Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ZVuSzVCeTmMv29lvqoH4lUhbzDg.roa
File:                     ZVuSzVCeTmMv29lvqoH4lUhbzDg.roa (raw, json)
Hash identifier:          2Nl0YQ+mZ2h/TP+4gM9giFLy+syT1sP9kbLssq03bI8=
Subject key identifier:   65:5B:92:CD:50:9E:4E:63:2F:DB:D9:6F:AA:81:F8:95:48:5B:CC:38
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       018FCADB6857F0FCB348A38C3D034CAA5805
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ZVuSzVCeTmMv29lvqoH4lUhbzDg.roa
Signing time:             Thu 30 May 2024 18:55:27 +0000
ROA not before:           Thu 30 May 2024 18:55:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6939
IP address blocks:        5.133.100.0/22 maxlen: 22
                          31.40.196.0/22 maxlen: 22
                          31.40.204.0/22 maxlen: 22
                          37.221.76.0/22 maxlen: 22
                          62.182.32.0/22 maxlen: 22
                          77.241.72.0/22 maxlen: 22
                          83.171.244.0/22 maxlen: 22
                          84.54.0.0/22 maxlen: 22
                          85.8.144.0/22 maxlen: 22
                          85.235.72.0/22 maxlen: 22
                          139.28.48.0/22 maxlen: 22
                          139.28.212.0/22 maxlen: 22
                          176.53.156.0/22 maxlen: 22
                          176.96.128.0/22 maxlen: 22
                          193.32.204.0/22 maxlen: 22
                          193.38.44.0/22 maxlen: 22
                          194.93.48.0/22 maxlen: 22
                          212.87.196.0/22 maxlen: 22
                          212.115.100.0/22 maxlen: 22
                          217.18.208.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jul 2024 12:59:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:ca:db:68:57:f0:fc:b3:48:a3:8c:3d:03:4c:aa:58:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: May 30 18:55:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=655b92cd509e4e632fdbd96faa81f895485bcc38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:db:8a:77:7f:9d:86:8f:a9:0d:da:eb:02:e3:
                    63:d6:d4:db:00:de:2a:ea:f9:f8:88:aa:2b:24:a6:
                    44:76:bd:20:06:3a:8d:c4:11:fe:0b:83:bb:16:42:
                    d6:b9:c5:70:e9:9c:1c:83:c3:92:3c:5c:c1:14:2f:
                    8c:6b:fa:11:a9:43:d3:15:fd:3e:56:3c:09:a9:b3:
                    63:2e:ce:61:dd:f1:c9:a2:36:dd:1d:e1:56:40:84:
                    8b:ea:b8:72:07:41:26:f1:2c:d1:18:67:a0:37:26:
                    a2:fb:22:05:98:4e:75:7a:0d:60:c8:9e:7a:95:35:
                    4a:31:32:71:98:9c:93:db:c0:26:b3:69:6e:b8:47:
                    9a:99:1c:f9:2e:56:4a:b6:0b:6b:6c:b9:82:75:ad:
                    cd:57:36:87:02:79:dc:0c:ea:be:61:d0:1e:a8:75:
                    75:37:66:e2:ad:9f:f8:71:e1:39:a5:91:53:2a:de:
                    7d:75:ac:2a:3e:de:eb:56:b1:0e:9d:c1:20:2f:b0:
                    07:c7:aa:f3:ab:6c:39:c2:11:c2:f9:25:5c:b2:e2:
                    6a:96:f5:b0:2c:ea:77:26:92:94:cc:b8:1b:c2:32:
                    49:87:9f:cf:fe:fa:e8:1f:9e:5e:e9:ba:0e:96:89:
                    d5:24:9e:ea:e3:5d:c5:0a:23:47:a7:9b:66:f5:9c:
                    fc:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:5B:92:CD:50:9E:4E:63:2F:DB:D9:6F:AA:81:F8:95:48:5B:CC:38
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ZVuSzVCeTmMv29lvqoH4lUhbzDg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.133.100.0/22
                  31.40.196.0/22
                  31.40.204.0/22
                  37.221.76.0/22
                  62.182.32.0/22
                  77.241.72.0/22
                  83.171.244.0/22
                  84.54.0.0/22
                  85.8.144.0/22
                  85.235.72.0/22
                  139.28.48.0/22
                  139.28.212.0/22
                  176.53.156.0/22
                  176.96.128.0/22
                  193.32.204.0/22
                  193.38.44.0/22
                  194.93.48.0/22
                  212.87.196.0/22
                  212.115.100.0/22
                  217.18.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:7f:8e:58:38:9a:87:9d:b4:78:e1:42:63:be:66:ef:68:3a:
         d6:65:50:24:6c:f5:b8:91:2c:c5:f2:ea:31:4d:95:ef:32:f8:
         08:76:fa:15:ea:bc:f9:04:56:8c:e9:8c:30:c7:3f:bc:51:38:
         d7:b2:61:c8:5a:db:57:38:a4:85:1b:78:18:4c:0d:b4:2f:49:
         d9:fc:ba:85:8b:1b:ff:a4:85:af:1e:82:32:f1:c8:0d:d2:89:
         47:d4:68:1a:43:a0:2b:d5:35:44:b5:93:de:d6:4e:57:fc:3b:
         df:5c:9c:19:4e:ee:a4:b9:63:5b:41:65:83:72:c0:af:bd:b9:
         84:99:26:90:82:5c:78:c4:f7:0f:0a:41:3e:cb:01:fd:46:dd:
         56:56:0a:8e:dd:11:43:90:fe:61:d0:dd:2c:cc:ce:7b:cb:80:
         00:9b:59:df:8e:97:52:0b:c4:03:0a:10:c1:b5:5f:c5:15:f3:
         48:67:d7:6d:35:85:a8:f7:ab:82:14:2f:4b:34:4b:1c:b8:db:
         2d:08:84:f8:3d:32:b3:13:99:4d:7c:6a:e6:82:c2:f4:3e:7c:
         d6:76:64:a2:72:45:8f:0c:7d:78:8e:3a:5a:e0:10:0c:bb:e2:
         b9:60:60:40:e0:e8:86:1b:61:ff:6b:bb:d7:fa:9b:e5:7b:a5:
         d5:6c:d9:1c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY/K22hX8PyzSKOMPQNMqlgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwNTMwMTg1NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTViOTJjZDUwOWU0ZTYzMmZkYmQ5NmZhYTgxZjg5NTQ4NWJjYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tuKd3+dho+pDdrrAuNj1tTbAN4q
6vn4iKorJKZEdr0gBjqNxBH+C4O7FkLWucVw6Zwcg8OSPFzBFC+Ma/oRqUPTFf0+
VjwJqbNjLs5h3fHJojbdHeFWQISL6rhyB0Em8SzRGGegNyai+yIFmE51eg1gyJ56
lTVKMTJxmJyT28Ams2luuEeamRz5LlZKtgtrbLmCda3NVzaHAnncDOq+YdAeqHV1
N2birZ/4ceE5pZFTKt59dawqPt7rVrEOncEgL7AHx6rzq2w5whHC+SVcsuJqlvWw
LOp3JpKUzLgbwjJJh5/P/vroH55e6boOlonVJJ7q413FCiNHp5tm9Zz8EQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFGVbks1Qnk5jL9vZb6qB+JVIW8w4MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvWlZ1U3pWQ2VUbU12MjlsdnFvSDRsVWhiekRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCBYVk
AwQCHyjEAwQCHyjMAwQCJd1MAwQCPrYgAwQCTfFIAwQCU6v0AwQCVDYAAwQCVQiQ
AwQCVetIAwQCixwwAwQCixzUAwQCsDWcAwQCsGCAAwQCwSDMAwQCwSYsAwQCwl0w
AwQC1FfEAwQC1HNkAwQC2RLQMA0GCSqGSIb3DQEBCwUAA4IBAQAZf45YOJqHnbR4
4UJjvmbvaDrWZVAkbPW4kSzF8uoxTZXvMvgIdvoV6rz5BFaM6Ywwxz+8UTjXsmHI
WttXOKSFG3gYTA20L0nZ/LqFixv/pIWvHoIy8cgN0olH1GgaQ6Ar1TVEtZPe1k5X
/DvfXJwZTu6kuWNbQWWDcsCvvbmEmSaQglx4xPcPCkE+ywH9Rt1WVgqO3RFDkP5h
0N0szM57y4AAm1nfjpdSC8QDChDBtV/FFfNIZ9dtNYWo96uCFC9LNEscuNstCIT4
PTKzE5lNfGrmgsL0PnzWdmSickWPDH14jjpa4BAMu+K5YGBA4OiGG2H/a7vX+pvl
e6XVbNkc
-----END CERTIFICATE-----
Generated at Mon Jul 1 14:28:05 2024 by rpki-client on console-fra.rpki-client.org