Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/vkp_VZ-pEKAfusg80aHLbRkuEmA.roa
File:                     vkp_VZ-pEKAfusg80aHLbRkuEmA.roa (raw, json)
Hash identifier:          tH6pW8vHOY7dccnL7FGcKOvUhlYxVH061VCBOS+Fcyg=
Subject key identifier:   BE:4A:7F:55:9F:A9:10:A0:1F:BA:C8:3C:D1:A1:CB:6D:19:2E:12:60
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       018BE1CBA5CF89833DB4ABF948F9981E48E7
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/vkp_VZ-pEKAfusg80aHLbRkuEmA.roa
Signing time:             Sat 18 Nov 2023 09:38:21 +0000
ROA not before:           Sat 18 Nov 2023 09:38:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62206
IP address blocks:        91.228.15.0/24 maxlen: 24
                          91.228.14.0/24 maxlen: 24
                          91.228.13.0/24 maxlen: 24
                          91.228.12.0/24 maxlen: 24
                          94.154.38.0/24 maxlen: 24
                          94.154.36.0/24 maxlen: 24
                          94.154.33.0/24 maxlen: 24
                          94.154.32.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 11:32:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:e1:cb:a5:cf:89:83:3d:b4:ab:f9:48:f9:98:1e:48:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Nov 18 09:38:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be4a7f559fa910a01fbac83cd1a1cb6d192e1260
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:be:39:3c:01:85:eb:4f:3d:79:fc:27:d3:99:
                    ce:7a:f2:ef:3e:10:12:19:8f:82:f3:ce:0b:ce:88:
                    4f:cf:b5:3b:70:7c:36:2d:7b:5e:9e:35:1f:c8:a6:
                    7a:e8:39:e1:5a:c3:ff:3e:31:bc:63:29:07:43:7b:
                    9c:68:cf:85:f3:a5:be:f1:91:74:e5:a8:fc:34:c5:
                    ef:e7:a0:78:74:36:1b:97:8a:32:c2:23:5c:cc:fd:
                    6b:f1:cc:9f:fc:88:1e:ae:4a:99:ce:6b:43:75:b0:
                    87:76:31:1b:76:78:5b:20:42:4e:8b:b8:b9:d8:9e:
                    8b:81:7e:bf:f7:ef:e0:17:c7:ac:b8:47:dc:56:dd:
                    df:e9:9e:ec:14:eb:00:02:52:d7:88:d1:fe:81:13:
                    44:8b:af:37:08:18:9b:ae:4a:9b:cd:c4:1c:3c:47:
                    e2:7e:12:9d:77:37:b7:e2:d0:0d:e9:2f:07:39:02:
                    ed:89:25:df:ee:a2:78:68:7c:47:0e:7b:ca:71:06:
                    89:6c:f2:f5:30:26:0e:fd:87:dc:c8:a8:6c:3d:5d:
                    cc:10:34:01:af:a6:9d:02:6f:1a:f5:93:01:79:ab:
                    79:d4:8e:fd:0d:5b:92:0e:c4:01:b0:d1:cc:ef:47:
                    a1:7d:c9:b0:74:a8:06:cf:c6:3a:b6:8b:24:e0:66:
                    da:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:4A:7F:55:9F:A9:10:A0:1F:BA:C8:3C:D1:A1:CB:6D:19:2E:12:60
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/vkp_VZ-pEKAfusg80aHLbRkuEmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.12.0/22
                  94.154.32.0-94.154.36.255
                  94.154.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:cb:96:1c:85:c6:70:5b:0b:92:42:ec:04:ed:8a:ac:14:04:
         8a:90:7b:81:a0:0b:b1:e4:f4:af:d8:fd:43:fb:a7:7e:99:5f:
         ca:c1:ad:8b:84:93:65:79:28:49:88:8c:e1:8d:ba:95:46:70:
         01:97:28:63:dc:c7:bd:2c:ab:aa:c7:8d:6d:b5:83:c8:4e:4f:
         7a:d2:96:8e:d6:72:af:46:5e:fe:77:1f:1f:71:f9:4f:25:b8:
         ff:e7:c7:f4:65:69:e1:2f:ff:48:95:ce:6f:18:30:4f:e4:7a:
         b1:fb:e6:e3:95:c3:54:b9:ac:a5:36:4d:56:af:76:54:8e:c6:
         3f:74:2b:52:0b:7c:8b:37:f7:d4:c9:d0:a0:47:53:1d:35:aa:
         31:dd:bf:49:76:b8:48:eb:3b:46:1a:ab:1e:1f:a9:b6:ca:c9:
         b1:88:a7:50:52:37:2f:37:de:2f:f5:57:72:64:a5:dc:25:60:
         6c:2e:63:16:b7:66:52:34:28:6a:76:d2:1f:ce:78:bc:a2:b5:
         f3:da:6d:cd:ca:73:4c:b7:73:1f:e5:fe:4f:fd:b1:c2:8f:18:
         92:7e:8f:63:27:16:31:3b:8e:e8:5f:e6:52:5f:7b:40:cb:ab:
         e6:31:67:44:16:c4:ce:bc:ce:ca:5d:42:a8:ab:8d:01:fc:1b:
         67:95:49:d6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYvhy6XPiYM9tKv5SPmYHkjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMTE4MDkzODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTRhN2Y1NTlmYTkxMGEwMWZiYWM4M2NkMWExY2I2ZDE5MmUxMjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL45PAGF6089efwn05nOevLvPhAS
GY+C884LzohPz7U7cHw2LXtenjUfyKZ66DnhWsP/PjG8YykHQ3ucaM+F86W+8ZF0
5aj8NMXv56B4dDYbl4oywiNczP1r8cyf/IgerkqZzmtDdbCHdjEbdnhbIEJOi7i5
2J6LgX6/9+/gF8esuEfcVt3f6Z7sFOsAAlLXiNH+gRNEi683CBibrkqbzcQcPEfi
fhKddze34tAN6S8HOQLtiSXf7qJ4aHxHDnvKcQaJbPL1MCYO/YfcyKhsPV3MEDQB
r6adAm8a9ZMBeat51I79DVuSDsQBsNHM70ehfcmwdKgGz8Y6tosk4Gba2wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL5Kf1WfqRCgH7rIPNGhy20ZLhJgMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvdmtwX1ZaLXBFS0FmdXNnODBhSExiUmt1RW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW+QMMAwD
BAVemiADBABemiQDBABemiYwDQYJKoZIhvcNAQELBQADggEBAJjLlhyFxnBbC5JC
7ATtiqwUBIqQe4GgC7Hk9K/Y/UP7p36ZX8rBrYuEk2V5KEmIjOGNupVGcAGXKGPc
x70sq6rHjW21g8hOT3rSlo7Wcq9GXv53Hx9x+U8luP/nx/RlaeEv/0iVzm8YME/k
erH75uOVw1S5rKU2TVavdlSOxj90K1ILfIs399TJ0KBHUx01qjHdv0l2uEjrO0Ya
qx4fqbbKybGIp1BSNy833i/1V3JkpdwlYGwuYxa3ZlI0KGp20h/OeLyitfPabc3K
c0y3cx/l/k/9scKPGJJ+j2MnFjE7juhf5lJfe0DLq+YxZ0QWxM68zspdQqirjQH8
G2eVSdY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org