Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Z5MUjUZSBfCVunVzKM-v5zzZP_E.roa
File:                     Z5MUjUZSBfCVunVzKM-v5zzZP_E.roa (raw, json)
Hash identifier:          9KeJQRyQmJawx1C6/66QdAPULIZqrZvHj0eZRQXbTIc=
Subject key identifier:   67:93:14:8D:46:52:05:F0:95:BA:75:73:28:CF:AF:E7:3C:D9:3F:F1
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       01892BCD0527B1E053C618046A6D6D58CFE6
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Z5MUjUZSBfCVunVzKM-v5zzZP_E.roa
Signing time:             Thu 06 Jul 2023 15:23:23 +0000
ROA not before:           Thu 06 Jul 2023 15:23:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31863
IP address blocks:        171.22.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Aug 2023 15:30:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2b:cd:05:27:b1:e0:53:c6:18:04:6a:6d:6d:58:cf:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Jul  6 15:23:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6793148d465205f095ba757328cfafe73cd93ff1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2b:84:d0:6c:8b:0a:aa:31:d1:bd:c9:e6:32:
                    f8:86:a0:17:2f:0a:b3:48:65:14:e5:8b:a5:1a:ec:
                    3b:f3:9d:d0:82:61:23:c7:83:bd:fb:df:fc:25:d4:
                    c7:4d:7d:17:ca:5d:ea:1a:98:54:c0:0d:63:29:6a:
                    5f:02:4b:da:d8:83:2e:29:86:6f:97:b2:77:27:bd:
                    0d:a8:3b:7d:c7:eb:fc:d0:0a:c0:6b:3f:61:ef:81:
                    10:45:f8:a5:15:b8:28:4d:3d:1c:f4:7e:00:85:4f:
                    32:36:23:75:62:5f:83:7f:44:b9:42:52:58:22:37:
                    e4:e8:ca:ff:7d:b5:cf:2b:69:9d:34:6f:d2:20:07:
                    22:e1:d7:fd:e0:bf:5d:a2:92:82:ff:e4:7b:36:ab:
                    90:aa:14:df:d5:0a:f9:71:72:bb:06:7c:91:7a:78:
                    a0:a4:27:f9:59:dd:d0:1e:f9:c5:37:74:38:f2:3c:
                    22:59:a6:72:f4:7f:55:5e:c0:a7:3d:6d:74:d2:0d:
                    27:32:57:e1:fe:82:5c:45:ae:d9:1d:e1:74:9e:31:
                    f8:9a:c0:55:0b:97:eb:70:d0:90:38:54:9c:26:d0:
                    57:c2:45:b8:33:0a:68:27:7c:e1:85:c7:04:8e:80:
                    37:dd:19:78:82:db:db:b0:cf:72:b2:12:ca:55:fa:
                    36:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:93:14:8D:46:52:05:F0:95:BA:75:73:28:CF:AF:E7:3C:D9:3F:F1
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Z5MUjUZSBfCVunVzKM-v5zzZP_E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  171.22.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:b6:49:ad:e3:b9:c4:97:90:74:4f:0e:8c:f6:3a:3f:f1:ee:
         5b:b8:a1:9c:48:45:a7:69:5e:6f:7e:5d:a7:c5:db:fc:12:ff:
         9d:f4:a6:ca:6a:bd:1f:b8:d6:52:b3:5f:21:eb:17:73:bd:55:
         d8:85:12:36:a0:a5:18:75:3c:54:46:47:ae:8e:f5:bb:90:29:
         b4:07:7b:f6:6e:ac:dc:05:02:37:80:3f:8a:7f:08:98:93:fe:
         35:ab:79:82:30:e5:13:0b:32:2d:ba:da:9a:b4:23:f5:74:f4:
         94:b1:d3:07:d9:71:ae:52:8c:fb:37:d4:5e:d7:e7:4f:07:35:
         b2:dd:ba:23:a1:e3:0b:4e:f4:fd:9b:fe:57:89:40:d2:f5:01:
         93:13:db:62:d9:2f:c1:2e:c3:22:79:5c:92:42:b8:94:aa:0c:
         a4:b1:0e:46:11:70:07:97:c7:ba:75:6f:64:fb:45:99:48:25:
         cb:46:c2:48:45:c1:2c:dc:de:55:91:03:cf:fc:13:da:27:6d:
         a3:af:e2:0c:16:05:1c:e7:36:7b:a0:5a:7c:45:3d:b4:f5:c0:
         85:ac:bc:a0:6b:47:55:3c:1f:9d:45:12:30:40:39:d9:ca:3b:
         e3:14:bc:1f:13:19:35:fe:d2:72:79:be:0e:8f:3f:04:e1:93:
         8d:15:ae:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkrzQUnseBTxhgEam1tWM/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNzA2MTUyMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzkzMTQ4ZDQ2NTIwNWYwOTViYTc1NzMyOGNmYWZlNzNjZDkzZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCuE0GyLCqox0b3J5jL4hqAXLwqz
SGUU5YulGuw7853QgmEjx4O9+9/8JdTHTX0Xyl3qGphUwA1jKWpfAkva2IMuKYZv
l7J3J70NqDt9x+v80ArAaz9h74EQRfilFbgoTT0c9H4AhU8yNiN1Yl+Df0S5QlJY
Ijfk6Mr/fbXPK2mdNG/SIAci4df94L9dopKC/+R7NquQqhTf1Qr5cXK7BnyRenig
pCf5Wd3QHvnFN3Q48jwiWaZy9H9VXsCnPW100g0nMlfh/oJcRa7ZHeF0njH4msBV
C5frcNCQOFScJtBXwkW4MwpoJ3zhhccEjoA33Rl4gtvbsM9yshLKVfo27QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGeTFI1GUgXwlbp1cyjPr+c82T/xMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvWjVNVWpVWlNCZkNWdW5WektNLXY1enpaUF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaQMA0G
CSqGSIb3DQEBCwUAA4IBAQAqtkmt47nEl5B0Tw6M9jo/8e5buKGcSEWnaV5vfl2n
xdv8Ev+d9KbKar0fuNZSs18h6xdzvVXYhRI2oKUYdTxURkeujvW7kCm0B3v2bqzc
BQI3gD+KfwiYk/41q3mCMOUTCzItutqatCP1dPSUsdMH2XGuUoz7N9Re1+dPBzWy
3bojoeMLTvT9m/5XiUDS9QGTE9ti2S/BLsMieVySQriUqgyksQ5GEXAHl8e6dW9k
+0WZSCXLRsJIRcEs3N5VkQPP/BPaJ22jr+IMFgUc5zZ7oFp8RT209cCFrLyga0dV
PB+dRRIwQDnZyjvjFLwfExk1/tJyeb4Ojz8E4ZONFa5S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org