Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/ZCc1JgUL1KBkt2oOfFf8L_VtN_8.roa
File:                     ZCc1JgUL1KBkt2oOfFf8L_VtN_8.roa (raw, json)
Hash identifier:          HPPuBBaN9JXMSU842gI8Hvv/q7fe6XwSCEy3YCLKh+M=
Subject key identifier:   64:27:35:26:05:0B:D4:A0:64:B7:6A:0E:7C:57:FC:2F:F5:6D:37:FF
Certificate issuer:       /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial:       01856F949D351BFA32F428E16BB64B114FAE
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/ZCc1JgUL1KBkt2oOfFf8L_VtN_8.roa
Signing time:             Sun 01 Jan 2023 23:04:48 +0000
ROA not before:           Sun 01 Jan 2023 23:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43641
IP address blocks:        37.16.75.0/24 maxlen: 24
                          91.202.4.0/23 maxlen: 24
                          31.42.176.0/23 maxlen: 24
                          2a11:6101::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:9d:35:1b:fa:32:f4:28:e1:6b:b6:4b:11:4f:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
        Validity
            Not Before: Jan  1 23:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64273526050bd4a064b76a0e7c57fc2ff56d37ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:06:c9:ad:2f:c1:d0:9d:98:dc:8a:aa:83:cc:
                    a2:6f:6e:c2:d3:bd:82:b0:1e:ef:8a:d9:05:f1:00:
                    e1:c1:17:1f:87:48:0a:a8:02:da:d7:6a:4b:c0:87:
                    bd:08:b1:c3:5c:9a:cf:60:dd:c6:00:ef:0b:2f:6a:
                    d3:13:a2:03:ff:5d:d6:40:2f:53:4a:5a:1f:34:10:
                    fe:35:48:e6:69:df:73:96:7b:c2:17:c0:98:67:ac:
                    08:fb:82:5a:e1:52:d9:7c:f2:cf:d6:7a:02:91:6f:
                    d5:2d:da:4e:7f:76:70:d8:36:5b:93:23:f4:d4:de:
                    48:5d:31:79:0e:e4:ca:3a:ce:5f:b0:bf:89:c3:e6:
                    7d:c8:20:31:21:94:18:6c:a5:5f:1e:b9:12:2d:4b:
                    a3:3e:86:4c:f1:54:a0:1e:61:91:91:fd:a6:0b:c9:
                    54:69:4b:86:6a:99:c9:44:c1:f2:38:cc:cb:72:fb:
                    54:60:0f:6d:e4:62:db:6e:dd:d2:c8:3e:97:b2:18:
                    ae:08:ac:d7:19:f5:07:73:57:4b:13:f9:0d:8f:d4:
                    d9:ab:ba:a0:35:fe:dc:b2:38:66:ec:ab:ca:3e:7b:
                    57:dd:e9:89:6e:4e:7c:a3:c6:c9:36:53:d2:57:4f:
                    dd:43:66:cd:c7:2f:5b:25:e0:d9:33:39:4f:0f:bd:
                    7b:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:27:35:26:05:0B:D4:A0:64:B7:6A:0E:7C:57:FC:2F:F5:6D:37:FF
            X509v3 Authority Key Identifier:
                keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/ZCc1JgUL1KBkt2oOfFf8L_VtN_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.176.0/23
                  37.16.75.0/24
                  91.202.4.0/23
                IPv6:
                  2a11:6101::/32

    Signature Algorithm: sha256WithRSAEncryption
         0f:30:1c:24:1d:5c:5b:6e:07:cf:9b:ad:3b:b5:53:ac:93:53:
         6c:82:cd:4b:2d:2c:f3:b1:32:d9:45:8f:69:64:04:2f:7e:ba:
         e6:a4:8f:87:48:ab:18:34:ac:0c:ca:57:6c:02:33:9f:3a:43:
         e9:0e:2b:41:1e:4a:4d:40:c4:43:0f:52:46:9f:ca:73:39:87:
         62:72:34:8c:32:83:b4:1a:63:3b:6c:d4:3e:db:50:f9:cb:3e:
         35:8e:89:97:ac:d2:5b:26:a6:fc:11:b0:db:be:1c:64:52:cd:
         08:f6:e6:ce:4d:c3:a2:41:68:f9:80:4c:33:97:4c:63:82:d0:
         2d:b1:02:c3:ae:0f:e7:f6:ce:e2:82:98:2c:48:06:eb:ba:45:
         19:43:3a:53:15:1a:7a:9d:44:f0:33:0c:96:23:04:2e:8d:5e:
         ee:c0:d9:a7:21:f2:5c:74:7c:c1:7f:6f:de:b1:f8:86:68:41:
         e9:27:27:4a:da:8c:7f:f7:6b:ab:b3:1d:f0:3e:04:50:16:03:
         e9:46:ad:d6:13:3a:b9:64:ab:1f:8e:4d:a4:b1:96:8e:cc:cd:
         94:19:96:66:b1:89:c1:87:ed:90:dd:62:e4:8e:f4:2c:a8:36:
         31:ea:29:91:c1:49:67:12:71:29:c7:60:a8:9c:f1:0e:98:7d:
         87:f4:44:93
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvlJ01G/oy9Cjha7ZLEU+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjMwMTAxMjMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDI3MzUyNjA1MGJkNGEwNjRiNzZhMGU3YzU3ZmMyZmY1NmQzN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgbJrS/B0J2Y3Iqqg8yib27C072C
sB7vitkF8QDhwRcfh0gKqALa12pLwIe9CLHDXJrPYN3GAO8LL2rTE6ID/13WQC9T
SlofNBD+NUjmad9zlnvCF8CYZ6wI+4Ja4VLZfPLP1noCkW/VLdpOf3Zw2DZbkyP0
1N5IXTF5DuTKOs5fsL+Jw+Z9yCAxIZQYbKVfHrkSLUujPoZM8VSgHmGRkf2mC8lU
aUuGapnJRMHyOMzLcvtUYA9t5GLbbt3SyD6XshiuCKzXGfUHc1dLE/kNj9TZq7qg
Nf7csjhm7KvKPntX3emJbk58o8bJNlPSV0/dQ2bNxy9bJeDZMzlPD717iQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGQnNSYFC9SgZLdqDnxX/C/1bTf/MB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvWkNjMUpnVUwxS0JrdDJvT2ZGZjhMX1Z0Tl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBHyqwAwQA
JRBLAwQBW8oEMA0EAgACMAcDBQAqEWEBMA0GCSqGSIb3DQEBCwUAA4IBAQAPMBwk
HVxbbgfPm607tVOsk1Nsgs1LLSzzsTLZRY9pZAQvfrrmpI+HSKsYNKwMyldsAjOf
OkPpDitBHkpNQMRDD1JGn8pzOYdicjSMMoO0GmM7bNQ+21D5yz41jomXrNJbJqb8
EbDbvhxkUs0I9ubOTcOiQWj5gEwzl0xjgtAtsQLDrg/n9s7igpgsSAbrukUZQzpT
FRp6nUTwMwyWIwQujV7uwNmnIfJcdHzBf2/esfiGaEHpJydK2ox/92ursx3wPgRQ
FgPpRq3WEzq5ZKsfjk2ksZaOzM2UGZZmsYnBh+2Q3WLkjvQsqDYx6imRwUlnEnEp
x2ConPEOmH2H9EST
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:07 2024 by rpki-client on console-fra.rpki-client.org