Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/293ec2-b144-4bcc-8a48-4bc7034f28d8/1/zC1Z2cn9oUGJ-2FgQmhIPHnRqTY.roa
File:                     zC1Z2cn9oUGJ-2FgQmhIPHnRqTY.roa (raw, json)
Hash identifier:          q6YwYsCHaZEJq9fw5epA6C8FRgl0dOU/sep3gkwKkUQ=
Subject key identifier:   CC:2D:59:D9:C9:FD:A1:41:89:FB:61:60:42:68:48:3C:79:D1:A9:36
Certificate issuer:       /CN=ac0984501084a47220c5cccf5478b897c2822c7f
Certificate serial:       018572FA8E27ADFACEAD3AA6D0A0DBC75585
Authority key identifier: AC:09:84:50:10:84:A4:72:20:C5:CC:CF:54:78:B8:97:C2:82:2C:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rAmEUBCEpHIgxczPVHi4l8KCLH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/293ec2-b144-4bcc-8a48-4bc7034f28d8/1/zC1Z2cn9oUGJ-2FgQmhIPHnRqTY.roa
Signing time:             Mon 02 Jan 2023 14:55:01 +0000
ROA not before:           Mon 02 Jan 2023 14:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201877
IP address blocks:        45.13.120.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:fa:8e:27:ad:fa:ce:ad:3a:a6:d0:a0:db:c7:55:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac0984501084a47220c5cccf5478b897c2822c7f
        Validity
            Not Before: Jan  2 14:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cc2d59d9c9fda14189fb61604268483c79d1a936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:80:32:8c:5c:d4:44:05:c9:58:c5:26:24:bc:
                    94:ac:69:24:9b:93:b6:c0:e1:a1:29:82:2a:e4:86:
                    d4:20:7e:8b:ce:37:1d:63:1b:f7:10:3d:cc:a0:14:
                    f9:e0:af:bd:72:29:5a:16:80:2e:15:79:23:42:7c:
                    c2:bd:c9:ac:aa:8e:7a:24:fb:f3:bf:18:2d:89:7c:
                    89:0c:20:e3:c2:1f:05:06:1c:58:ab:77:da:1f:8f:
                    2b:a4:d6:4a:04:0e:ee:2c:eb:66:15:29:15:38:3b:
                    95:3d:c1:ae:0f:83:41:17:b4:20:4f:50:76:ae:7a:
                    fd:d3:96:ba:04:f7:d3:8e:d0:9c:8f:78:71:70:24:
                    2a:ed:5a:ab:3b:e9:cf:6b:c6:c6:51:8d:f2:20:45:
                    c7:22:7d:99:88:ed:a2:63:0b:66:50:b6:09:30:c5:
                    90:56:07:97:ce:76:ca:5c:3d:6b:0e:e0:b1:22:04:
                    32:6e:11:d4:a7:2c:35:4e:ad:61:42:73:bc:e5:9d:
                    05:e3:39:d6:34:31:82:b7:86:0a:00:d8:2c:71:c9:
                    0c:a8:a6:75:3c:fd:f2:ea:b7:24:7e:9b:24:78:b2:
                    9a:d7:f0:a0:af:0b:4b:d0:c8:b2:9a:7c:ad:e7:37:
                    a3:e1:1a:9d:73:71:7f:17:ab:78:f1:cb:37:47:94:
                    e7:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:2D:59:D9:C9:FD:A1:41:89:FB:61:60:42:68:48:3C:79:D1:A9:36
            X509v3 Authority Key Identifier:
                keyid:AC:09:84:50:10:84:A4:72:20:C5:CC:CF:54:78:B8:97:C2:82:2C:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAmEUBCEpHIgxczPVHi4l8KCLH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/293ec2-b144-4bcc-8a48-4bc7034f28d8/1/zC1Z2cn9oUGJ-2FgQmhIPHnRqTY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/293ec2-b144-4bcc-8a48-4bc7034f28d8/1/rAmEUBCEpHIgxczPVHi4l8KCLH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a0:5a:08:00:14:36:83:d4:18:75:87:68:d1:37:20:85:7c:87:
         9d:7c:b7:d0:ce:8d:bb:21:54:cb:b3:0f:2a:4e:3d:c1:8a:11:
         2e:ea:90:af:68:b7:5f:ef:b1:69:8e:c5:d6:5f:3b:11:b5:d8:
         81:68:12:03:53:8d:55:4c:04:f4:15:13:73:7e:a9:0e:c1:18:
         46:16:dc:8d:0a:fd:56:25:d8:63:29:97:03:76:1d:95:1e:86:
         4c:4f:b3:9d:73:06:9c:e1:bb:4f:ee:fc:1d:f0:b4:7f:9a:7c:
         32:ae:5c:80:7b:3e:f4:56:d3:65:86:24:e2:da:4a:d1:1d:68:
         67:45:be:29:b7:4a:e4:e1:37:17:8f:0d:2f:b4:e1:12:07:2e:
         23:09:8f:c0:f4:7e:d9:a7:93:4f:0a:38:eb:83:e6:79:20:5e:
         74:12:af:ef:a4:76:80:36:0b:46:07:cd:5d:26:ba:8c:aa:ec:
         8d:4a:8b:05:72:3c:24:0e:50:33:c0:de:50:42:f0:05:36:49:
         a7:98:11:d8:6e:b2:92:f2:52:f1:ac:24:eb:4a:58:6a:f7:00:
         c2:b5:32:5a:72:98:7c:d2:13:4e:d7:35:fe:f6:12:ce:59:60:
         5f:62:13:c7:7b:c3:93:a1:90:26:a9:a2:73:bc:6e:01:19:e4:
         9f:fb:83:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+o4nrfrOrTqm0KDbx1WFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDk4NDUwMTA4NGE0NzIyMGM1Y2NjZjU0NzhiODk3YzI4
MjJjN2YwHhcNMjMwMTAyMTQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzJkNTlkOWM5ZmRhMTQxODlmYjYxNjA0MjY4NDgzYzc5ZDFhOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooAyjFzURAXJWMUmJLyUrGkkm5O2
wOGhKYIq5IbUIH6LzjcdYxv3ED3MoBT54K+9cilaFoAuFXkjQnzCvcmsqo56JPvz
vxgtiXyJDCDjwh8FBhxYq3faH48rpNZKBA7uLOtmFSkVODuVPcGuD4NBF7QgT1B2
rnr905a6BPfTjtCcj3hxcCQq7VqrO+nPa8bGUY3yIEXHIn2ZiO2iYwtmULYJMMWQ
VgeXznbKXD1rDuCxIgQybhHUpyw1Tq1hQnO85Z0F4znWNDGCt4YKANgscckMqKZ1
PP3y6rckfpskeLKa1/CgrwtL0Miymnyt5zej4Rqdc3F/F6t48cs3R5TnmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwtWdnJ/aFBifthYEJoSDx50ak2MB8GA1UdIwQY
MBaAFKwJhFAQhKRyIMXMz1R4uJfCgix/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFtRVVCQ0VwSElneGN6UFZIaTRsOEtDTEg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yOTNlYzItYjE0NC00YmNjLThhNDgt
NGJjNzAzNGYyOGQ4LzEvekMxWjJjbjlvVUdKLTJGZ1FtaElQSG5ScVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yOTNlYzItYjE0NC00YmNjLThhNDgtNGJjNzAzNGYyOGQ4
LzEvckFtRVVCQ0VwSElneGN6UFZIaTRsOEtDTEg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ14MA0G
CSqGSIb3DQEBCwUAA4IBAQCgWggAFDaD1Bh1h2jRNyCFfIedfLfQzo27IVTLsw8q
Tj3BihEu6pCvaLdf77FpjsXWXzsRtdiBaBIDU41VTAT0FRNzfqkOwRhGFtyNCv1W
JdhjKZcDdh2VHoZMT7Odcwac4btP7vwd8LR/mnwyrlyAez70VtNlhiTi2krRHWhn
Rb4pt0rk4TcXjw0vtOESBy4jCY/A9H7Zp5NPCjjrg+Z5IF50Eq/vpHaANgtGB81d
JrqMquyNSosFcjwkDlAzwN5QQvAFNkmnmBHYbrKS8lLxrCTrSlhq9wDCtTJacph8
0hNO1zX+9hLOWWBfYhPHe8OToZAmqaJzvG4BGeSf+4Mx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:19 2024 by rpki-client on console-fra.rpki-client.org