Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/ZzifXHNZ5XBxDN-fjWCKBVaTeGM.roa
File:                     ZzifXHNZ5XBxDN-fjWCKBVaTeGM.roa (raw, json)
Hash identifier:          MFdroVvjl3XMFBLnSe/kT1IaJZ7NQTRarfSLExJq7IA=
Subject key identifier:   67:38:9F:5C:73:59:E5:70:71:0C:DF:9F:8D:60:8A:05:56:93:78:63
Certificate issuer:       /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial:       01856F14D1F44133EC659E8D15F523471A62
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/ZzifXHNZ5XBxDN-fjWCKBVaTeGM.roa
Signing time:             Sun 01 Jan 2023 20:45:13 +0000
ROA not before:           Sun 01 Jan 2023 20:45:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200473
IP address blocks:        185.82.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:d1:f4:41:33:ec:65:9e:8d:15:f5:23:47:1a:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
        Validity
            Not Before: Jan  1 20:45:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67389f5c7359e570710cdf9f8d608a0556937863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ec:fb:cf:fd:e5:93:d0:cd:cb:f6:fa:a3:b3:
                    cf:51:48:72:66:6e:69:46:c3:44:a4:70:cb:dd:eb:
                    cd:85:bc:88:2b:74:14:49:ae:7f:2d:00:eb:73:c4:
                    a6:d4:da:20:8a:f7:75:52:c9:69:71:2d:f0:43:f8:
                    38:35:5f:e1:ef:c2:83:d1:d3:ae:58:c1:25:59:26:
                    f1:9a:8d:fe:38:17:e1:07:49:4c:0a:6d:a8:4e:2c:
                    fc:a1:c4:bf:30:ab:4f:a9:c3:15:77:84:e8:7a:4d:
                    95:6f:2b:00:00:74:55:00:84:7e:d1:4e:b7:cd:96:
                    0c:bc:67:db:d7:d6:f4:5b:3f:17:3d:e8:f5:27:dd:
                    d9:1f:78:13:d5:f2:60:ad:dc:45:f2:e3:53:a1:7d:
                    e5:ce:0e:2c:c0:0d:fb:b3:b1:8d:88:94:f3:a0:94:
                    40:1c:90:3f:f0:6c:a9:e5:56:b2:24:ac:88:93:22:
                    0a:f8:8a:eb:be:ba:08:6a:c8:30:8d:ff:d1:df:f5:
                    6c:fb:bb:a1:c4:2e:ca:8e:7c:f6:15:55:a9:0e:13:
                    94:85:ff:93:9e:2e:24:a3:43:3a:3e:1b:09:7e:df:
                    4a:31:6a:90:31:cc:c6:6f:82:d0:de:b7:24:fd:89:
                    65:9c:39:34:68:21:cc:7c:0a:20:cb:61:76:3b:c1:
                    a5:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:38:9F:5C:73:59:E5:70:71:0C:DF:9F:8D:60:8A:05:56:93:78:63
            X509v3 Authority Key Identifier:
                keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/ZzifXHNZ5XBxDN-fjWCKBVaTeGM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.82.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:03:ce:6d:d5:cb:84:cb:da:66:91:e7:0b:72:bc:6f:c7:28:
         37:b5:42:21:d4:28:7e:c0:ed:fa:70:b3:5c:0b:37:32:fc:32:
         b6:05:df:1c:50:cd:9a:ed:40:a8:40:4b:3e:ea:79:07:a4:47:
         1b:45:77:29:9e:63:26:28:09:cc:75:80:94:c6:d2:d9:02:b3:
         0a:b7:ff:c4:d4:69:1f:f1:42:88:50:57:38:1f:af:fc:a6:7d:
         8c:de:f1:ba:01:cf:d2:77:c4:da:2d:9c:4e:1e:7e:9e:c5:9c:
         37:c0:3e:e8:9e:cd:6e:c8:95:2e:c5:aa:20:0d:68:dc:21:f2:
         6a:a9:62:af:c0:b1:7a:21:a1:70:22:61:1c:66:d2:cc:a4:62:
         07:ab:d2:12:70:cd:eb:3d:3c:b8:15:06:cf:80:5b:93:75:cf:
         7d:38:ee:b7:60:00:8d:09:6a:a6:6b:2d:d1:89:41:c1:53:1a:
         48:e2:00:ff:36:c4:a5:2b:7a:10:46:7b:b0:ba:96:f8:4b:88:
         4d:68:7a:f3:83:dc:00:a2:ed:7e:42:01:87:ab:2a:c5:41:bf:
         63:25:c7:33:94:5b:cc:43:21:4b:d8:91:31:9b:04:e9:a5:1a:
         8e:ef:c4:b9:0d:62:85:51:bd:f2:46:c0:68:bc:a4:bd:33:13:
         52:07:95:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNH0QTPsZZ6NFfUjRxpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjMwMTAxMjA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzM4OWY1YzczNTllNTcwNzEwY2RmOWY4ZDYwOGEwNTU2OTM3ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxez7z/3lk9DNy/b6o7PPUUhyZm5p
RsNEpHDL3evNhbyIK3QUSa5/LQDrc8Sm1Nogivd1UslpcS3wQ/g4NV/h78KD0dOu
WMElWSbxmo3+OBfhB0lMCm2oTiz8ocS/MKtPqcMVd4Toek2VbysAAHRVAIR+0U63
zZYMvGfb19b0Wz8XPej1J93ZH3gT1fJgrdxF8uNToX3lzg4swA37s7GNiJTzoJRA
HJA/8Gyp5VayJKyIkyIK+IrrvroIasgwjf/R3/Vs+7uhxC7Kjnz2FVWpDhOUhf+T
ni4ko0M6PhsJft9KMWqQMczGb4LQ3rck/YllnDk0aCHMfAogy2F2O8GlgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGc4n1xzWeVwcQzfn41gigVWk3hjMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvWnppZlhITlo1WEJ4RE4tZmpXQ0tCVmFUZUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVILMA0G
CSqGSIb3DQEBCwUAA4IBAQBYA85t1cuEy9pmkecLcrxvxyg3tUIh1Ch+wO36cLNc
Czcy/DK2Bd8cUM2a7UCoQEs+6nkHpEcbRXcpnmMmKAnMdYCUxtLZArMKt//E1Gkf
8UKIUFc4H6/8pn2M3vG6Ac/Sd8TaLZxOHn6exZw3wD7ons1uyJUuxaogDWjcIfJq
qWKvwLF6IaFwImEcZtLMpGIHq9IScM3rPTy4FQbPgFuTdc99OO63YACNCWqmay3R
iUHBUxpI4gD/NsSlK3oQRnuwupb4S4hNaHrzg9wAou1+QgGHqyrFQb9jJcczlFvM
QyFL2JExmwTppRqO78S5DWKFUb3yRsBovKS9MxNSB5Wf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org