Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/vzFWDSBaCEmnTl_x2ZvTUzjPe5E.roa
File:                     vzFWDSBaCEmnTl_x2ZvTUzjPe5E.roa (raw, json)
Hash identifier:          5w7wT6xPJcRkH5TL/FathwiFwWbwmOYoOUR7a+INPyc=
Subject key identifier:   BF:31:56:0D:20:5A:08:49:A7:4E:5F:F1:D9:9B:D3:53:38:CF:7B:91
Certificate issuer:       /CN=7744c6b6fba373811e00bee484e224c6b6e23fd2
Certificate serial:       01857383ADCAD0397E7E0C912DB65E1A35F9
Authority key identifier: 77:44:C6:B6:FB:A3:73:81:1E:00:BE:E4:84:E2:24:C6:B6:E2:3F:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d0TGtvujc4EeAL7khOIkxrbiP9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/vzFWDSBaCEmnTl_x2ZvTUzjPe5E.roa
Signing time:             Mon 02 Jan 2023 17:24:47 +0000
ROA not before:           Mon 02 Jan 2023 17:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49232
IP address blocks:        193.169.164.0/23 maxlen: 23
                          37.123.225.0/24 maxlen: 24
                          37.123.224.0/21 maxlen: 21
                          194.169.225.0/24 maxlen: 24
                          2a00:59c0::/32 maxlen: 32
                          2a00:59c0:3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:83:ad:ca:d0:39:7e:7e:0c:91:2d:b6:5e:1a:35:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7744c6b6fba373811e00bee484e224c6b6e23fd2
        Validity
            Not Before: Jan  2 17:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf31560d205a0849a74e5ff1d99bd35338cf7b91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:e0:6d:5f:82:8a:7a:43:c3:19:33:43:6b:53:
                    5f:c4:02:9e:41:05:86:05:45:11:6b:92:ca:99:f2:
                    2b:a9:54:04:cb:51:8e:cc:aa:ac:bd:de:e0:b4:72:
                    48:c4:dd:5a:a9:fb:ae:6d:01:6d:2d:8b:fc:1d:4c:
                    0d:e9:4a:3d:87:18:64:2b:9c:23:3d:4c:15:9f:e3:
                    59:c5:93:4a:7f:38:c1:f9:78:5b:18:ef:d0:f3:25:
                    36:2d:e5:78:cd:13:2f:a2:1a:ec:22:67:ef:9f:a4:
                    07:ab:09:10:67:bf:e0:53:7f:50:68:b6:7d:6c:a0:
                    10:dc:8f:b2:2a:e8:d1:ed:fa:f7:c2:cd:fc:d2:b6:
                    22:1c:06:19:d0:0a:d9:e2:60:a8:f7:c5:b2:87:4d:
                    63:f7:3d:d2:4d:46:ab:9e:2e:3f:43:52:42:e3:d2:
                    b9:84:fe:a6:af:c6:45:c2:e7:42:53:4b:16:1a:7c:
                    cc:2f:16:ea:f8:52:f6:c5:64:b3:c7:3b:1f:b8:1a:
                    90:2a:fe:b1:62:45:9e:d1:f1:6a:7b:76:ee:7d:92:
                    75:47:3d:b9:3e:c6:cd:d0:36:5f:ae:c6:bb:02:2d:
                    d3:b0:9b:e1:53:c7:90:b0:db:e7:ee:83:19:b4:5d:
                    b7:6f:ab:46:51:22:7c:42:3b:d7:cf:d6:3b:19:b2:
                    9a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:31:56:0D:20:5A:08:49:A7:4E:5F:F1:D9:9B:D3:53:38:CF:7B:91
            X509v3 Authority Key Identifier:
                keyid:77:44:C6:B6:FB:A3:73:81:1E:00:BE:E4:84:E2:24:C6:B6:E2:3F:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0TGtvujc4EeAL7khOIkxrbiP9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/vzFWDSBaCEmnTl_x2ZvTUzjPe5E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/d0TGtvujc4EeAL7khOIkxrbiP9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.123.224.0/21
                  193.169.164.0/23
                  194.169.225.0/24
                IPv6:
                  2a00:59c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         57:18:c1:86:3f:06:72:2b:a6:55:ab:2a:ee:e2:2c:35:ae:f3:
         a5:df:d3:24:ee:de:0b:6d:6b:a0:f2:61:ff:08:5b:76:4d:6a:
         b4:e0:fd:c5:c3:2c:a9:43:15:cc:b2:ac:b9:5f:66:d6:e9:dd:
         ad:9a:bf:49:42:51:b3:65:dc:bc:1f:de:10:df:d0:51:ff:5c:
         2c:df:8e:55:55:04:4b:74:bb:a6:95:b7:3f:26:69:9b:a1:00:
         a1:b2:c8:4a:b8:7e:e3:f1:15:04:2e:48:90:65:26:96:1d:7a:
         8c:a7:7c:8b:96:66:45:a7:a0:b9:7a:8e:21:ca:53:07:3d:e7:
         f6:37:ed:e3:68:66:a2:b9:cb:6d:4e:5f:11:8b:cb:b1:2a:64:
         7a:d2:9a:a1:52:a8:7f:4c:b5:a9:73:88:65:a4:4f:9b:87:5e:
         d9:3e:63:a4:c6:93:ba:91:6d:55:21:09:7b:a7:30:e3:02:05:
         c1:2b:d8:04:d4:b1:87:d8:97:04:de:f6:f6:42:54:cf:3c:02:
         60:46:50:33:39:b7:5b:a2:d8:9e:71:2b:44:9e:b4:9c:7b:29:
         cb:12:7d:fb:50:fd:f4:bc:1f:c7:ac:2d:ef:a6:7c:9e:0d:45:
         4f:d6:97:b0:fb:c7:45:f5:b6:6c:b1:fb:61:68:e9:51:2d:25:
         c2:44:38:70
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzg63K0Dl+fgyRLbZeGjX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDRjNmI2ZmJhMzczODExZTAwYmVlNDg0ZTIyNGM2YjZl
MjNmZDIwHhcNMjMwMTAyMTcyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjMxNTYwZDIwNWEwODQ5YTc0ZTVmZjFkOTliZDM1MzM4Y2Y3YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uBtX4KKekPDGTNDa1NfxAKeQQWG
BUURa5LKmfIrqVQEy1GOzKqsvd7gtHJIxN1aqfuubQFtLYv8HUwN6Uo9hxhkK5wj
PUwVn+NZxZNKfzjB+XhbGO/Q8yU2LeV4zRMvohrsImfvn6QHqwkQZ7/gU39QaLZ9
bKAQ3I+yKujR7fr3ws380rYiHAYZ0ArZ4mCo98Wyh01j9z3STUarni4/Q1JC49K5
hP6mr8ZFwudCU0sWGnzMLxbq+FL2xWSzxzsfuBqQKv6xYkWe0fFqe3bufZJ1Rz25
PsbN0DZfrsa7Ai3TsJvhU8eQsNvn7oMZtF23b6tGUSJ8QjvXz9Y7GbKapwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL8xVg0gWghJp05f8dmb01M4z3uRMB8GA1UdIwQY
MBaAFHdExrb7o3OBHgC+5ITiJMa24j/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBUR3R2dWpjNEVlQUw3a2hPSWt4cmJpUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83NDRkZjMtOGUyOS00NThiLWE0NTkt
OGY4Yzg5MjI2ZTNlLzEvdnpGV0RTQmFDRW1uVGxfeDJadlRVempQZTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83NDRkZjMtOGUyOS00NThiLWE0NTktOGY4Yzg5MjI2ZTNl
LzEvZDBUR3R2dWpjNEVlQUw3a2hPSWt4cmJpUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXvgAwQB
wamkAwQAwqnhMA0EAgACMAcDBQAqAFnAMA0GCSqGSIb3DQEBCwUAA4IBAQBXGMGG
PwZyK6ZVqyru4iw1rvOl39Mk7t4LbWug8mH/CFt2TWq04P3FwyypQxXMsqy5X2bW
6d2tmr9JQlGzZdy8H94Q39BR/1ws345VVQRLdLumlbc/JmmboQChsshKuH7j8RUE
LkiQZSaWHXqMp3yLlmZFp6C5eo4hylMHPef2N+3jaGaiucttTl8Ri8uxKmR60pqh
Uqh/TLWpc4hlpE+bh17ZPmOkxpO6kW1VIQl7pzDjAgXBK9gE1LGH2JcE3vb2QlTP
PAJgRlAzObdbotiecStEnrSceynLEn37UP30vB/HrC3vpnyeDUVP1pew+8dF9bZs
sfthaOlRLSXCRDhw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:31 2024 by rpki-client on console-fra.rpki-client.org