Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ZD88VGmXzXUGw5h33dvPJ6l7xi4.roa
File:                     ZD88VGmXzXUGw5h33dvPJ6l7xi4.roa (raw, json)
Hash identifier:          k7RJZvQUeeI7gP5vGxWkNG5+/kUv5y5NLdJBoc+cl/c=
Subject key identifier:   64:3F:3C:54:69:97:CD:75:06:C3:98:77:DD:DB:CF:27:A9:7B:C6:2E
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0187C2A4EEFD5D685F5984A64F24E371319D
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ZD88VGmXzXUGw5h33dvPJ6l7xi4.roa
Signing time:             Thu 27 Apr 2023 12:16:41 +0000
ROA not before:           Thu 27 Apr 2023 12:16:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30058
IP address blocks:        188.255.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 28 May 2023 17:59:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c2:a4:ee:fd:5d:68:5f:59:84:a6:4f:24:e3:71:31:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Apr 27 12:16:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=643f3c546997cd7506c39877dddbcf27a97bc62e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:3d:4e:91:2c:73:fa:05:97:3d:d8:3e:7f:d1:
                    b9:d2:47:1c:b0:70:18:23:6c:d1:a2:62:86:7f:22:
                    90:fa:c2:d6:85:63:4e:7d:62:99:ef:cd:a3:83:bb:
                    d3:2e:e8:d0:7f:92:6e:c8:d3:e8:dc:b7:57:b2:14:
                    b2:0d:80:ae:40:36:6f:a5:d9:d1:47:e6:08:0c:b3:
                    39:88:6f:15:eb:4c:78:be:0c:ae:b6:33:e6:f9:81:
                    78:8c:b7:3a:9c:e2:f7:23:97:96:a5:f4:98:5c:00:
                    a9:97:60:72:e4:01:4a:36:bd:69:a1:90:bd:57:25:
                    48:25:d7:12:fe:bf:5e:1c:bb:d7:07:8b:1b:65:03:
                    95:3c:3d:5c:6d:d3:d2:03:7c:0c:38:7d:b5:b6:18:
                    bf:4d:3b:de:f9:ff:3c:9a:cc:25:f5:3b:4f:18:6d:
                    c1:92:e3:a3:c0:84:ad:ed:bc:eb:a4:5a:32:8c:94:
                    85:4a:85:5a:dc:7d:58:51:01:62:42:49:d1:5b:ef:
                    e4:29:4b:80:64:68:74:0b:fb:9e:a4:a3:10:ac:65:
                    fd:d2:b1:1d:ea:3b:e5:8a:36:82:94:43:f2:bf:42:
                    0c:37:1f:f5:20:0c:55:48:7e:dd:ae:a4:bf:74:d8:
                    e6:f2:55:d2:df:3d:3f:38:4b:59:d2:20:7e:c5:c5:
                    f3:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:3F:3C:54:69:97:CD:75:06:C3:98:77:DD:DB:CF:27:A9:7B:C6:2E
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ZD88VGmXzXUGw5h33dvPJ6l7xi4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.255.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:0c:0d:74:17:1d:5a:20:b4:af:20:09:ff:7e:96:a0:e5:cf:
         e6:6e:69:52:8c:d6:a5:a6:1f:2b:8e:67:0d:d7:d1:cf:43:7c:
         4a:3e:18:03:5f:18:36:a3:e5:bc:c1:2a:24:e6:96:af:f9:a0:
         fa:74:66:de:07:b4:3e:50:5a:2a:4e:d2:35:49:60:ad:1d:e2:
         b3:15:bb:d1:f2:cd:89:43:f1:06:b0:3c:66:bf:1b:3f:a6:dd:
         10:79:f1:88:20:8e:99:e6:77:cb:60:fe:4c:4e:15:55:6e:21:
         41:4b:0b:09:ce:1f:af:0f:62:eb:36:f3:35:3e:4f:bf:2f:5a:
         67:c5:e4:0c:4e:74:a4:76:bc:68:0e:a9:b3:fd:98:eb:87:c9:
         05:a0:37:9e:df:a6:12:8e:76:83:92:2c:5e:da:e7:12:00:82:
         eb:93:f5:eb:07:c6:d2:31:76:c9:c2:7e:bc:bd:84:56:24:44:
         14:ec:cd:cc:b3:08:e5:26:95:ba:c9:74:74:74:7d:7a:b9:89:
         99:34:04:b2:44:9a:39:07:6e:f4:35:da:7b:d4:4c:2c:ce:47:
         4d:ec:34:bb:d2:1c:9b:61:90:4e:d9:b1:7c:15:8e:e8:1a:cd:
         fa:ce:76:c6:15:a1:3f:11:0d:cf:94:f2:4a:1d:69:14:ae:86:
         f7:ca:1e:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfCpO79XWhfWYSmTyTjcTGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDI3MTIxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDNmM2M1NDY5OTdjZDc1MDZjMzk4NzdkZGRiY2YyN2E5N2JjNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD1OkSxz+gWXPdg+f9G50kccsHAY
I2zRomKGfyKQ+sLWhWNOfWKZ782jg7vTLujQf5JuyNPo3LdXshSyDYCuQDZvpdnR
R+YIDLM5iG8V60x4vgyutjPm+YF4jLc6nOL3I5eWpfSYXACpl2By5AFKNr1poZC9
VyVIJdcS/r9eHLvXB4sbZQOVPD1cbdPSA3wMOH21thi/TTve+f88mswl9TtPGG3B
kuOjwISt7bzrpFoyjJSFSoVa3H1YUQFiQknRW+/kKUuAZGh0C/uepKMQrGX90rEd
6jvlijaClEPyv0IMNx/1IAxVSH7drqS/dNjm8lXS3z0/OEtZ0iB+xcXz6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQ/PFRpl811BsOYd93bzyepe8YuMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWkQ4OFZHbVh6WFVHdzVoMzNkdlBKNmw3eGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvP+MMA0G
CSqGSIb3DQEBCwUAA4IBAQA6DA10Fx1aILSvIAn/fpag5c/mbmlSjNalph8rjmcN
19HPQ3xKPhgDXxg2o+W8wSok5pav+aD6dGbeB7Q+UFoqTtI1SWCtHeKzFbvR8s2J
Q/EGsDxmvxs/pt0QefGIII6Z5nfLYP5MThVVbiFBSwsJzh+vD2LrNvM1Pk+/L1pn
xeQMTnSkdrxoDqmz/Zjrh8kFoDee36YSjnaDkixe2ucSAILrk/XrB8bSMXbJwn68
vYRWJEQU7M3MswjlJpW6yXR0dH16uYmZNASyRJo5B270Ndp71EwszkdN7DS70hyb
YZBO2bF8FY7oGs36znbGFaE/EQ3PlPJKHWkUrob3yh45
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org