Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/AzXD3Tun7nQgxZMO0qGx0lrZ9fc.roa
File:                     AzXD3Tun7nQgxZMO0qGx0lrZ9fc.roa (raw, json)
Hash identifier:          ov926gEa4VfKqjFIsMw4tZiixDHLTahzsajCIVN2Ejc=
Subject key identifier:   03:35:C3:DD:3B:A7:EE:74:20:C5:93:0E:D2:A1:B1:D2:5A:D9:F5:F7
Certificate issuer:       /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial:       01856E38A2C7BDE0628A26A52D2F9D85B6E8
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/AzXD3Tun7nQgxZMO0qGx0lrZ9fc.roa
Signing time:             Sun 01 Jan 2023 16:44:43 +0000
ROA not before:           Sun 01 Jan 2023 16:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199431
IP address blocks:        94.247.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:38:a2:c7:bd:e0:62:8a:26:a5:2d:2f:9d:85:b6:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
        Validity
            Not Before: Jan  1 16:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0335c3dd3ba7ee7420c5930ed2a1b1d25ad9f5f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:9c:bf:79:f0:ed:9c:d0:01:bc:8c:86:f5:36:
                    28:b3:ee:ff:9a:c7:8a:90:b0:92:d5:6a:66:1f:da:
                    d3:de:4c:d8:03:20:9f:48:1d:d9:8d:0c:02:e1:34:
                    cf:c7:ca:5b:10:3f:51:21:16:46:82:ff:07:53:80:
                    c7:5d:3c:b1:60:6a:36:65:e4:c0:1e:63:37:32:4a:
                    16:d4:7c:cc:a0:8b:af:30:fd:5d:11:b5:3b:84:18:
                    8b:fc:b3:5a:98:d5:a5:8b:00:d2:b3:df:5b:12:b2:
                    62:63:c2:2e:10:eb:be:0a:58:f6:b7:ef:24:a8:8f:
                    c6:77:8e:aa:eb:5b:f2:2b:b2:a6:4a:f9:e0:85:73:
                    39:0a:b2:bc:a4:c5:9b:34:33:cf:3d:f6:ef:34:e8:
                    21:8f:35:ce:bc:7c:df:ba:0e:39:d1:8c:c3:2b:80:
                    13:aa:69:31:0b:65:60:f9:4d:f3:40:83:29:b5:37:
                    47:b2:3a:66:6b:ae:c0:70:e3:13:c7:d1:2d:bd:01:
                    67:c5:f4:77:58:26:19:f0:31:3a:c1:e4:df:7f:ca:
                    93:64:b1:dd:23:bd:4b:cf:fc:e4:f4:43:f6:22:e2:
                    6e:12:1e:5f:53:e9:ef:9e:25:11:ba:0b:87:35:eb:
                    8e:09:14:f7:71:a1:86:b9:89:4a:91:24:7b:fd:65:
                    4b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:35:C3:DD:3B:A7:EE:74:20:C5:93:0E:D2:A1:B1:D2:5A:D9:F5:F7
            X509v3 Authority Key Identifier:
                keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/AzXD3Tun7nQgxZMO0qGx0lrZ9fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.247.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:42:77:45:bf:c7:36:80:22:1c:ef:2d:e9:35:e8:29:4a:50:
         16:44:ba:27:d6:fe:6c:1f:47:81:ef:23:3c:d5:b3:60:a2:7f:
         b1:54:43:d3:0b:7b:0a:b3:3a:05:c5:1b:b0:db:11:3e:c4:91:
         a2:bc:dc:6e:61:88:5c:1f:cd:37:38:8d:0d:fd:a3:8d:92:45:
         d8:8d:2e:f2:a0:b8:8e:26:7b:08:33:83:95:92:ca:cf:32:60:
         8e:6c:c8:a6:11:78:a4:73:a6:8e:c1:64:e7:38:91:83:d4:75:
         2c:15:08:51:a3:9a:fd:93:d9:e4:e5:bd:b7:51:89:ae:5f:fa:
         33:9e:61:c1:f3:06:68:42:25:a9:f8:6c:d6:37:bf:75:fd:41:
         86:a8:32:37:4c:99:94:17:df:86:7a:d3:a9:b3:3a:04:60:72:
         95:15:66:a2:2e:97:10:1c:e2:50:ed:66:d2:10:5a:f9:f8:c8:
         9e:e3:4a:14:ae:25:7a:b6:49:e4:74:fc:42:d6:3a:7e:79:dd:
         46:6e:b5:17:d3:13:ae:10:02:2b:d8:5b:b9:72:7b:6c:ae:3e:
         30:dd:ba:8e:50:84:b7:c1:96:4d:78:8e:c1:e4:fa:89:96:f1:
         6c:ea:6c:cf:77:71:1d:f6:7c:3e:01:d9:ba:0c:c8:74:fd:67:
         35:2a:c0:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOKLHveBiiialLS+dhbboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjMwMTAxMTY0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM1YzNkZDNiYTdlZTc0MjBjNTkzMGVkMmExYjFkMjVhZDlmNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJy/efDtnNABvIyG9TYos+7/mseK
kLCS1WpmH9rT3kzYAyCfSB3ZjQwC4TTPx8pbED9RIRZGgv8HU4DHXTyxYGo2ZeTA
HmM3MkoW1HzMoIuvMP1dEbU7hBiL/LNamNWliwDSs99bErJiY8IuEOu+Clj2t+8k
qI/Gd46q61vyK7KmSvnghXM5CrK8pMWbNDPPPfbvNOghjzXOvHzfug450YzDK4AT
qmkxC2Vg+U3zQIMptTdHsjpma67AcOMTx9EtvQFnxfR3WCYZ8DE6weTff8qTZLHd
I71Lz/zk9EP2IuJuEh5fU+nvniURuguHNeuOCRT3caGGuYlKkSR7/WVLIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAM1w907p+50IMWTDtKhsdJa2fX3MB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvQXpYRDNUdW43blFneFpNTzBxR3gwbHJaOWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXvflMA0G
CSqGSIb3DQEBCwUAA4IBAQB3QndFv8c2gCIc7y3pNegpSlAWRLon1v5sH0eB7yM8
1bNgon+xVEPTC3sKszoFxRuw2xE+xJGivNxuYYhcH803OI0N/aONkkXYjS7yoLiO
JnsIM4OVksrPMmCObMimEXikc6aOwWTnOJGD1HUsFQhRo5r9k9nk5b23UYmuX/oz
nmHB8wZoQiWp+GzWN791/UGGqDI3TJmUF9+GetOpszoEYHKVFWaiLpcQHOJQ7WbS
EFr5+Mie40oUriV6tknkdPxC1jp+ed1GbrUX0xOuEAIr2Fu5cntsrj4w3bqOUIS3
wZZNeI7B5PqJlvFs6mzPd3Ed9nw+Adm6DMh0/Wc1KsA1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:35 2024 by rpki-client on console-fra.rpki-client.org