Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/85fd31-fe91-4389-ab67-3651e40f1436/1/ZTQPfGX5lXOTADFFeYN8YOUtAuk.roa
File:                     ZTQPfGX5lXOTADFFeYN8YOUtAuk.roa (raw, json)
Hash identifier:          8ocet0vKiRsvr9Rd8xcVSlYOz3nloMXoKh8bnBD4T0c=
Subject key identifier:   65:34:0F:7C:65:F9:95:73:93:00:31:45:79:83:7C:60:E5:2D:02:E9
Certificate issuer:       /CN=4b9f31e7352a8707b98c6d27348e8bc493d1a9af
Certificate serial:       01856C41568629B4C1DDA67C9A5C06BBED84
Authority key identifier: 4B:9F:31:E7:35:2A:87:07:B9:8C:6D:27:34:8E:8B:C4:93:D1:A9:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S58x5zUqhwe5jG0nNI6LxJPRqa8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/85fd31-fe91-4389-ab67-3651e40f1436/1/ZTQPfGX5lXOTADFFeYN8YOUtAuk.roa
Signing time:             Sun 01 Jan 2023 07:34:59 +0000
ROA not before:           Sun 01 Jan 2023 07:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12637
IP address blocks:        185.142.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:56:86:29:b4:c1:dd:a6:7c:9a:5c:06:bb:ed:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b9f31e7352a8707b98c6d27348e8bc493d1a9af
        Validity
            Not Before: Jan  1 07:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=65340f7c65f995739300314579837c60e52d02e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a4:b0:4e:d2:b3:0a:7d:68:aa:42:ee:7d:e5:
                    c6:3a:72:d1:66:00:22:d3:04:d9:2e:4d:11:8b:b1:
                    1f:47:45:24:47:9b:97:38:a8:c0:53:71:3a:e9:38:
                    be:b8:4a:bd:93:be:08:36:b5:1d:c3:6f:23:89:21:
                    60:92:0f:28:96:1c:82:17:dd:a8:36:a5:b0:9d:4c:
                    74:98:31:ca:56:e7:0c:e0:db:8d:8f:f4:a9:75:ce:
                    62:fc:d3:42:13:74:ed:3e:3e:b7:1f:90:76:d8:79:
                    2d:19:a4:c2:c5:a7:fd:98:89:c3:34:77:f3:f6:ee:
                    9b:62:0b:27:dc:9e:9e:25:61:9c:ec:b3:81:35:2d:
                    c4:24:47:b5:e6:a9:dd:db:9e:96:cf:18:d9:b3:4c:
                    36:e8:2e:60:98:7f:d8:13:a6:18:a6:29:e0:8a:90:
                    cf:39:91:6e:32:9d:f2:cb:90:02:bf:cb:bd:0e:55:
                    20:75:0e:2a:bd:c1:44:6f:f1:7f:c9:75:73:73:15:
                    41:10:ee:0a:30:03:e1:1d:ab:3c:21:b5:be:01:95:
                    06:17:5f:98:11:e1:a8:76:a5:59:60:7c:4c:65:8e:
                    cd:0b:83:13:f6:2a:9b:89:cb:19:a6:5f:c4:e7:88:
                    9c:b9:16:0c:97:5f:c8:61:b6:e6:01:7f:93:a5:3e:
                    06:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:34:0F:7C:65:F9:95:73:93:00:31:45:79:83:7C:60:E5:2D:02:E9
            X509v3 Authority Key Identifier:
                keyid:4B:9F:31:E7:35:2A:87:07:B9:8C:6D:27:34:8E:8B:C4:93:D1:A9:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S58x5zUqhwe5jG0nNI6LxJPRqa8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/85fd31-fe91-4389-ab67-3651e40f1436/1/ZTQPfGX5lXOTADFFeYN8YOUtAuk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/85fd31-fe91-4389-ab67-3651e40f1436/1/S58x5zUqhwe5jG0nNI6LxJPRqa8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.142.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:b9:95:1b:03:1f:55:27:e7:51:7c:9b:df:f1:c8:99:62:07:
         f3:a5:74:4a:43:db:12:4b:97:bd:86:f9:5f:ea:bd:1e:02:df:
         8b:29:12:09:6b:3d:63:1e:08:20:e3:1c:f8:a5:ff:59:39:8b:
         fb:64:3b:95:d3:93:20:2f:f6:2f:10:dd:bb:0c:35:73:fb:2e:
         9d:ae:06:e6:4e:5b:b9:22:7a:25:df:07:df:4c:87:16:1b:21:
         b4:f8:f1:fc:d9:4a:24:dd:23:f2:b8:03:54:c0:5b:ea:8a:b6:
         07:db:0e:61:8d:2d:d4:93:ed:e3:23:90:74:ce:84:17:18:7c:
         de:e8:cf:72:92:98:83:47:8a:e5:68:cd:16:c5:67:6d:54:63:
         cd:76:65:9b:eb:91:b6:28:b3:4a:f0:3f:1d:d7:5a:a5:e8:60:
         a9:35:a9:9a:51:3c:0e:65:a6:41:00:c9:6c:fc:cf:00:c3:02:
         57:80:e0:02:df:ae:de:36:72:c2:cf:71:3f:03:23:8b:9e:d5:
         4c:0c:67:89:0f:65:e0:e4:7f:28:fd:40:61:dd:a2:ae:9e:6e:
         b9:ec:f0:53:eb:3f:97:94:94:45:12:93:1e:07:97:84:c4:f9:
         5e:80:ea:99:ac:06:0b:d2:72:f2:5f:76:c4:c5:7f:9d:cb:f5:
         53:b7:3d:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQVaGKbTB3aZ8mlwGu+2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOWYzMWU3MzUyYTg3MDdiOThjNmQyNzM0OGU4YmM0OTNk
MWE5YWYwHhcNMjMwMTAxMDczNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM0MGY3YzY1Zjk5NTczOTMwMDMxNDU3OTgzN2M2MGU1MmQwMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6SwTtKzCn1oqkLufeXGOnLRZgAi
0wTZLk0Ri7EfR0UkR5uXOKjAU3E66Ti+uEq9k74INrUdw28jiSFgkg8olhyCF92o
NqWwnUx0mDHKVucM4NuNj/Spdc5i/NNCE3TtPj63H5B22HktGaTCxaf9mInDNHfz
9u6bYgsn3J6eJWGc7LOBNS3EJEe15qnd256WzxjZs0w26C5gmH/YE6YYpingipDP
OZFuMp3yy5ACv8u9DlUgdQ4qvcFEb/F/yXVzcxVBEO4KMAPhHas8IbW+AZUGF1+Y
EeGodqVZYHxMZY7NC4MT9iqbicsZpl/E54icuRYMl1/IYbbmAX+TpT4GbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGU0D3xl+ZVzkwAxRXmDfGDlLQLpMB8GA1UdIwQY
MBaAFEufMec1KocHuYxtJzSOi8ST0amvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzU4eDV6VXFod2U1akcwbk5JNkx4SlBScWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My84NWZkMzEtZmU5MS00Mzg5LWFiNjct
MzY1MWU0MGYxNDM2LzEvWlRRUGZHWDVsWE9UQURGRmVZTjhZT1V0QXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My84NWZkMzEtZmU5MS00Mzg5LWFiNjctMzY1MWU0MGYxNDM2
LzEvUzU4eDV6VXFod2U1akcwbk5JNkx4SlBScWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY5EMA0G
CSqGSIb3DQEBCwUAA4IBAQBjuZUbAx9VJ+dRfJvf8ciZYgfzpXRKQ9sSS5e9hvlf
6r0eAt+LKRIJaz1jHggg4xz4pf9ZOYv7ZDuV05MgL/YvEN27DDVz+y6drgbmTlu5
Inol3wffTIcWGyG0+PH82Uok3SPyuANUwFvqirYH2w5hjS3Uk+3jI5B0zoQXGHze
6M9ykpiDR4rlaM0WxWdtVGPNdmWb65G2KLNK8D8d11ql6GCpNamaUTwOZaZBAMls
/M8AwwJXgOAC367eNnLCz3E/AyOLntVMDGeJD2Xg5H8o/UBh3aKunm657PBT6z+X
lJRFEpMeB5eExPlegOqZrAYL0nLyX3bExX+dy/VTtz2M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:38 2024 by rpki-client on console-ams.rpki-client.org