Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/cz6zmITQvAbZpcWpXEMArgpd6OQ.roa
File:                     cz6zmITQvAbZpcWpXEMArgpd6OQ.roa (raw, json)
Hash identifier:          M22+yscouV/FnTsUt9CfrndZEZHyp15oTiXhzrHnx74=
Subject key identifier:   73:3E:B3:98:84:D0:BC:06:D9:A5:C5:A9:5C:43:00:AE:0A:5D:E8:E4
Certificate issuer:       /CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Certificate serial:       018CC86F81217CBB9255E6B0062093B4E31E
Authority key identifier: 7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/cz6zmITQvAbZpcWpXEMArgpd6OQ.roa
Signing time:             Tue 02 Jan 2024 04:29:59 +0000
ROA not before:           Tue 02 Jan 2024 04:29:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201205
IP address blocks:        176.62.136.0/21 maxlen: 21
                          78.24.168.0/21 maxlen: 21
                          193.53.101.0/24 maxlen: 24
                          193.53.102.0/24 maxlen: 24
                          185.29.4.0/22 maxlen: 22
                          147.12.64.0/19 maxlen: 19
                          37.230.120.0/21 maxlen: 21
                          2a01:5c00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 19 Jan 2024 11:55:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:81:21:7c:bb:92:55:e6:b0:06:20:93:b4:e3:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
        Validity
            Not Before: Jan  2 04:29:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=733eb39884d0bc06d9a5c5a95c4300ae0a5de8e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:20:73:26:a9:4a:67:eb:5f:08:92:78:dc:11:
                    73:68:16:9c:af:2d:1e:d3:d3:05:cb:d9:1e:a7:ff:
                    80:fa:9e:7c:15:59:e9:b0:ec:d9:24:ff:05:e9:ce:
                    c6:c8:f2:8e:ba:6a:ba:82:2e:db:98:29:bc:65:32:
                    1a:20:34:7e:78:f2:d3:00:ee:56:db:81:80:5b:b0:
                    71:a3:4f:f9:26:68:50:b7:62:a1:a5:a0:27:48:c5:
                    a6:fe:be:bc:40:f8:54:62:6b:13:71:61:88:d9:aa:
                    71:8a:8d:12:8f:13:19:19:00:49:64:62:f1:fc:95:
                    56:bf:8c:80:f4:cc:72:85:49:55:93:a1:03:e7:08:
                    2e:ea:c4:da:36:5c:54:e0:0d:e4:e1:a9:5c:de:90:
                    d1:95:1e:77:b8:d7:0c:aa:fe:f7:0e:25:83:7a:8a:
                    91:a0:ea:72:04:e0:18:ea:67:39:43:f5:51:15:eb:
                    d7:24:10:ec:72:a6:a5:9c:4c:97:b5:fb:b7:96:41:
                    97:6e:6e:0b:71:b7:92:d0:dc:bb:3b:68:56:57:66:
                    08:0f:d8:96:3e:88:1e:9c:ce:7f:22:aa:32:90:f9:
                    31:23:ea:51:7f:33:d7:02:f9:c3:31:d8:08:12:16:
                    7b:4c:04:77:55:50:5e:1a:d5:6c:b9:d7:09:5d:e6:
                    3b:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:3E:B3:98:84:D0:BC:06:D9:A5:C5:A9:5C:43:00:AE:0A:5D:E8:E4
            X509v3 Authority Key Identifier:
                keyid:7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/cz6zmITQvAbZpcWpXEMArgpd6OQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/fQL6LFuiiSBF581Qpa39VNbbuMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.230.120.0/21
                  78.24.168.0/21
                  147.12.64.0/19
                  176.62.136.0/21
                  185.29.4.0/22
                  193.53.101.0-193.53.102.255
                IPv6:
                  2a01:5c00::/32

    Signature Algorithm: sha256WithRSAEncryption
         a2:dc:7d:1b:b4:23:b3:8f:74:cf:d8:43:9e:89:49:97:98:96:
         f2:6a:e7:46:0d:85:3b:31:6d:8b:36:d4:de:13:c8:d6:c6:41:
         f0:9c:3e:f4:c3:3e:53:fe:67:a5:0f:8f:1b:cb:45:a3:c3:6c:
         d1:69:83:17:fe:a7:ab:c0:99:9c:2d:b7:0e:49:5e:88:6a:d6:
         5f:58:3d:1a:b6:44:fc:93:47:a4:b6:46:6c:86:c9:d2:35:6e:
         80:0d:9c:99:50:f1:05:ea:a0:5d:ef:c9:14:b8:5b:47:7a:01:
         a4:ea:a7:c5:40:1a:0a:3f:b0:cb:70:03:01:51:9b:89:9f:e4:
         f4:92:df:2a:56:31:54:c8:7f:cb:a8:09:1f:4e:9f:a2:ae:15:
         93:c1:a8:41:f4:06:da:bf:d2:28:6d:53:e7:41:d6:cf:cb:11:
         17:20:9b:e7:52:c4:a3:46:96:a4:5f:0d:fb:5b:68:da:0e:79:
         35:97:f2:e1:51:85:0d:c8:cc:ff:73:bf:f0:57:15:b4:9c:1b:
         93:52:03:b6:82:0e:71:6d:0a:0c:e3:bc:9d:88:7f:8f:4d:c3:
         83:3d:55:9b:7d:df:b2:67:e0:bc:b1:8a:66:b4:47:9a:d9:f3:
         54:0d:88:7c:23:d5:eb:08:6b:a3:37:4c:d7:a7:13:04:d2:61:
         70:c0:71:d1
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzIb4EhfLuSVeawBiCTtOMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDJmYTJjNWJhMjg5MjA0NWU3Y2Q1MGE1YWRmZDU0ZDZk
YmI4YzIwHhcNMjQwMTAyMDQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzNlYjM5ODg0ZDBiYzA2ZDlhNWM1YTk1YzQzMDBhZTBhNWRlOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSBzJqlKZ+tfCJJ43BFzaBacry0e
09MFy9kep/+A+p58FVnpsOzZJP8F6c7GyPKOumq6gi7bmCm8ZTIaIDR+ePLTAO5W
24GAW7Bxo0/5JmhQt2KhpaAnSMWm/r68QPhUYmsTcWGI2apxio0SjxMZGQBJZGLx
/JVWv4yA9MxyhUlVk6ED5wgu6sTaNlxU4A3k4alc3pDRlR53uNcMqv73DiWDeoqR
oOpyBOAY6mc5Q/VRFevXJBDscqalnEyXtfu3lkGXbm4LcbeS0Ny7O2hWV2YID9iW
PogenM5/IqoykPkxI+pRfzPXAvnDMdgIEhZ7TAR3VVBeGtVsudcJXeY75QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFHM+s5iE0LwG2aXFqVxDAK4KXejkMB8GA1UdIwQY
MBaAFH0C+ixbookgRefNUKWt/VTW27jCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUt
ODEwMzlmM2NmM2ZkLzEvY3o2em1JVFF2QWJacGNXcFhFTUFyZ3BkNk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUtODEwMzlmM2NmM2Zk
LzEvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQDJeZ4AwQD
ThioAwQFkwxAAwQDsD6IAwQCuR0EMAwDBADBNWUDBADBNWYwDQQCAAIwBwMFACoB
XAAwDQYJKoZIhvcNAQELBQADggEBAKLcfRu0I7OPdM/YQ56JSZeYlvJq50YNhTsx
bYs21N4TyNbGQfCcPvTDPlP+Z6UPjxvLRaPDbNFpgxf+p6vAmZwttw5JXohq1l9Y
PRq2RPyTR6S2RmyGydI1boANnJlQ8QXqoF3vyRS4W0d6AaTqp8VAGgo/sMtwAwFR
m4mf5PSS3ypWMVTIf8uoCR9On6KuFZPBqEH0Btq/0ihtU+dB1s/LERcgm+dSxKNG
lqRfDftbaNoOeTWX8uFRhQ3IzP9zv/BXFbScG5NSA7aCDnFtCgzjvJ2If49Nw4M9
VZt937Jn4Lyxima0R5rZ81QNiHwj1esIa6M3TNenEwTSYXDAcdE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:06 2024 by rpki-client on console-ams.rpki-client.org