Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/zCZsyzupZGI2mJRV9KF62rObvKM.roa
File:                     zCZsyzupZGI2mJRV9KF62rObvKM.roa (raw, json)
Hash identifier:          q9vH9e8FwO9g91pndqMcmm9yVQICeX2RwMl9rz5MujE=
Subject key identifier:   CC:26:6C:CB:3B:A9:64:62:36:98:94:55:F4:A1:7A:DA:B3:9B:BC:A3
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       01856EA6B542CD6E88B296C72C3DBC3BE61E
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/zCZsyzupZGI2mJRV9KF62rObvKM.roa
Signing time:             Sun 01 Jan 2023 18:44:57 +0000
ROA not before:           Sun 01 Jan 2023 18:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31017
IP address blocks:        86.104.128.0/22 maxlen: 22
                          89.43.136.0/22 maxlen: 22
                          2a05:b680:6::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:b5:42:cd:6e:88:b2:96:c7:2c:3d:bc:3b:e6:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jan  1 18:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cc266ccb3ba9646236989455f4a17adab39bbca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:20:46:4e:bd:84:6c:0b:ab:1e:d6:fa:b5:31:
                    22:0e:dc:19:d6:32:b7:42:c8:6a:be:73:f6:33:79:
                    16:05:02:32:fa:28:5a:82:30:e8:64:bd:05:ea:a2:
                    54:4e:82:2e:83:cb:36:6d:cb:35:2d:87:fc:aa:62:
                    a7:de:af:26:75:c5:e8:38:b2:98:91:bd:d0:f1:78:
                    a0:15:55:f6:33:ef:5f:d0:65:65:45:bf:fe:5b:ee:
                    c7:08:eb:8a:65:e6:ed:d2:e5:97:a3:77:d7:df:e2:
                    2e:4f:84:99:0a:da:af:d0:3a:1e:3b:dd:dc:cc:ca:
                    9c:1a:98:94:cb:5d:72:c4:65:6d:cb:ca:10:ed:ac:
                    f3:14:be:1b:fe:8c:62:42:2a:8f:66:d1:31:55:25:
                    bd:9e:8e:f7:49:e9:47:60:a5:24:20:d5:64:52:7f:
                    02:36:e6:b3:85:f2:4a:02:cb:2a:bc:f8:0d:a3:7a:
                    f7:a1:4a:d4:d7:1d:0e:97:c0:bd:56:97:9a:91:ef:
                    2a:66:f4:20:ef:c2:49:ba:c0:c4:c4:b1:ea:4e:c3:
                    d1:90:d6:ad:b0:7f:c3:a2:45:d8:e2:97:62:60:9a:
                    93:cf:29:4d:6d:a5:6e:5d:6e:7f:af:cb:92:88:57:
                    a6:67:7d:9e:99:1d:c1:b0:0e:fe:52:bc:f6:06:f2:
                    b1:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:26:6C:CB:3B:A9:64:62:36:98:94:55:F4:A1:7A:DA:B3:9B:BC:A3
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/zCZsyzupZGI2mJRV9KF62rObvKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.104.128.0/22
                  89.43.136.0/22
                IPv6:
                  2a05:b680:6::/48

    Signature Algorithm: sha256WithRSAEncryption
         71:35:47:4b:0d:d6:24:e5:67:44:04:cb:39:b3:8c:f7:dc:97:
         7a:d0:54:85:93:0b:ce:02:06:69:37:28:c3:93:01:7e:af:c4:
         ba:77:77:fe:f6:82:62:2d:69:bf:78:fc:e6:e9:cb:76:eb:f9:
         3c:4a:d2:1c:39:59:0b:e1:00:e0:2f:59:eb:78:ce:6a:7d:1d:
         26:2f:72:54:83:a3:7c:56:bc:66:77:be:f8:e9:a0:1d:16:90:
         7a:03:76:94:2b:fc:59:42:1f:cd:5c:c5:bd:16:fb:b2:5c:51:
         ca:fa:33:03:67:a8:4f:a8:06:49:80:35:7e:3b:e8:db:38:b6:
         77:80:17:c2:5f:a8:14:35:92:68:8b:a2:f8:21:d8:d9:a2:84:
         cb:bc:31:33:cc:f3:68:c3:95:d3:80:66:33:cd:d3:eb:d6:b7:
         d8:c1:a0:16:0d:e3:66:29:cf:e3:0e:ab:7d:09:3a:ab:eb:b1:
         73:e2:a9:7f:2e:84:95:c3:8f:ff:1f:ca:f1:77:fd:6f:17:26:
         17:4f:f2:4c:27:46:9c:88:c0:e0:bf:b5:8c:44:fb:86:b1:36:
         e0:8a:eb:73:ac:bc:27:3a:06:2b:09:4e:dc:b2:0b:b1:46:ab:
         03:f0:bf:8d:d0:40:03:57:bf:84:0e:ef:34:d1:7f:c2:cb:0f:
         86:02:5f:96
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVuprVCzW6IspbHLD28O+YeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzI2NmNjYjNiYTk2NDYyMzY5ODk0NTVmNGExN2FkYWIzOWJiY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSBGTr2EbAurHtb6tTEiDtwZ1jK3
QshqvnP2M3kWBQIy+ihagjDoZL0F6qJUToIug8s2bcs1LYf8qmKn3q8mdcXoOLKY
kb3Q8XigFVX2M+9f0GVlRb/+W+7HCOuKZebt0uWXo3fX3+IuT4SZCtqv0DoeO93c
zMqcGpiUy11yxGVty8oQ7azzFL4b/oxiQiqPZtExVSW9no73SelHYKUkINVkUn8C
NuazhfJKAssqvPgNo3r3oUrU1x0Ol8C9Vpeake8qZvQg78JJusDExLHqTsPRkNat
sH/DokXY4pdiYJqTzylNbaVuXW5/r8uSiFemZ32emR3BsA7+Urz2BvKxhQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMwmbMs7qWRiNpiUVfShetqzm7yjMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvekNac3l6dXBaR0kybUpSVjlLRjYyck9idktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCVmiAAwQC
WSuIMA8EAgACMAkDBwAqBbaAAAYwDQYJKoZIhvcNAQELBQADggEBAHE1R0sN1iTl
Z0QEyzmzjPfcl3rQVIWTC84CBmk3KMOTAX6vxLp3d/72gmItab94/Obpy3br+TxK
0hw5WQvhAOAvWet4zmp9HSYvclSDo3xWvGZ3vvjpoB0WkHoDdpQr/FlCH81cxb0W
+7JcUcr6MwNnqE+oBkmANX476Ns4tneAF8JfqBQ1kmiLovgh2NmihMu8MTPM82jD
ldOAZjPN0+vWt9jBoBYN42Ypz+MOq30JOqvrsXPiqX8uhJXDj/8fyvF3/W8XJhdP
8kwnRpyIwOC/tYxE+4axNuCK63OsvCc6BisJTtyyC7FGqwPwv43QQANXv4QO7zTR
f8LLD4YCX5Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org