Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZX32EfMSDyVff0uMPbGynmlZRZM.roa
File:                     ZX32EfMSDyVff0uMPbGynmlZRZM.roa (raw, json)
Hash identifier:          +K9F9RIaDhHg84y1WDrx/A4786fWX8OmnSyI4jtNUFk=
Subject key identifier:   65:7D:F6:11:F3:12:0F:25:5F:7F:4B:8C:3D:B1:B2:9E:69:59:45:93
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       018CC41F5A8661946111F54B0E137A6D3B6C
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZX32EfMSDyVff0uMPbGynmlZRZM.roa
Signing time:             Mon 01 Jan 2024 08:23:58 +0000
ROA not before:           Mon 01 Jan 2024 08:23:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48359
IP address blocks:        185.239.1.0/24 maxlen: 24
                          89.42.44.0/22 maxlen: 22
                          45.94.214.0/24 maxlen: 24
                          45.94.215.0/24 maxlen: 24
                          89.46.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:03:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:1f:5a:86:61:94:61:11:f5:4b:0e:13:7a:6d:3b:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Jan  1 08:23:58 2024 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=657df611f3120f255f7f4b8c3db1b29e69594593
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:86:6c:8b:01:a3:44:aa:c0:23:06:8f:eb:2f:
                    85:11:0c:f5:d1:0d:ad:40:fe:a0:13:9c:78:6e:35:
                    b2:bc:a9:70:f8:0e:79:69:10:36:89:7b:a6:f2:90:
                    03:3b:f4:f7:f1:50:4f:47:21:99:ac:62:11:f1:36:
                    0e:e3:47:74:5a:f4:0a:76:3d:9a:62:99:5e:e0:c6:
                    31:0d:8c:4c:f5:da:cf:fb:e1:1b:aa:b2:3c:fa:b0:
                    b9:4d:b1:81:03:fa:a3:70:2c:b7:fd:d8:ba:bb:18:
                    61:ae:3f:f7:81:df:57:49:37:1c:26:df:c7:c8:be:
                    95:99:48:14:2a:3d:0e:4b:06:44:76:86:c0:dc:73:
                    34:69:21:af:21:c0:32:4e:6b:61:f1:54:1a:ef:a4:
                    54:1b:a3:e4:27:89:8d:0d:72:bf:6f:96:21:0b:89:
                    84:eb:18:55:dd:bf:7c:3a:5d:fd:a4:29:c1:55:c5:
                    6e:6c:29:95:d8:f3:9d:d6:c0:c9:e8:4e:56:3c:3c:
                    ad:ea:bb:19:1a:c1:e5:dd:3d:67:57:38:34:26:db:
                    a3:63:e1:87:a8:25:fc:0f:92:70:00:2b:96:53:25:
                    39:d2:ab:d8:86:49:34:8f:6f:9a:ca:99:4c:74:d6:
                    1a:e1:b8:1e:29:e9:37:72:66:c5:29:cb:e6:ec:ff:
                    ad:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:7D:F6:11:F3:12:0F:25:5F:7F:4B:8C:3D:B1:B2:9E:69:59:45:93
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZX32EfMSDyVff0uMPbGynmlZRZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.214.0/23
                  89.42.44.0/22
                  89.46.217.0/24
                  185.239.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:27:d9:0b:e9:15:dd:0b:85:5a:94:8d:b9:d3:5f:fd:c8:09:
         eb:cd:7f:cb:22:a1:9c:37:9b:6f:2b:b3:24:61:40:d4:45:cd:
         35:ee:ed:05:1a:b6:0e:9d:5f:6c:07:ef:5d:4a:28:dc:86:54:
         fb:b5:25:a6:95:18:6f:42:fd:14:8f:09:c9:a8:7b:f1:9e:24:
         fe:53:e3:c2:ae:8c:68:4b:54:e4:b0:5c:de:7f:6a:cf:02:d3:
         32:aa:f0:c1:92:e8:79:1b:63:08:dc:55:6d:b0:d3:d8:e4:86:
         8e:63:5d:12:0d:db:0f:fd:74:92:27:08:fd:0d:e6:f8:bd:c0:
         22:43:59:cd:69:49:55:b2:66:de:f0:40:02:c6:9b:16:e2:8d:
         6f:ad:aa:2d:de:2b:25:94:53:1f:b7:e3:81:a2:e2:d8:77:31:
         10:0e:70:72:6d:32:02:3e:17:9b:1e:f9:59:0a:2b:79:e2:93:
         b5:3d:01:9c:6b:07:42:d4:ca:a1:b6:bb:81:e4:cf:ea:74:82:
         29:23:1f:12:6c:38:92:71:28:4e:8c:03:d7:60:71:b0:4b:62:
         be:86:59:73:d0:86:42:d8:98:83:61:26:98:b0:79:ee:e8:77:
         b3:26:0e:ad:59:1c:80:81:33:11:b8:20:d7:ae:44:5c:48:9f:
         01:39:75:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEH1qGYZRhEfVLDhN6bTtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTAxMDgyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTdkZjYxMWYzMTIwZjI1NWY3ZjRiOGMzZGIxYjI5ZTY5NTk0NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoZsiwGjRKrAIwaP6y+FEQz10Q2t
QP6gE5x4bjWyvKlw+A55aRA2iXum8pADO/T38VBPRyGZrGIR8TYO40d0WvQKdj2a
Yple4MYxDYxM9drP++EbqrI8+rC5TbGBA/qjcCy3/di6uxhhrj/3gd9XSTccJt/H
yL6VmUgUKj0OSwZEdobA3HM0aSGvIcAyTmth8VQa76RUG6PkJ4mNDXK/b5YhC4mE
6xhV3b98Ol39pCnBVcVubCmV2POd1sDJ6E5WPDyt6rsZGsHl3T1nVzg0JtujY+GH
qCX8D5JwACuWUyU50qvYhkk0j2+ayplMdNYa4bgeKek3cmbFKcvm7P+tGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGV99hHzEg8lX39LjD2xsp5pWUWTMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvWlgzMkVmTVNEeVZmZjB1TVBiR3lubWxaUlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLV7WAwQC
WSosAwQAWS7ZAwQAue8BMA0GCSqGSIb3DQEBCwUAA4IBAQCqJ9kL6RXdC4ValI25
01/9yAnrzX/LIqGcN5tvK7MkYUDURc017u0FGrYOnV9sB+9dSijchlT7tSWmlRhv
Qv0UjwnJqHvxniT+U+PCroxoS1TksFzef2rPAtMyqvDBkuh5G2MI3FVtsNPY5IaO
Y10SDdsP/XSSJwj9Deb4vcAiQ1nNaUlVsmbe8EACxpsW4o1vraot3isllFMft+OB
ouLYdzEQDnBybTICPhebHvlZCit54pO1PQGcawdC1MqhtruB5M/qdIIpIx8SbDiS
cShOjAPXYHGwS2K+hllz0IZC2JiDYSaYsHnu6HezJg6tWRyAgTMRuCDXrkRcSJ8B
OXUd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org