Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/zhFqGf0vnOpUIHdPLtDauSifXtU.roa
File:                     zhFqGf0vnOpUIHdPLtDauSifXtU.roa (raw, json)
Hash identifier:          RR7Rior4uaKgj8Zx067RuE2qi0fo7EeiGiXVoN0WezA=
Subject key identifier:   CE:11:6A:19:FD:2F:9C:EA:54:20:77:4F:2E:D0:DA:B9:28:9F:5E:D5
Certificate issuer:       /CN=3b305f97a26f31d8006059fb3ab19eacfb783455
Certificate serial:       0185A4735ED4EFA6AE7933B8EAD928B8BA97
Authority key identifier: 3B:30:5F:97:A2:6F:31:D8:00:60:59:FB:3A:B1:9E:AC:FB:78:34:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/zhFqGf0vnOpUIHdPLtDauSifXtU.roa
Signing time:             Thu 12 Jan 2023 05:28:22 +0000
ROA not before:           Thu 12 Jan 2023 05:28:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44941
IP address blocks:        83.142.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Jan 2023 06:23:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a4:73:5e:d4:ef:a6:ae:79:33:b8:ea:d9:28:b8:ba:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b305f97a26f31d8006059fb3ab19eacfb783455
        Validity
            Not Before: Jan 12 05:28:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ce116a19fd2f9cea5420774f2ed0dab9289f5ed5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:fc:2b:f8:0c:09:02:cc:6e:f9:1b:8a:21:ff:
                    00:7b:b7:97:b3:c4:97:9d:97:db:b5:d5:3f:af:8e:
                    2e:c0:4e:20:cf:b8:6e:fd:d8:1e:0a:01:82:b8:1f:
                    0a:3a:c3:58:82:4d:7d:8a:05:33:c9:37:cc:ba:65:
                    9c:44:78:fd:6a:d9:40:41:b0:33:f4:f2:c9:99:22:
                    e3:7a:85:9f:39:97:d6:86:c7:5b:38:1b:1d:89:6a:
                    a7:fd:55:fb:7f:b9:0b:20:50:19:1b:67:ca:9c:dd:
                    bb:f1:00:73:a5:e0:0e:12:fc:90:e2:81:05:9b:70:
                    2b:93:f1:6f:26:04:30:e8:b0:7a:5e:d3:ff:c7:01:
                    5a:86:b6:57:94:df:dd:1c:0e:d8:c9:c6:94:2c:bc:
                    15:25:13:cd:ed:0b:fc:39:a2:3b:9b:f4:bd:55:c9:
                    08:24:9c:8d:bc:0c:db:16:ed:86:02:4c:0c:ae:06:
                    b0:3f:75:f7:2c:cc:35:ee:b8:9b:ec:4f:20:08:91:
                    96:83:a0:98:e3:28:84:dd:5c:e6:08:dd:41:c9:b0:
                    8a:58:0a:a9:c1:fb:32:01:8a:02:af:7e:8e:ec:e8:
                    b9:f2:17:f2:8b:27:32:a0:2b:d0:ad:a6:12:f6:76:
                    50:a1:12:75:c3:85:9a:68:df:b9:46:29:f8:88:88:
                    6a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:11:6A:19:FD:2F:9C:EA:54:20:77:4F:2E:D0:DA:B9:28:9F:5E:D5
            X509v3 Authority Key Identifier:
                keyid:3B:30:5F:97:A2:6F:31:D8:00:60:59:FB:3A:B1:9E:AC:FB:78:34:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzBfl6JvMdgAYFn7OrGerPt4NFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/zhFqGf0vnOpUIHdPLtDauSifXtU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1aa951-6c48-493d-ad89-58b9b0c2440b/1/OzBfl6JvMdgAYFn7OrGerPt4NFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.142.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:92:6a:dc:6d:bc:25:55:2c:e3:1b:95:4f:5b:4b:f2:59:aa:
         b0:72:32:c1:bd:ae:e8:a0:47:62:a7:e0:b9:6b:a8:e7:c7:4e:
         79:0b:76:db:4a:45:55:51:ac:7a:df:83:25:16:ff:f5:1f:bc:
         e6:2d:85:a3:7b:4e:b3:fa:df:de:3b:b6:d1:0f:4c:6e:d6:b4:
         e6:3a:0b:24:a6:48:c1:c9:fc:4b:86:24:da:99:7a:67:22:50:
         50:2d:9a:2c:ae:6a:3b:9b:f9:de:d9:4a:2e:54:2e:7d:d6:90:
         f9:3d:53:5c:55:20:b6:3f:cb:3a:e6:c0:b1:bb:a4:e0:99:57:
         4f:8f:71:ad:a5:65:86:fc:c7:80:83:dd:13:14:eb:27:3c:44:
         58:08:ee:d8:f5:ac:b3:51:fc:f9:81:44:56:d5:31:8c:8b:35:
         8c:9b:26:60:4d:d5:d7:47:b2:64:a0:4a:a7:66:91:f8:c9:05:
         82:63:5c:ce:22:93:0a:ec:0e:c1:bb:2c:08:9a:ac:69:5c:ed:
         cb:07:37:eb:22:52:0e:dd:b7:fc:85:ae:18:2c:a0:a7:16:29:
         d9:a1:96:2d:08:6b:7d:00:c1:8b:f1:74:87:95:20:a8:84:90:
         48:33:a7:3a:e8:7a:21:d8:e7:d8:e9:e7:b0:cd:be:f2:fe:93:
         f8:f0:52:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWkc17U76aueTO46tkouLqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzA1Zjk3YTI2ZjMxZDgwMDYwNTlmYjNhYjE5ZWFjZmI3
ODM0NTUwHhcNMjMwMTEyMDUyODIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTExNmExOWZkMmY5Y2VhNTQyMDc3NGYyZWQwZGFiOTI4OWY1ZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvwr+AwJAsxu+RuKIf8Ae7eXs8SX
nZfbtdU/r44uwE4gz7hu/dgeCgGCuB8KOsNYgk19igUzyTfMumWcRHj9atlAQbAz
9PLJmSLjeoWfOZfWhsdbOBsdiWqn/VX7f7kLIFAZG2fKnN278QBzpeAOEvyQ4oEF
m3Ark/FvJgQw6LB6XtP/xwFahrZXlN/dHA7YycaULLwVJRPN7Qv8OaI7m/S9VckI
JJyNvAzbFu2GAkwMrgawP3X3LMw17rib7E8gCJGWg6CY4yiE3VzmCN1BybCKWAqp
wfsyAYoCr36O7Oi58hfyiycyoCvQraYS9nZQoRJ1w4WaaN+5Rin4iIhqQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4Rahn9L5zqVCB3Ty7Q2rkon17VMB8GA1UdIwQY
MBaAFDswX5eibzHYAGBZ+zqxnqz7eDRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xYWE5NTEtNmM0OC00OTNkLWFkODkt
NThiOWIwYzI0NDBiLzEvemhGcUdmMHZuT3BVSUhkUEx0RGF1U2lmWHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xYWE5NTEtNmM0OC00OTNkLWFkODktNThiOWIwYzI0NDBi
LzEvT3pCZmw2SnZNZGdBWUZuN09yR2VyUHQ0TkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU44IMA0G
CSqGSIb3DQEBCwUAA4IBAQAwkmrcbbwlVSzjG5VPW0vyWaqwcjLBva7ooEdip+C5
a6jnx055C3bbSkVVUax634MlFv/1H7zmLYWje06z+t/eO7bRD0xu1rTmOgskpkjB
yfxLhiTamXpnIlBQLZosrmo7m/ne2UouVC591pD5PVNcVSC2P8s65sCxu6TgmVdP
j3GtpWWG/MeAg90TFOsnPERYCO7Y9ayzUfz5gURW1TGMizWMmyZgTdXXR7JkoEqn
ZpH4yQWCY1zOIpMK7A7BuywImqxpXO3LBzfrIlIO3bf8ha4YLKCnFinZoZYtCGt9
AMGL8XSHlSCohJBIM6c66Hoh2OfY6eewzb7y/pP48FKV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:44 2024 by rpki-client on console-fra.rpki-client.org