
                    23:eb:05:32:56:f8:9f:f9:e5:cf:8e:f5:d6:f4:1c:
                    f1:0c:3a:e6:d1:3f:c1:9c:5c:bb:98:08:f9:48:a6:
                    4c:2a:5d:ed:3d:22:17:17:18:75:8a:65:c4:39:f8:
                    7e:c4:75:fb:b9:9c:93:38:e3:e9:8a:bc:02:9d:0b:
                    ee:0b:74:36:2d:99:cb:75:19:40:cf:19:52:8d:1e:
                    26:10:37:06:2e:45:70:f2:14:40:dd:1d:78:5e:cd:
                    d0:ad:51:b1:20:c4:0f:e9:72:65:34:44:bd:79:c4:
                    35:72:13:bf:77:c2:2c:22:d5:eb:ea:07:d7:d9:02:
                    cb:8f:66:11:7e:23:9b:38:c1:fb:59:7e:fe:5c:ca:
                    20:f4:98:88:96:7c:52:4b:5d:f2:d3:55:80:87:8d:
                    73:d9:dd:32:3e:47:69:4f:f7:9d:df:be:b5:db:26:
                    30:67:a7:80:5b:66:75:03:a3:d3:4c:e9:13:85:37:
                    0e:b8:0d:e5:f5:e4:bc:8a:a6:d1:b8:73:51:c6:4e:
                    78:3d:50:0e:c9:fd:83:8f:32:96:45:a9:58:63:c3:
                    9a:43:79:5b:fa:f4:3e:0e:04:82:3a:6b:fb:9d:f1:
                    cd:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:46:42:5D:4C:FD:20:D1:9E:72:D6:C3:12:5A:BD:44:79:35:FA:BC
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/zEZCXUz9INGectbDElq9RHk1-rw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.36.0/24
                  185.169.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:d0:3c:e5:2f:20:6c:7e:0b:9f:03:9d:9f:17:fa:39:8b:5b:
         9c:f3:a9:b0:6e:16:42:05:f8:ba:14:ba:0a:7e:1a:88:74:09:
         b2:21:5b:c7:55:96:b1:b3:62:67:84:f5:81:87:80:a1:d8:f7:
         b7:82:8c:c7:96:89:d3:a2:67:6d:a8:83:63:9a:cb:32:c6:52:
         be:03:c4:2e:90:b3:86:3a:75:00:a1:dd:6c:04:ed:11:e8:8b:
         a5:45:b4:08:da:30:00:52:5e:19:60:29:de:ed:a0:08:c7:11:
         68:43:6f:89:dc:c7:c3:0f:e7:8e:8b:e1:f9:da:0a:8e:a2:fe:
         4b:84:b7:af:9b:b3:28:3d:79:6f:15:9b:3c:14:6a:95:13:3c:
         77:64:2e:52:13:52:8f:1e:f5:8c:1a:ab:0d:b3:e9:71:26:a4:
         fc:97:c5:5b:3e:b8:eb:77:78:c3:bf:94:14:e3:51:ae:1e:b0:
         bc:d0:bf:18:f2:92:0d:22:4c:8e:af:66:1a:d8:23:02:ae:3c:
         f2:6b:97:b6:29:ec:6e:1b:6d:91:6d:27:a6:ad:2d:29:58:b5:
         d3:b1:66:21:33:18:c7:b6:86:cb:24:3f:c8:58:62:8e:99:38:
         32:3e:c7:32:c8:db:15:9e:5f:d7:ca:52:dd:89:93:ba:99:78:
         53:60:5c:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmcUzrerMMEGqDnSvqqnLjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwNzI4MTE0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQ2NDI1ZDRjZmQyMGQxOWU3MmQ2YzMxMjVhYmQ0NDc5MzVmYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTBkSGk1MyhriQLBh/+C1xdT7YDz
kHv9S7MBLNYj6wUyVvif+eXPjvXW9BzxDDrm0T/BnFy7mAj5SKZMKl3tPSIXFxh1
imXEOfh+xHX7uZyTOOPpirwCnQvuC3Q2LZnLdRlAzxlSjR4mEDcGLkVw8hRA3R14
Xs3QrVGxIMQP6XJlNES9ecQ1chO/d8IsItXr6gfX2QLLj2YRfiObOMH7WX7+XMog
9JiIlnxSS13y01WAh41z2d0yPkdpT/ed37612yYwZ6eAW2Z1A6PTTOkThTcOuA3l
9eS8iqbRuHNRxk54PVAOyf2DjzKWRalYY8OaQ3lb+vQ+DgSCOmv7nfHNewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMxGQl1M/SDRnnLWwxJavUR5Nfq8MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvekVaQ1hVejlJTkdlY3RiREVscTlSSGsxLXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYUkAwQA
uam0MA0GCSqGSIb3DQEBCwUAA4IBAQAb0DzlLyBsfgufA52fF/o5i1uc86mwbhZC
Bfi6FLoKfhqIdAmyIVvHVZaxs2JnhPWBh4Ch2Pe3gozHlonTomdtqINjmssyxlK+
A8QukLOGOnUAod1sBO0R6IulRbQI2jAAUl4ZYCne7aAIxxFoQ2+J3MfDD+eOi+H5
2gqOov5LhLevm7MoPXlvFZs8FGqVEzx3ZC5SE1KPHvWMGqsNs+lxJqT8l8VbPrjr
d3jDv5QU41GuHrC80L8Y8pINIkyOr2Ya2CMCrjzya5e2KexuG22RbSemrS0pWLXT
sWYhMxjHtobLJD/IWGKOmTgyPscyyNsVnl/XylLdiZO6mXhTYFwU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org