Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zws2J3FkSyvpV7GSz-jym_1mbRk.roa
File:                     zws2J3FkSyvpV7GSz-jym_1mbRk.roa (raw, json)
Hash identifier:          x684yFuqrvQfHcQM25a4ZkKsk1Dx3MKHTvTO+qNik/E=
Subject key identifier:   CF:0B:36:27:71:64:4B:2B:E9:57:B1:92:CF:E8:F2:9B:FD:66:6D:19
Certificate issuer:       /CN=84695c825129e3654a508b3bc529fe3a5b3839b1
Certificate serial:       01856C7847A92E20970A53B6C4D231823F8E
Authority key identifier: 84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zws2J3FkSyvpV7GSz-jym_1mbRk.roa
Signing time:             Sun 01 Jan 2023 08:34:59 +0000
ROA not before:           Sun 01 Jan 2023 08:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        194.56.216.0/23 maxlen: 23
                          194.56.222.0/23 maxlen: 23
                          2a0f:13c6::/31 maxlen: 31
                          2a0f:13c0::/31 maxlen: 31
                          2a0f:13c2::/31 maxlen: 31
                          2a0f:13c4::/31 maxlen: 31

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:78:47:a9:2e:20:97:0a:53:b6:c4:d2:31:82:3f:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84695c825129e3654a508b3bc529fe3a5b3839b1
        Validity
            Not Before: Jan  1 08:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf0b362771644b2be957b192cfe8f29bfd666d19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:51:9b:57:28:a1:2e:6f:1e:70:ae:78:5b:62:
                    2b:b8:24:dd:2b:4d:05:c7:68:45:5a:ec:ba:34:dd:
                    dc:35:f6:09:8e:43:24:eb:9c:6d:f3:08:08:1e:2c:
                    cd:de:ae:f0:41:d3:5e:b6:d6:89:ce:01:d5:81:0a:
                    f7:3b:fc:53:7e:54:f2:d5:60:88:e0:0a:6f:da:d8:
                    11:25:f7:50:7f:16:31:f5:8d:e2:37:de:6f:40:7c:
                    9c:69:b4:ba:fe:cb:ca:85:2a:40:56:ad:19:35:19:
                    65:6b:18:95:3b:2f:07:c4:df:58:e2:a9:1c:b7:f8:
                    03:7e:64:cc:a2:74:63:6e:d2:66:a2:e9:a4:7d:c6:
                    40:e8:85:16:74:35:4f:f3:e3:c6:cd:cc:c8:7e:65:
                    df:8f:7a:57:df:64:65:40:85:d8:d3:a3:4a:f4:d1:
                    c4:c5:dc:a5:80:be:c9:11:17:01:38:12:49:cf:29:
                    96:f5:d0:5e:d8:5d:d1:53:1a:31:95:40:b9:1c:3b:
                    7b:3a:f2:06:01:74:a3:61:d9:b9:0e:9f:6b:8e:7b:
                    4a:b1:eb:1e:f4:fb:fc:72:11:bc:08:b7:a3:1f:11:
                    69:03:38:97:77:0c:46:c3:a5:85:a5:cc:43:65:1a:
                    61:a6:0c:f5:07:e5:b3:d7:6a:f6:47:8c:38:fb:03:
                    f6:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:0B:36:27:71:64:4B:2B:E9:57:B1:92:CF:E8:F2:9B:FD:66:6D:19
            X509v3 Authority Key Identifier:
                keyid:84:69:5C:82:51:29:E3:65:4A:50:8B:3B:C5:29:FE:3A:5B:38:39:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGlcglEp42VKUIs7xSn-Ols4ObE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/zws2J3FkSyvpV7GSz-jym_1mbRk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a0e90f-2198-442e-95fc-b7f63423f192/1/hGlcglEp42VKUIs7xSn-Ols4ObE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.56.216.0/23
                  194.56.222.0/23
                IPv6:
                  2a0f:13c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         8a:bb:5b:f7:1f:0e:d7:d3:f7:76:90:d1:f8:45:f5:f9:11:2f:
         4d:0a:17:df:3c:c9:84:58:73:f5:bc:14:f8:da:8f:5d:ad:7b:
         d8:d7:8d:7e:9f:4f:41:94:cd:fe:0a:fd:eb:30:51:a7:ba:c8:
         22:4d:37:be:ce:01:48:08:46:99:59:21:78:c3:46:9e:e1:ca:
         2f:f3:d6:3e:7a:3b:7c:d1:de:57:ec:cf:f9:fb:29:22:12:f3:
         89:5c:67:f0:8f:c7:25:fe:ba:6d:a1:46:82:fc:b5:c6:24:10:
         0e:c7:40:46:e2:5c:cd:95:ca:fa:e2:69:ad:95:d0:af:2a:df:
         a1:52:0f:85:2f:ec:b7:fa:49:fb:01:40:86:0f:e9:94:76:e8:
         ff:2f:73:7f:e3:71:74:e9:7c:98:f3:0c:2d:29:12:49:ba:81:
         2f:47:d9:0b:c5:05:7b:9d:72:b2:2b:20:6e:1a:4e:19:eb:b6:
         3d:c2:1b:31:08:10:76:fe:58:76:c8:6f:10:e0:87:8a:de:49:
         a8:35:dc:f4:03:4f:f3:39:b4:27:20:eb:cb:2b:45:16:fc:20:
         d1:99:bb:2e:8b:a1:d9:a5:d2:91:9d:84:ad:0a:02:18:89:fe:
         14:cf:20:7d:e0:c4:6f:98:51:13:21:8f:45:27:79:5e:b9:0b:
         fd:d8:d8:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVseEepLiCXClO2xNIxgj+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0Njk1YzgyNTEyOWUzNjU0YTUwOGIzYmM1MjlmZTNhNWIz
ODM5YjEwHhcNMjMwMTAxMDgzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjBiMzYyNzcxNjQ0YjJiZTk1N2IxOTJjZmU4ZjI5YmZkNjY2ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFGbVyihLm8ecK54W2IruCTdK00F
x2hFWuy6NN3cNfYJjkMk65xt8wgIHizN3q7wQdNettaJzgHVgQr3O/xTflTy1WCI
4Apv2tgRJfdQfxYx9Y3iN95vQHycabS6/svKhSpAVq0ZNRllaxiVOy8HxN9Y4qkc
t/gDfmTMonRjbtJmoumkfcZA6IUWdDVP8+PGzczIfmXfj3pX32RlQIXY06NK9NHE
xdylgL7JERcBOBJJzymW9dBe2F3RUxoxlUC5HDt7OvIGAXSjYdm5Dp9rjntKsese
9Pv8chG8CLejHxFpAziXdwxGw6WFpcxDZRphpgz1B+Wz12r2R4w4+wP2bwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM8LNidxZEsr6Vexks/o8pv9Zm0ZMB8GA1UdIwQY
MBaAFIRpXIJRKeNlSlCLO8Up/jpbODmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMt
YjdmNjM0MjNmMTkyLzEvendzMkozRmtTeXZwVjdHU3otanltXzFtYlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hMGU5MGYtMjE5OC00NDJlLTk1ZmMtYjdmNjM0MjNmMTky
LzEvaEdsY2dsRXA0MlZLVUlzN3hTbi1PbHM0T2JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwjjYAwQB
wjjeMA0EAgACMAcDBQMqDxPAMA0GCSqGSIb3DQEBCwUAA4IBAQCKu1v3Hw7X0/d2
kNH4RfX5ES9NChffPMmEWHP1vBT42o9drXvY141+n09BlM3+Cv3rMFGnusgiTTe+
zgFICEaZWSF4w0ae4cov89Y+ejt80d5X7M/5+ykiEvOJXGfwj8cl/rptoUaC/LXG
JBAOx0BG4lzNlcr64mmtldCvKt+hUg+FL+y3+kn7AUCGD+mUduj/L3N/43F06XyY
8wwtKRJJuoEvR9kLxQV7nXKyKyBuGk4Z67Y9whsxCBB2/lh2yG8Q4IeK3kmoNdz0
A0/zObQnIOvLK0UW/CDRmbsui6HZpdKRnYStCgIYif4UzyB94MRvmFETIY9FJ3le
uQv92Nj+
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:55 2024 by rpki-client on console-ams.rpki-client.org