Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/772fea-4715-4010-8c1e-dee66a35506c/1/zybXS8-fnfBnyTvYFw_ba7VbteY.roa
File:                     zybXS8-fnfBnyTvYFw_ba7VbteY.roa (raw, json)
Hash identifier:          5GUmYeXmd64tfCOIn48VB1u1isIiF+aKk5FZw6UqNjU=
Subject key identifier:   CF:26:D7:4B:CF:9F:9D:F0:67:C9:3B:D8:17:0F:DB:6B:B5:5B:B5:E6
Certificate issuer:       /CN=29d950bc184557bf504cf2b7c94a7dcec0876d66
Certificate serial:       018AD5801CEB05819CC25906D223225200BE
Authority key identifier: 29:D9:50:BC:18:45:57:BF:50:4C:F2:B7:C9:4A:7D:CE:C0:87:6D:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdlQvBhFV79QTPK3yUp9zsCHbWY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/772fea-4715-4010-8c1e-dee66a35506c/1/zybXS8-fnfBnyTvYFw_ba7VbteY.roa
Signing time:             Wed 27 Sep 2023 07:17:37 +0000
ROA not before:           Wed 27 Sep 2023 07:17:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15907
IP address blocks:        185.114.188.0/22 maxlen: 22
                          2a06:7140::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d5:80:1c:eb:05:81:9c:c2:59:06:d2:23:22:52:00:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d950bc184557bf504cf2b7c94a7dcec0876d66
        Validity
            Not Before: Sep 27 07:17:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf26d74bcf9f9df067c93bd8170fdb6bb55bb5e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:05:e9:ce:1b:a2:96:d0:af:86:6a:54:ff:48:
                    04:d0:2a:f6:8e:40:3a:b1:35:8a:35:0e:2c:23:10:
                    4a:27:90:81:ad:cf:66:92:db:58:95:82:f3:0c:fb:
                    25:9a:c5:e4:6b:98:74:b6:53:87:b3:2f:33:29:e5:
                    2a:6e:9b:49:38:b2:ab:a0:62:17:88:49:b8:88:c0:
                    b0:43:34:d4:b4:1f:d2:74:06:f0:3d:88:14:1c:db:
                    57:fd:06:86:a3:5c:ff:70:15:c3:a1:af:27:de:7b:
                    ae:c9:dc:d2:21:be:1c:cc:7a:11:e3:c8:09:84:ba:
                    38:d4:92:c7:14:78:e6:5e:69:23:1c:74:a1:03:d6:
                    45:1a:4b:b0:e4:6c:64:ff:7d:1d:47:b0:a8:35:1f:
                    d9:73:05:bb:ba:ef:44:26:ad:da:d8:b5:52:e6:6f:
                    b2:17:c5:6b:9f:46:d6:d2:47:fe:62:3d:eb:e9:13:
                    63:d4:de:1f:18:e3:92:91:e9:19:34:5c:0a:22:fb:
                    84:f5:41:52:c4:82:ea:e9:8b:31:89:b1:d9:27:53:
                    45:3c:f7:81:5f:b9:0c:3b:66:01:38:6f:fd:d6:3f:
                    5f:9c:75:3e:88:18:61:4d:80:e3:09:03:70:10:e2:
                    55:fa:a5:f5:00:9d:0f:ac:ec:d9:08:d7:a0:a7:1f:
                    f6:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:26:D7:4B:CF:9F:9D:F0:67:C9:3B:D8:17:0F:DB:6B:B5:5B:B5:E6
            X509v3 Authority Key Identifier:
                keyid:29:D9:50:BC:18:45:57:BF:50:4C:F2:B7:C9:4A:7D:CE:C0:87:6D:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdlQvBhFV79QTPK3yUp9zsCHbWY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/772fea-4715-4010-8c1e-dee66a35506c/1/zybXS8-fnfBnyTvYFw_ba7VbteY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/772fea-4715-4010-8c1e-dee66a35506c/1/KdlQvBhFV79QTPK3yUp9zsCHbWY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.114.188.0/22
                IPv6:
                  2a06:7140::/29

    Signature Algorithm: sha256WithRSAEncryption
         8a:78:ee:1e:01:f3:b7:55:dc:73:1b:ac:66:cd:f4:10:0c:78:
         85:b9:f3:1d:33:cf:dc:4a:85:78:ae:50:04:32:0f:ab:60:95:
         e2:0b:c9:74:31:3b:a0:c5:6e:fd:34:c8:34:d7:48:57:ef:ac:
         dd:84:2d:49:a9:4d:ab:28:d1:d6:30:dd:1c:48:5b:5c:c0:5e:
         77:61:b4:52:77:dc:49:01:e7:68:69:80:f1:60:0a:fb:a0:53:
         6b:dd:65:26:b1:31:eb:94:87:01:09:1d:a3:65:9a:ad:b3:57:
         3c:fc:85:f4:b7:08:df:3a:84:fd:cd:54:4e:a7:dd:de:62:b0:
         7f:c4:d4:ff:a2:81:6b:02:30:f9:c3:4e:71:75:69:71:3b:a7:
         5b:59:bd:3e:6a:a4:2f:a0:55:68:5e:1a:81:59:f4:d1:46:e0:
         1e:92:3e:91:82:f0:1b:51:c0:71:f3:00:36:95:20:69:ab:8d:
         17:1f:8d:8a:d7:a0:ab:30:3a:36:6b:65:cf:a8:d5:5a:32:3f:
         33:a8:3e:7e:f2:3e:76:6b:24:c8:6f:6c:aa:d6:01:75:55:d8:
         f1:30:0f:d1:b3:82:76:74:30:3e:21:d1:30:e0:0e:67:de:35:
         2e:61:b7:4e:55:38:c6:dd:43:1c:4c:b9:fb:05:69:42:10:88:
         f8:bb:ec:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrVgBzrBYGcwlkG0iMiUgC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDk1MGJjMTg0NTU3YmY1MDRjZjJiN2M5NGE3ZGNlYzA4
NzZkNjYwHhcNMjMwOTI3MDcxNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjI2ZDc0YmNmOWY5ZGYwNjdjOTNiZDgxNzBmZGI2YmI1NWJiNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQXpzhuiltCvhmpU/0gE0Cr2jkA6
sTWKNQ4sIxBKJ5CBrc9mkttYlYLzDPslmsXka5h0tlOHsy8zKeUqbptJOLKroGIX
iEm4iMCwQzTUtB/SdAbwPYgUHNtX/QaGo1z/cBXDoa8n3nuuydzSIb4czHoR48gJ
hLo41JLHFHjmXmkjHHShA9ZFGkuw5Gxk/30dR7CoNR/ZcwW7uu9EJq3a2LVS5m+y
F8Vrn0bW0kf+Yj3r6RNj1N4fGOOSkekZNFwKIvuE9UFSxILq6YsxibHZJ1NFPPeB
X7kMO2YBOG/91j9fnHU+iBhhTYDjCQNwEOJV+qX1AJ0PrOzZCNegpx/2RwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM8m10vPn53wZ8k72BcP22u1W7XmMB8GA1UdIwQY
MBaAFCnZULwYRVe/UEzyt8lKfc7Ah21mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RsUXZCaEZWNzlRVFBLM3lVcDl6c0NIYldZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83NzJmZWEtNDcxNS00MDEwLThjMWUt
ZGVlNjZhMzU1MDZjLzEvenliWFM4LWZuZkJueVR2WUZ3X2JhN1ZidGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83NzJmZWEtNDcxNS00MDEwLThjMWUtZGVlNjZhMzU1MDZj
LzEvS2RsUXZCaEZWNzlRVFBLM3lVcDl6c0NIYldZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXK8MA0E
AgACMAcDBQMqBnFAMA0GCSqGSIb3DQEBCwUAA4IBAQCKeO4eAfO3VdxzG6xmzfQQ
DHiFufMdM8/cSoV4rlAEMg+rYJXiC8l0MTugxW79NMg010hX76zdhC1JqU2rKNHW
MN0cSFtcwF53YbRSd9xJAedoaYDxYAr7oFNr3WUmsTHrlIcBCR2jZZqts1c8/IX0
twjfOoT9zVROp93eYrB/xNT/ooFrAjD5w05xdWlxO6dbWb0+aqQvoFVoXhqBWfTR
RuAekj6RgvAbUcBx8wA2lSBpq40XH42K16CrMDo2a2XPqNVaMj8zqD5+8j52ayTI
b2yq1gF1VdjxMA/Rs4J2dDA+IdEw4A5n3jUuYbdOVTjG3UMcTLn7BWlCEIj4u+wW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:03 2024 by rpki-client on console-ams.rpki-client.org