Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/5z7kWzwNVSZFS9gG_Rs63ZWsjU4.roa
File:                     5z7kWzwNVSZFS9gG_Rs63ZWsjU4.roa (raw, json)
Hash identifier:          ftbf7aIN8Tv2bNAsQlLlvPCo8/Dl0w7UKPcmmgwCBTE=
Subject key identifier:   E7:3E:E4:5B:3C:0D:55:26:45:4B:D8:06:FD:1B:3A:DD:95:AC:8D:4E
Certificate issuer:       /CN=c2902f769bf681b1039f2cee61e9e0f975e4e56b
Certificate serial:       01856DE63EAF6EA1F072FDB8CDB378193258
Authority key identifier: C2:90:2F:76:9B:F6:81:B1:03:9F:2C:EE:61:E9:E0:F9:75:E4:E5:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/5z7kWzwNVSZFS9gG_Rs63ZWsjU4.roa
Signing time:             Sun 01 Jan 2023 15:14:43 +0000
ROA not before:           Sun 01 Jan 2023 15:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34359
IP address blocks:        195.225.144.0/22 maxlen: 22
                          213.109.128.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:e6:3e:af:6e:a1:f0:72:fd:b8:cd:b3:78:19:32:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2902f769bf681b1039f2cee61e9e0f975e4e56b
        Validity
            Not Before: Jan  1 15:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e73ee45b3c0d5526454bd806fd1b3add95ac8d4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:9d:f7:3f:b9:41:ef:34:ba:82:1a:17:05:8d:
                    46:88:a4:f0:b2:f9:9e:41:5d:f5:03:a9:01:22:1c:
                    1f:88:81:9c:72:11:e8:87:2e:75:8a:53:4f:12:6b:
                    ea:fe:88:63:43:bc:58:57:54:75:96:bb:a8:dc:ef:
                    54:b3:33:8d:91:ce:57:72:5c:ce:43:63:33:da:63:
                    a0:60:62:cd:bd:a8:ef:da:1a:4a:73:97:ab:3e:ed:
                    30:ee:3f:fb:d3:5f:e6:cc:b1:57:d6:ad:bd:6e:df:
                    33:bc:0e:43:47:ca:05:d3:a0:80:b2:45:cf:b6:1d:
                    c5:f8:92:b1:25:3a:82:2c:34:7d:0a:2b:64:ed:74:
                    a3:1d:d5:b6:82:ab:2d:61:ba:63:0d:0c:3c:29:7e:
                    47:30:11:50:d7:4b:6b:fb:91:ae:dc:1c:3c:6f:fd:
                    da:65:3d:aa:06:46:b2:d2:bb:fc:f5:9c:ec:a5:07:
                    39:04:71:c9:bb:83:2c:2a:8e:85:0b:88:fe:13:f8:
                    cc:6a:90:4d:5e:ce:51:78:83:70:92:7b:d7:92:aa:
                    70:78:fe:44:3b:0c:13:bb:7f:c4:05:42:e4:71:cb:
                    e1:83:06:9e:72:7f:9e:03:98:5d:21:63:f9:af:92:
                    73:09:e8:01:ba:21:c4:f4:2d:27:99:9c:86:8f:9a:
                    9f:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:3E:E4:5B:3C:0D:55:26:45:4B:D8:06:FD:1B:3A:DD:95:AC:8D:4E
            X509v3 Authority Key Identifier:
                keyid:C2:90:2F:76:9B:F6:81:B1:03:9F:2C:EE:61:E9:E0:F9:75:E4:E5:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/5z7kWzwNVSZFS9gG_Rs63ZWsjU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wpAvdpv2gbEDnyzuYeng-XXk5Ws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.225.144.0/22
                  213.109.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         64:cb:8b:c9:17:1e:24:6f:e3:17:96:93:84:a4:a9:b5:3e:ac:
         fa:c8:bf:9a:44:2e:cf:36:22:56:70:bc:6c:0b:fd:f9:72:56:
         f9:70:b9:30:f9:34:69:e4:29:c1:93:9a:ec:84:ee:bf:28:9d:
         2a:8a:95:93:df:95:e8:f8:5e:11:0c:c1:78:f7:38:84:e8:32:
         95:77:da:cc:9e:5b:bc:2b:57:32:48:cb:58:02:5f:25:0a:2d:
         9a:82:0b:d0:c3:79:aa:20:30:49:76:65:e6:58:8b:85:7e:27:
         cc:90:66:d7:39:db:64:ff:ec:3e:14:12:d8:e7:8e:b3:2a:c2:
         2b:c1:a2:d7:fd:d5:b3:d5:2b:1b:66:88:f1:8a:af:41:83:fa:
         cb:fd:5d:31:d0:41:92:af:d7:dd:95:b0:a2:58:bb:5d:43:fd:
         35:4a:cd:96:4b:38:eb:5f:94:6f:88:f7:f3:81:b3:1c:93:e3:
         0e:3d:78:84:46:86:3e:bf:36:8d:e8:37:c7:b3:a2:1f:5f:be:
         d9:b3:6f:f6:44:d8:e9:63:06:0f:74:59:8e:62:7d:c2:b0:fa:
         c5:83:1b:5a:f7:39:0c:11:61:4d:7f:6d:1f:62:7f:01:78:9c:
         a9:d1:04:57:df:62:96:78:b1:87:28:de:04:dc:81:3c:89:1a:
         d7:41:64:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt5j6vbqHwcv24zbN4GTJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyOTAyZjc2OWJmNjgxYjEwMzlmMmNlZTYxZTllMGY5NzVl
NGU1NmIwHhcNMjMwMTAxMTUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNlZTQ1YjNjMGQ1NTI2NDU0YmQ4MDZmZDFiM2FkZDk1YWM4ZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh533P7lB7zS6ghoXBY1GiKTwsvme
QV31A6kBIhwfiIGcchHohy51ilNPEmvq/ohjQ7xYV1R1lruo3O9UszONkc5XclzO
Q2Mz2mOgYGLNvajv2hpKc5erPu0w7j/701/mzLFX1q29bt8zvA5DR8oF06CAskXP
th3F+JKxJTqCLDR9Citk7XSjHdW2gqstYbpjDQw8KX5HMBFQ10tr+5Gu3Bw8b/3a
ZT2qBkay0rv89ZzspQc5BHHJu4MsKo6FC4j+E/jMapBNXs5ReINwknvXkqpweP5E
OwwTu3/EBULkccvhgwaecn+eA5hdIWP5r5JzCegBuiHE9C0nmZyGj5qfGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOc+5Fs8DVUmRUvYBv0bOt2VrI1OMB8GA1UdIwQY
MBaAFMKQL3ab9oGxA58s7mHp4Pl15OVrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3BBdmRwdjJnYkVEbnl6dVllbmctWFhrNVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NGQ0MTMtNDBmNS00YWUyLWFjYTkt
ZmYzOTM2ZmU5OTQ2LzEvNXo3a1d6d05WU1pGUzlnR19SczYzWldzalU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My81NGQ0MTMtNDBmNS00YWUyLWFjYTktZmYzOTM2ZmU5OTQ2
LzEvd3BBdmRwdjJnYkVEbnl6dVllbmctWFhrNVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw+GQAwQE
1W2AMA0GCSqGSIb3DQEBCwUAA4IBAQBky4vJFx4kb+MXlpOEpKm1Pqz6yL+aRC7P
NiJWcLxsC/35clb5cLkw+TRp5CnBk5rshO6/KJ0qipWT35Xo+F4RDMF49ziE6DKV
d9rMnlu8K1cySMtYAl8lCi2aggvQw3mqIDBJdmXmWIuFfifMkGbXOdtk/+w+FBLY
546zKsIrwaLX/dWz1SsbZojxiq9Bg/rL/V0x0EGSr9fdlbCiWLtdQ/01Ss2WSzjr
X5RviPfzgbMck+MOPXiERoY+vzaN6DfHs6IfX77Zs2/2RNjpYwYPdFmOYn3CsPrF
gxta9zkMEWFNf20fYn8BeJyp0QRX32KWeLGHKN4E3IE8iRrXQWRo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:40 2024 by rpki-client on console-fra.rpki-client.org