Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/CzI5Zl0w7zORkv37-PCC79tgi4E.roa
File:                     CzI5Zl0w7zORkv37-PCC79tgi4E.roa (raw, json)
Hash identifier:          TzLekZHAWwuyIlCgQWCe9kwQZZVQlFk0K6NB/TylkpQ=
Subject key identifier:   0B:32:39:66:5D:30:EF:33:91:92:FD:FB:F8:F0:82:EF:DB:60:8B:81
Certificate issuer:       /CN=6eab53640b0931924b73f760925845150a6ccca5
Certificate serial:       01856FD4F65C07E0BB3C1998E645FC7601D5
Authority key identifier: 6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/CzI5Zl0w7zORkv37-PCC79tgi4E.roa
Signing time:             Mon 02 Jan 2023 00:15:05 +0000
ROA not before:           Mon 02 Jan 2023 00:15:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43003
IP address blocks:        62.93.120.0/21 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d4:f6:5c:07:e0:bb:3c:19:98:e6:45:fc:76:01:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6eab53640b0931924b73f760925845150a6ccca5
        Validity
            Not Before: Jan  2 00:15:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0b3239665d30ef339192fdfbf8f082efdb608b81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:d3:0a:ea:a9:0a:6e:14:ac:e9:75:21:4c:3d:
                    04:6b:1a:3a:be:91:62:bb:5f:75:aa:15:41:4e:2e:
                    8d:13:cc:92:86:30:75:ea:d8:5e:a6:a1:19:c1:95:
                    8a:1c:66:74:3a:a5:b2:09:80:9d:9c:29:c5:12:8f:
                    f6:28:da:71:0e:fa:0f:3a:6d:1a:19:11:31:90:cf:
                    cc:d9:cc:08:8f:e5:03:4e:6e:b2:e2:29:47:4a:cb:
                    2f:9b:5a:9e:37:86:9c:08:a2:0f:90:2d:db:d5:a8:
                    bf:bf:12:ca:f7:91:b3:46:8d:0a:2e:c0:3e:c3:64:
                    b8:0a:d7:a7:8d:ec:ae:2d:5d:23:c6:88:37:cc:25:
                    d8:30:cb:6a:45:90:f6:d2:be:fd:56:f6:63:60:ce:
                    39:9f:a3:31:09:19:db:02:22:2d:0d:50:fd:68:02:
                    44:07:5c:31:d1:24:08:4e:77:28:0e:2d:ab:b9:e2:
                    ec:04:df:46:26:4e:18:08:c9:22:e3:4b:fd:4f:de:
                    1b:92:9b:64:da:6c:2d:25:c2:f5:84:2e:0d:60:7c:
                    0b:a6:7a:be:32:bf:4d:06:8d:06:e2:c8:ae:7f:93:
                    17:41:8d:d0:db:51:bb:4c:3c:08:57:fa:7c:9d:26:
                    ce:98:07:57:7d:1e:80:d9:b5:ee:80:4a:f9:d9:de:
                    33:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:32:39:66:5D:30:EF:33:91:92:FD:FB:F8:F0:82:EF:DB:60:8B:81
            X509v3 Authority Key Identifier:
                keyid:6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/CzI5Zl0w7zORkv37-PCC79tgi4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.93.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7f:90:ca:31:de:79:7b:23:55:7c:78:2e:a0:2c:ca:24:24:c8:
         1e:ae:2a:6e:22:e3:d0:80:09:be:d7:37:1c:90:07:a6:02:e8:
         0b:c3:dd:ef:a8:6d:83:2a:6f:77:7f:f5:b9:b7:96:45:9b:7e:
         21:da:20:d1:f8:e2:dc:2e:97:d8:5e:4e:5d:bb:b1:4e:28:05:
         15:5e:52:0d:ea:72:3a:cc:fa:60:55:7c:09:50:12:2c:8f:18:
         c4:c1:b9:fb:5c:27:12:7f:c1:75:16:bf:b8:6b:9d:d9:cf:a7:
         0a:33:66:24:53:2e:35:52:f0:ea:30:84:5d:cf:2f:a4:60:93:
         4b:59:2b:f1:69:c0:1d:2a:93:02:36:6b:eb:4a:4b:ba:b1:ce:
         d0:ff:9f:74:a8:a5:f7:30:d0:f4:ad:d2:f7:9d:1a:8d:e7:a5:
         99:e4:34:ea:ed:7b:66:6f:01:8c:fc:8a:98:06:44:11:b8:11:
         96:54:16:41:42:32:c7:13:89:a2:9d:02:fc:fa:3e:b3:e4:28:
         9f:79:78:0b:b4:20:71:68:07:68:87:6f:c7:a0:30:d3:b8:01:
         04:fe:b1:de:7a:e8:08:e9:ac:df:16:de:23:b7:f6:03:66:41:
         c1:9e:ce:a8:8d:6c:28:11:9e:ab:f3:2a:e7:da:cd:10:74:5f:
         70:b8:0f:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1PZcB+C7PBmY5kX8dgHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWI1MzY0MGIwOTMxOTI0YjczZjc2MDkyNTg0NTE1MGE2
Y2NjYTUwHhcNMjMwMTAyMDAxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjMyMzk2NjVkMzBlZjMzOTE5MmZkZmJmOGYwODJlZmRiNjA4YjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dMK6qkKbhSs6XUhTD0Eaxo6vpFi
u191qhVBTi6NE8yShjB16thepqEZwZWKHGZ0OqWyCYCdnCnFEo/2KNpxDvoPOm0a
GRExkM/M2cwIj+UDTm6y4ilHSssvm1qeN4acCKIPkC3b1ai/vxLK95GzRo0KLsA+
w2S4CtenjeyuLV0jxog3zCXYMMtqRZD20r79VvZjYM45n6MxCRnbAiItDVD9aAJE
B1wx0SQITncoDi2rueLsBN9GJk4YCMki40v9T94bkptk2mwtJcL1hC4NYHwLpnq+
Mr9NBo0G4siuf5MXQY3Q21G7TDwIV/p8nSbOmAdXfR6A2bXugEr52d4zTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsyOWZdMO8zkZL9+/jwgu/bYIuBMB8GA1UdIwQY
MBaAFG6rU2QLCTGSS3P3YJJYRRUKbMylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAt
NTMwNDYzMjM5NTFmLzEvQ3pJNVpsMHc3ek9Sa3YzNy1QQ0M3OXRnaTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAtNTMwNDYzMjM5NTFm
LzEvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPl14MA0G
CSqGSIb3DQEBCwUAA4IBAQB/kMox3nl7I1V8eC6gLMokJMgeripuIuPQgAm+1zcc
kAemAugLw93vqG2DKm93f/W5t5ZFm34h2iDR+OLcLpfYXk5du7FOKAUVXlIN6nI6
zPpgVXwJUBIsjxjEwbn7XCcSf8F1Fr+4a53Zz6cKM2YkUy41UvDqMIRdzy+kYJNL
WSvxacAdKpMCNmvrSku6sc7Q/590qKX3MND0rdL3nRqN56WZ5DTq7XtmbwGM/IqY
BkQRuBGWVBZBQjLHE4minQL8+j6z5CifeXgLtCBxaAdoh2/HoDDTuAEE/rHeeugI
6azfFt4jt/YDZkHBns6ojWwoEZ6r8yrn2s0QdF9wuA+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:52 2024 by rpki-client on console-fra.rpki-client.org