Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/zVDr0nCB35nFkvKDVrhXPv4Qqtc.roa
File:                     zVDr0nCB35nFkvKDVrhXPv4Qqtc.roa (raw, json)
Hash identifier:          ZRkmJbaPPtc7doTHpCaDhNuVD16Dycj4P1D3RW/+B50=
Subject key identifier:   CD:50:EB:D2:70:81:DF:99:C5:92:F2:83:56:B8:57:3E:FE:10:AA:D7
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018EC46E16E0E452B760271E2BBE32A7A53D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/zVDr0nCB35nFkvKDVrhXPv4Qqtc.roa
Signing time:             Tue 09 Apr 2024 19:55:32 +0000
ROA not before:           Tue 09 Apr 2024 19:55:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        31.41.253.0/24 maxlen: 24
                          45.87.124.0/24 maxlen: 24
                          45.87.125.0/24 maxlen: 24
                          45.87.127.0/24 maxlen: 24
                          45.128.124.0/24 maxlen: 24
                          45.128.128.0/24 maxlen: 24
                          62.3.31.0/24 maxlen: 24
                          77.72.84.0/24 maxlen: 24
                          84.252.69.0/24 maxlen: 24
                          88.218.184.0/24 maxlen: 24
                          88.218.185.0/24 maxlen: 24
                          88.218.186.0/24 maxlen: 24
                          88.218.187.0/24 maxlen: 24
                          91.190.158.0/24 maxlen: 24
                          91.209.31.0/24 maxlen: 24
                          91.239.212.0/24 maxlen: 24
                          91.239.213.0/24 maxlen: 24
                          146.19.120.0/24 maxlen: 24
                          146.255.186.0/24 maxlen: 24
                          176.126.102.0/24 maxlen: 24
                          185.128.224.0/24 maxlen: 24
                          185.211.171.0/24 maxlen: 24
                          185.214.164.0/24 maxlen: 24
                          193.228.129.0/24 maxlen: 24
                          194.59.222.0/24 maxlen: 24
                          194.60.76.0/24 maxlen: 24
                          195.64.103.0/24 maxlen: 24
                          212.107.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 19:33:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:c4:6e:16:e0:e4:52:b7:60:27:1e:2b:be:32:a7:a5:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Apr  9 19:55:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cd50ebd27081df99c592f28356b8573efe10aad7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:bd:40:7e:78:c4:78:2f:88:50:8d:dc:d0:7d:
                    05:c6:8f:fe:12:27:20:53:77:95:2e:c0:f8:48:e5:
                    73:3e:f2:5c:c4:c0:7f:5f:ba:09:2f:6c:fe:db:f9:
                    38:8a:ed:17:18:8a:fa:0d:2c:1d:7e:e4:2e:ca:38:
                    2c:19:26:1f:96:91:31:fc:bb:a4:e8:e9:e1:fb:00:
                    3c:1c:9f:d2:90:81:93:dd:ea:a4:4b:49:d3:e8:f9:
                    4c:18:13:38:6a:ab:fb:fe:13:47:9f:f3:74:71:ff:
                    1d:f0:2d:00:be:6e:3d:89:14:39:fd:b7:49:fd:d4:
                    43:eb:d7:98:b8:36:3f:db:22:2d:41:1c:3c:f0:7f:
                    b4:28:d0:a2:ec:b5:0a:5f:1d:95:e0:5d:aa:e9:7e:
                    17:a3:c6:c2:f8:6b:e5:e0:89:5a:60:e3:72:4d:ee:
                    49:1f:65:f2:5b:61:a7:b0:08:d3:31:8e:53:56:ce:
                    b0:38:a1:33:7e:f7:53:58:1c:4b:ee:1d:c8:8f:65:
                    77:ac:a6:c4:bd:e5:33:9e:cb:51:bc:0c:82:a0:77:
                    77:3b:b7:77:2a:cc:f7:4d:ce:b8:b9:ce:07:9d:ee:
                    fb:ec:7b:32:5f:ff:d0:5e:ac:d4:9f:bd:72:98:56:
                    56:98:c1:44:17:56:a4:41:6e:c0:0e:1a:92:bc:07:
                    2c:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:50:EB:D2:70:81:DF:99:C5:92:F2:83:56:B8:57:3E:FE:10:AA:D7
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/zVDr0nCB35nFkvKDVrhXPv4Qqtc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.41.253.0/24
                  45.87.124.0/23
                  45.87.127.0/24
                  45.128.124.0/24
                  45.128.128.0/24
                  62.3.31.0/24
                  77.72.84.0/24
                  84.252.69.0/24
                  88.218.184.0/22
                  91.190.158.0/24
                  91.209.31.0/24
                  91.239.212.0/23
                  146.19.120.0/24
                  146.255.186.0/24
                  176.126.102.0/24
                  185.128.224.0/24
                  185.211.171.0/24
                  185.214.164.0/24
                  193.228.129.0/24
                  194.59.222.0/24
                  194.60.76.0/24
                  195.64.103.0/24
                  212.107.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:41:61:cc:21:08:93:09:57:82:70:52:e1:93:dc:06:00:db:
         d8:37:c9:88:90:11:ee:64:5a:11:b4:f9:54:21:8e:00:bb:8e:
         86:d3:fa:46:f5:65:80:7d:2f:b8:b5:59:c6:17:9d:db:e4:23:
         1e:f8:21:36:ca:fd:7f:cf:ef:3f:83:e5:c0:a0:6c:73:43:f9:
         46:dc:09:ad:8d:2f:ef:9f:8e:ec:4c:de:2e:c2:9b:d7:06:e2:
         61:4a:b2:46:f3:4b:42:0a:8a:9c:b8:54:61:33:db:66:95:20:
         56:15:08:20:f9:3d:30:7a:25:16:49:b0:89:dd:2e:de:f4:af:
         f2:cb:71:56:88:65:57:7d:b8:95:5a:6a:ac:54:ff:c5:ec:99:
         17:ae:f7:44:57:7a:7b:d0:e2:48:6a:9a:45:6a:65:19:7d:fa:
         f2:81:a8:be:bb:70:8f:57:c4:bf:c2:d0:91:d7:2f:ba:4a:73:
         6c:f8:c4:c0:48:88:55:53:88:ea:19:4e:7f:b5:cd:64:52:91:
         c9:bf:be:99:96:f8:bd:d9:0b:33:aa:ad:99:1a:0c:14:79:56:
         3d:84:6c:1a:d1:c4:42:8c:18:5c:2c:e7:a5:04:1e:1f:3c:9b:
         b8:09:84:c0:4e:4a:05:75:19:b8:88:ea:43:fb:d2:2f:65:a1:
         d5:62:27:43
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY7Ebhbg5FK3YCceK74yp6U9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA5MTk1NTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDUwZWJkMjcwODFkZjk5YzU5MmYyODM1NmI4NTczZWZlMTBhYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp71AfnjEeC+IUI3c0H0Fxo/+Eicg
U3eVLsD4SOVzPvJcxMB/X7oJL2z+2/k4iu0XGIr6DSwdfuQuyjgsGSYflpEx/Luk
6Onh+wA8HJ/SkIGT3eqkS0nT6PlMGBM4aqv7/hNHn/N0cf8d8C0Avm49iRQ5/bdJ
/dRD69eYuDY/2yItQRw88H+0KNCi7LUKXx2V4F2q6X4Xo8bC+Gvl4IlaYONyTe5J
H2XyW2GnsAjTMY5TVs6wOKEzfvdTWBxL7h3Ij2V3rKbEveUznstRvAyCoHd3O7d3
Ksz3Tc64uc4Hne777HsyX//QXqzUn71ymFZWmMFEF1akQW7ADhqSvAcs7QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFM1Q69Jwgd+ZxZLyg1a4Vz7+EKrXMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvelZEcjBuQ0IzNW5Ga3ZLRFZyaFhQdjRRcXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAf
Kf0DBAEtV3wDBAAtV38DBAAtgHwDBAAtgIADBAA+Ax8DBABNSFQDBABU/EUDBAJY
2rgDBABbvp4DBABb0R8DBAFb79QDBACSE3gDBACS/7oDBACwfmYDBAC5gOADBAC5
06sDBAC51qQDBADB5IEDBADCO94DBADCPEwDBADDQGcDBADUaxkwDQYJKoZIhvcN
AQELBQADggEBAD9BYcwhCJMJV4JwUuGT3AYA29g3yYiQEe5kWhG0+VQhjgC7jobT
+kb1ZYB9L7i1WcYXndvkIx74ITbK/X/P7z+D5cCgbHND+UbcCa2NL++fjuxM3i7C
m9cG4mFKskbzS0IKipy4VGEz22aVIFYVCCD5PTB6JRZJsIndLt70r/LLcVaIZVd9
uJVaaqxU/8XsmReu90RXenvQ4khqmkVqZRl9+vKBqL67cI9XxL/C0JHXL7pKc2z4
xMBIiFVTiOoZTn+1zWRSkcm/vpmW+L3ZCzOqrZkaDBR5Vj2EbBrRxEKMGFws56UE
Hh88m7gJhMBOSgV1GbiI6kP70i9lodViJ0M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org