Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/NZSCJFpiosH3csusIkPf1di-mzE.roa
File:                     NZSCJFpiosH3csusIkPf1di-mzE.roa (raw, json)
Hash identifier:          iVkv/iavOx0LLFmyv4HdrjuVXGbWutPywFDsiMaUc18=
Subject key identifier:   35:94:82:24:5A:62:A2:C1:F7:72:CB:AC:22:43:DF:D5:D8:BE:9B:31
Certificate issuer:       /CN=2a0cc46301c8b1fd4639293018fba53653a265b2
Certificate serial:       018CC56E2382A8D8979D548988DA3E7277FA
Authority key identifier: 2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/NZSCJFpiosH3csusIkPf1di-mzE.roa
Signing time:             Mon 01 Jan 2024 14:29:38 +0000
ROA not before:           Mon 01 Jan 2024 14:29:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57118
IP address blocks:        185.95.216.0/22 maxlen: 24
                          2a05:fc80::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 14 May 2024 09:20:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:23:82:a8:d8:97:9d:54:89:88:da:3e:72:77:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a0cc46301c8b1fd4639293018fba53653a265b2
        Validity
            Not Before: Jan  1 14:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=359482245a62a2c1f772cbac2243dfd5d8be9b31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:db:da:dd:e3:e6:59:b2:67:de:12:2c:07:ca:
                    6a:88:ec:f0:74:bd:2a:5e:44:22:8e:74:fa:b1:11:
                    11:c3:29:db:f7:70:16:ed:cf:8b:fa:99:d3:5c:11:
                    2f:77:c5:b6:2d:5d:40:a3:78:42:b2:8f:9d:c9:83:
                    7d:10:65:3b:7c:70:0e:a8:4e:b4:6a:0d:8d:25:81:
                    0d:69:70:e9:95:0b:3b:43:5f:4f:2f:d5:dd:44:75:
                    9a:da:ec:f0:a9:10:ac:fa:73:b4:b4:a0:86:02:ee:
                    b3:1c:77:bb:8a:f2:2d:40:0c:f7:6a:f6:f6:52:06:
                    22:f7:eb:cd:5a:bc:30:7a:69:d9:7c:f3:48:5e:60:
                    4b:2f:af:f2:fb:36:ea:82:15:33:c9:74:e7:91:25:
                    63:51:57:d8:c0:9e:72:44:43:fc:15:cb:5f:bc:7d:
                    95:25:07:bd:32:55:55:92:b2:84:17:5f:79:a7:27:
                    56:4c:d1:b1:7e:02:13:1d:4f:76:bd:0a:e6:04:b5:
                    9e:ec:06:f6:9c:82:27:60:f4:6c:bc:e8:b2:01:80:
                    37:75:f1:8e:b6:4d:31:57:18:af:ae:5e:aa:34:db:
                    04:9f:77:3e:d2:24:47:f7:d4:d4:48:55:b9:d9:ce:
                    c0:21:00:35:0f:8c:c2:cc:bd:a4:b0:47:9f:65:d1:
                    42:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:94:82:24:5A:62:A2:C1:F7:72:CB:AC:22:43:DF:D5:D8:BE:9B:31
            X509v3 Authority Key Identifier:
                keyid:2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/NZSCJFpiosH3csusIkPf1di-mzE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.216.0/22
                IPv6:
                  2a05:fc80::/29

    Signature Algorithm: sha256WithRSAEncryption
         a3:41:58:cf:3e:d0:b2:a0:94:f4:97:2a:33:8b:25:6b:3e:65:
         5c:16:f7:8f:44:32:de:ca:76:83:1a:34:3c:ba:25:56:0b:b6:
         9e:24:33:a4:84:72:ef:42:f0:53:ca:33:44:33:c3:ca:c0:5f:
         0f:ba:e1:2a:de:13:22:35:00:01:28:a4:d2:8d:e9:32:f1:72:
         bd:42:c7:c1:4e:96:66:b6:07:01:2f:01:7d:3c:d0:69:63:32:
         74:42:8a:99:30:cd:ec:6a:8f:3d:19:71:0e:50:a9:2d:61:a9:
         62:9e:5e:4d:87:48:19:e0:73:8f:cf:4c:28:7b:79:04:cc:a3:
         5c:81:b2:e9:e3:d6:53:9b:79:19:03:3d:04:f8:67:01:e0:63:
         fb:a8:a1:d1:3a:b6:d0:dc:d6:9e:ef:79:3a:a7:19:fe:0e:c0:
         7e:8d:29:dc:88:0a:4b:45:50:df:f1:03:db:68:35:dc:10:ef:
         c4:5c:35:fe:f2:e4:7b:7e:a4:5c:90:5d:23:cc:36:af:a8:e9:
         29:87:01:60:72:67:af:70:9a:bc:2a:ef:e9:b0:4c:e6:a1:97:
         86:8a:45:f7:b8:fa:93:da:e7:cf:f6:64:be:3d:88:ea:66:99:
         e4:10:12:99:bf:45:36:d8:62:6b:5c:44:5d:05:2c:3e:38:cd:
         81:d8:a4:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbiOCqNiXnVSJiNo+cnf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMGNjNDYzMDFjOGIxZmQ0NjM5MjkzMDE4ZmJhNTM2NTNh
MjY1YjIwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk0ODIyNDVhNjJhMmMxZjc3MmNiYWMyMjQzZGZkNWQ4YmU5YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dva3ePmWbJn3hIsB8pqiOzwdL0q
XkQijnT6sRERwynb93AW7c+L+pnTXBEvd8W2LV1Ao3hCso+dyYN9EGU7fHAOqE60
ag2NJYENaXDplQs7Q19PL9XdRHWa2uzwqRCs+nO0tKCGAu6zHHe7ivItQAz3avb2
UgYi9+vNWrwwemnZfPNIXmBLL6/y+zbqghUzyXTnkSVjUVfYwJ5yREP8FctfvH2V
JQe9MlVVkrKEF195pydWTNGxfgITHU92vQrmBLWe7Ab2nIInYPRsvOiyAYA3dfGO
tk0xVxivrl6qNNsEn3c+0iRH99TUSFW52c7AIQA1D4zCzL2ksEefZdFCcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDWUgiRaYqLB93LLrCJD39XYvpsxMB8GA1UdIwQY
MBaAFCoMxGMByLH9RjkpMBj7pTZTomWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2d6RVl3SElzZjFHT1Nrd0dQdWxObE9pWmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yODYyZDEtMmNjOS00NTY1LTg2YzIt
MmJiNTU5N2EyNDM1LzEvTlpTQ0pGcGlvc0gzY3N1c0lrUGYxZGktbXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yODYyZDEtMmNjOS00NTY1LTg2YzItMmJiNTU5N2EyNDM1
LzEvS2d6RVl3SElzZjFHT1Nrd0dQdWxObE9pWmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV/YMA0E
AgACMAcDBQMqBfyAMA0GCSqGSIb3DQEBCwUAA4IBAQCjQVjPPtCyoJT0lyoziyVr
PmVcFvePRDLeynaDGjQ8uiVWC7aeJDOkhHLvQvBTyjNEM8PKwF8PuuEq3hMiNQAB
KKTSjeky8XK9QsfBTpZmtgcBLwF9PNBpYzJ0QoqZMM3sao89GXEOUKktYalinl5N
h0gZ4HOPz0woe3kEzKNcgbLp49ZTm3kZAz0E+GcB4GP7qKHROrbQ3Nae73k6pxn+
DsB+jSnciApLRVDf8QPbaDXcEO/EXDX+8uR7fqRckF0jzDavqOkphwFgcmevcJq8
Ku/psEzmoZeGikX3uPqT2ufP9mS+PYjqZpnkEBKZv0U22GJrXERdBSw+OM2B2KS7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:35 2024 by rpki-client on console-fra.rpki-client.org