Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/z4TZMB44Y15pPU-odOCt4z448Vs.roa
File:                     z4TZMB44Y15pPU-odOCt4z448Vs.roa (raw, json)
Hash identifier:          /X1TNoSQDNA3JzbSZYSiKJJU9AAfnCT/f3t5rvIpYMA=
Subject key identifier:   CF:84:D9:30:1E:38:63:5E:69:3D:4F:A8:74:E0:AD:E3:3E:38:F1:5B
Certificate issuer:       /CN=215a409d27b9a69346324004694da11beae02dbb
Certificate serial:       0187D864E4BBB323D774B1AC2F07B22340EE
Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/z4TZMB44Y15pPU-odOCt4z448Vs.roa
Signing time:             Mon 01 May 2023 17:38:23 +0000
ROA not before:           Mon 01 May 2023 17:38:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199577
IP address blocks:        185.134.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 May 2023 18:08:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d8:64:e4:bb:b3:23:d7:74:b1:ac:2f:07:b2:23:40:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=215a409d27b9a69346324004694da11beae02dbb
        Validity
            Not Before: May  1 17:38:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf84d9301e38635e693d4fa874e0ade33e38f15b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:9c:ab:62:f2:45:12:0a:63:d4:79:b8:63:0b:
                    6f:78:e5:a2:b6:82:b1:ae:4c:93:2c:b9:2e:99:0d:
                    43:17:c0:29:86:6b:6a:cb:79:a9:da:3a:36:22:26:
                    1e:36:26:6a:aa:7a:d6:8a:34:26:ae:3f:9e:65:fa:
                    14:97:b7:79:35:fd:3f:fe:c2:92:46:a8:ac:0c:a3:
                    10:9f:ad:24:44:c4:16:22:e1:80:d9:4e:7b:d7:e5:
                    07:9d:88:8d:cb:b4:fb:60:e4:b0:b9:f7:e2:90:d6:
                    b9:7e:97:31:2d:7b:49:a6:b7:09:c9:0a:97:14:88:
                    4b:26:16:76:58:95:ce:91:3c:b2:37:37:84:0d:95:
                    c3:23:ee:0f:a0:4f:57:d5:44:a9:d4:47:bf:02:09:
                    29:f3:a1:05:86:43:d4:c2:52:62:55:6c:cd:52:da:
                    01:1f:53:84:21:4e:80:f3:cc:1c:41:d2:15:9d:79:
                    c4:61:53:f6:4a:d7:f6:7f:bd:47:b6:d2:2d:b2:35:
                    cb:9c:b5:57:eb:76:ae:67:b5:08:3f:15:07:e2:0e:
                    fe:ae:2a:57:9d:75:22:d8:61:25:b5:b5:39:4c:af:
                    d1:47:6c:74:84:82:f6:06:dc:bc:cc:96:f9:b9:9d:
                    06:65:08:cb:4a:9d:8d:f5:fd:81:4b:34:91:59:67:
                    c4:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:84:D9:30:1E:38:63:5E:69:3D:4F:A8:74:E0:AD:E3:3E:38:F1:5B
            X509v3 Authority Key Identifier:
                keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/z4TZMB44Y15pPU-odOCt4z448Vs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.134.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:50:43:d1:e0:fb:5a:96:e6:33:a4:d8:b4:2b:61:9a:32:89:
         6f:41:12:9a:ec:13:0b:6a:7e:9d:ea:3d:f7:f0:e9:76:4e:b3:
         9f:7c:d7:a4:92:a5:c7:d6:31:65:5c:2e:f2:26:15:1a:e6:8b:
         f4:d0:c7:ea:70:44:c3:a9:7c:8f:11:40:a7:fb:b5:58:2d:a6:
         0a:c2:87:92:e9:3f:df:74:74:69:eb:a6:f0:d9:eb:c4:46:c3:
         bc:f6:84:e3:ae:f8:a9:cf:1b:81:ce:01:b8:ef:9b:3e:07:92:
         dd:ec:98:f7:fa:10:9b:77:85:35:7f:f0:d4:8c:94:e3:80:70:
         86:10:9a:82:6c:5f:55:b8:5a:df:e8:24:81:c4:32:fa:c3:53:
         da:ed:12:69:fa:69:a1:97:53:c8:2b:ba:7f:d0:5c:16:98:37:
         e4:00:76:26:b3:76:d8:27:5f:e5:5b:d1:4b:f1:87:b4:ee:c2:
         d7:0c:99:05:98:f9:18:2c:dd:ec:de:e1:c3:2e:8f:7f:48:d6:
         04:95:20:f1:21:d1:d3:3f:78:e3:3c:7e:f0:b6:b8:1d:a6:18:
         d9:8c:ad:88:15:3c:28:e7:18:70:4a:db:7f:de:63:6e:46:95:
         a4:64:b3:a1:90:9f:01:39:1a:76:62:c5:78:30:62:59:a2:33:
         2d:e8:95:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfYZOS7syPXdLGsLweyI0DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNWE0MDlkMjdiOWE2OTM0NjMyNDAwNDY5NGRhMTFiZWFl
MDJkYmIwHhcNMjMwNTAxMTczODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjg0ZDkzMDFlMzg2MzVlNjkzZDRmYTg3NGUwYWRlMzNlMzhmMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpyrYvJFEgpj1Hm4YwtveOWitoKx
rkyTLLkumQ1DF8Aphmtqy3mp2jo2IiYeNiZqqnrWijQmrj+eZfoUl7d5Nf0//sKS
RqisDKMQn60kRMQWIuGA2U571+UHnYiNy7T7YOSwuffikNa5fpcxLXtJprcJyQqX
FIhLJhZ2WJXOkTyyNzeEDZXDI+4PoE9X1USp1Ee/Agkp86EFhkPUwlJiVWzNUtoB
H1OEIU6A88wcQdIVnXnEYVP2Stf2f71HttItsjXLnLVX63auZ7UIPxUH4g7+ripX
nXUi2GEltbU5TK/RR2x0hIL2Bty8zJb5uZ0GZQjLSp2N9f2BSzSRWWfEgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+E2TAeOGNeaT1PqHTgreM+OPFbMB8GA1UdIwQY
MBaAFCFaQJ0nuaaTRjJABGlNoRvq4C27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2Ut
OThkMmZlZTBmODdhLzEvejRUWk1CNDRZMTVwUFUtb2RPQ3Q0ejQ0OFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2UtOThkMmZlZTBmODdh
LzEvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYawMA0G
CSqGSIb3DQEBCwUAA4IBAQBlUEPR4PtaluYzpNi0K2GaMolvQRKa7BMLan6d6j33
8Ol2TrOffNekkqXH1jFlXC7yJhUa5ov00MfqcETDqXyPEUCn+7VYLaYKwoeS6T/f
dHRp66bw2evERsO89oTjrvipzxuBzgG475s+B5Ld7Jj3+hCbd4U1f/DUjJTjgHCG
EJqCbF9VuFrf6CSBxDL6w1Pa7RJp+mmhl1PIK7p/0FwWmDfkAHYms3bYJ1/lW9FL
8Ye07sLXDJkFmPkYLN3s3uHDLo9/SNYElSDxIdHTP3jjPH7wtrgdphjZjK2IFTwo
5xhwStt/3mNuRpWkZLOhkJ8BORp2YsV4MGJZojMt6JV0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org