Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/e6ac01-8bfb-4ef3-bfa7-e57440260be0/1/Z6QP2ThYlFkn9MS3uZ3afnQrBSU.roa
File:                     Z6QP2ThYlFkn9MS3uZ3afnQrBSU.roa (raw, json)
Hash identifier:          MrG4stqqoW4lKJzUjygpOw2LTVs2TW/5+77tkJvlhy4=
Subject key identifier:   67:A4:0F:D9:38:58:94:59:27:F4:C4:B7:B9:9D:DA:7E:74:2B:05:25
Certificate issuer:       /CN=1d157824c638c718a07b535e0d824cb24afc070c
Certificate serial:       018570C2AB888B753E37B0C10C858FB612AB
Authority key identifier: 1D:15:78:24:C6:38:C7:18:A0:7B:53:5E:0D:82:4C:B2:4A:FC:07:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRV4JMY4xxige1NeDYJMskr8Bww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/e6ac01-8bfb-4ef3-bfa7-e57440260be0/1/Z6QP2ThYlFkn9MS3uZ3afnQrBSU.roa
Signing time:             Mon 02 Jan 2023 04:34:44 +0000
ROA not before:           Mon 02 Jan 2023 04:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209472
IP address blocks:        88.218.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:c2:ab:88:8b:75:3e:37:b0:c1:0c:85:8f:b6:12:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d157824c638c718a07b535e0d824cb24afc070c
        Validity
            Not Before: Jan  2 04:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67a40fd93858945927f4c4b7b99dda7e742b0525
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5e:ac:3d:1f:f1:cd:50:8e:df:d7:29:7d:b9:
                    9a:45:84:f1:81:2b:b1:e6:62:3f:d7:6d:bf:ca:7b:
                    12:c5:46:7a:5a:f2:9c:09:3c:25:f5:5b:88:3c:60:
                    0b:75:b6:c7:46:dc:0d:9b:c8:a7:69:a9:97:77:f0:
                    db:c8:ac:2b:34:e5:74:cb:24:7b:af:a9:7b:8d:c9:
                    5a:52:f3:5f:67:41:b9:fe:48:2c:30:33:2e:c7:31:
                    db:75:02:c2:dd:c4:cf:54:64:7e:e7:a0:0f:a2:29:
                    20:f8:aa:ef:99:fc:c6:ea:3d:d9:0c:0d:61:fe:1d:
                    6a:05:de:28:f7:df:5b:1f:d9:83:5e:ef:30:13:3a:
                    8a:22:79:d9:85:e3:e7:79:0a:6b:6f:1d:52:36:15:
                    18:a7:0b:3f:dd:17:69:5b:bb:b3:70:c1:45:5d:f9:
                    4b:5f:80:68:63:c1:a6:8c:5e:01:79:63:63:56:e7:
                    ab:5f:4b:ad:65:eb:8a:57:ab:77:dd:3f:73:cd:07:
                    64:55:16:37:c7:7d:07:96:11:4d:5c:a9:ef:4e:26:
                    27:23:c1:ab:58:6c:bb:17:0a:49:e0:88:61:a6:e6:
                    91:d0:7e:7c:37:10:f3:27:14:91:b6:d7:1a:24:ab:
                    03:4f:72:3d:db:79:1f:0c:53:73:88:30:3e:3c:73:
                    ce:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A4:0F:D9:38:58:94:59:27:F4:C4:B7:B9:9D:DA:7E:74:2B:05:25
            X509v3 Authority Key Identifier:
                keyid:1D:15:78:24:C6:38:C7:18:A0:7B:53:5E:0D:82:4C:B2:4A:FC:07:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRV4JMY4xxige1NeDYJMskr8Bww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/e6ac01-8bfb-4ef3-bfa7-e57440260be0/1/Z6QP2ThYlFkn9MS3uZ3afnQrBSU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/e6ac01-8bfb-4ef3-bfa7-e57440260be0/1/HRV4JMY4xxige1NeDYJMskr8Bww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:12:55:64:92:a8:a1:26:0a:90:da:a0:49:87:46:9c:ab:1c:
         6f:28:c4:08:51:a2:fa:b1:69:e0:d0:39:c0:a6:26:99:d4:47:
         3d:59:ed:67:ee:6a:68:63:d1:d3:dc:4f:61:d9:77:1c:38:27:
         43:0d:06:94:cc:e1:4b:71:b5:05:5c:85:b1:63:af:9e:e1:f1:
         4e:ff:32:e3:31:c8:1a:63:56:31:43:c1:b8:9a:45:2d:bb:b9:
         91:79:ef:77:23:f5:5e:77:45:1f:15:c8:5a:eb:82:ac:31:f3:
         7e:96:5b:7e:e3:84:30:17:a1:b3:9c:e5:13:ab:47:fb:08:39:
         cf:a6:b8:68:89:e4:a7:dc:2e:80:3e:30:c0:10:24:a5:99:f0:
         47:17:ae:83:81:a0:9b:33:d0:ca:8b:8f:19:47:92:94:e9:62:
         39:43:81:55:3c:65:3d:c5:74:de:49:1a:fb:a0:bc:26:b3:b9:
         e0:a6:da:a2:5b:27:7e:82:28:cb:c6:42:48:6d:17:fb:03:4d:
         21:c0:3a:af:4d:e0:5d:15:a0:ef:72:bf:60:eb:99:db:f2:89:
         b3:39:d1:57:e9:29:dc:b3:bf:6a:9b:40:6b:46:0b:e5:8f:fa:
         a2:41:b0:08:1a:81:88:c7:32:00:fc:af:7a:24:6b:8e:2d:d3:
         d1:da:89:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwquIi3U+N7DBDIWPthKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTU3ODI0YzYzOGM3MThhMDdiNTM1ZTBkODI0Y2IyNGFm
YzA3MGMwHhcNMjMwMTAyMDQzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E0MGZkOTM4NTg5NDU5MjdmNGM0YjdiOTlkZGE3ZTc0MmIwNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV6sPR/xzVCO39cpfbmaRYTxgSux
5mI/122/ynsSxUZ6WvKcCTwl9VuIPGALdbbHRtwNm8inaamXd/DbyKwrNOV0yyR7
r6l7jclaUvNfZ0G5/kgsMDMuxzHbdQLC3cTPVGR+56APoikg+KrvmfzG6j3ZDA1h
/h1qBd4o999bH9mDXu8wEzqKInnZhePneQprbx1SNhUYpws/3RdpW7uzcMFFXflL
X4BoY8GmjF4BeWNjVuerX0utZeuKV6t33T9zzQdkVRY3x30HlhFNXKnvTiYnI8Gr
WGy7FwpJ4IhhpuaR0H58NxDzJxSRttcaJKsDT3I923kfDFNziDA+PHPO2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGekD9k4WJRZJ/TEt7md2n50KwUlMB8GA1UdIwQY
MBaAFB0VeCTGOMcYoHtTXg2CTLJK/AcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJWNEpNWTR4eGlnZTFOZURZSk1za3I4Qnd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lNmFjMDEtOGJmYi00ZWYzLWJmYTct
ZTU3NDQwMjYwYmUwLzEvWjZRUDJUaFlsRmtuOU1TM3VaM2FmblFyQlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9lNmFjMDEtOGJmYi00ZWYzLWJmYTctZTU3NDQwMjYwYmUw
LzEvSFJWNEpNWTR4eGlnZTFOZURZSk1za3I4Qnd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNrcMA0G
CSqGSIb3DQEBCwUAA4IBAQABElVkkqihJgqQ2qBJh0acqxxvKMQIUaL6sWng0DnA
piaZ1Ec9We1n7mpoY9HT3E9h2XccOCdDDQaUzOFLcbUFXIWxY6+e4fFO/zLjMcga
Y1YxQ8G4mkUtu7mRee93I/Ved0UfFcha64KsMfN+llt+44QwF6GznOUTq0f7CDnP
prhoieSn3C6APjDAECSlmfBHF66DgaCbM9DKi48ZR5KU6WI5Q4FVPGU9xXTeSRr7
oLwms7ngptqiWyd+gijLxkJIbRf7A00hwDqvTeBdFaDvcr9g65nb8omzOdFX6Snc
s79qm0BrRgvlj/qiQbAIGoGIxzIA/K96JGuOLdPR2ons
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:25 2024 by rpki-client on console-ams.rpki-client.org