Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zynxN9gK0csQR3NRQ2YFnu5FBvs.roa
File:                     zynxN9gK0csQR3NRQ2YFnu5FBvs.roa (raw, json)
Hash identifier:          IW0TABGnmJpK3W1evpVkB3t/Zk/LK4Tg+tzlhVEJvBQ=
Subject key identifier:   CF:29:F1:37:D8:0A:D1:CB:10:47:73:51:43:66:05:9E:EE:45:06:FB
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01896499DB18067729F5D4C3AB6B97927CFB
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zynxN9gK0csQR3NRQ2YFnu5FBvs.roa
Signing time:             Mon 17 Jul 2023 16:05:51 +0000
ROA not before:           Mon 17 Jul 2023 16:05:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34665
IP address blocks:        45.145.163.0/24 maxlen: 24
                          45.145.171.0/24 maxlen: 24
                          45.145.168.0/24 maxlen: 24
                          109.94.211.0/24 maxlen: 24
                          213.139.229.0/24 maxlen: 24
                          45.94.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 19:18:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:99:db:18:06:77:29:f5:d4:c3:ab:6b:97:92:7c:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 17 16:05:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf29f137d80ad1cb104773514366059eee4506fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:53:1f:8d:e0:20:82:36:da:1c:ea:c0:0c:03:
                    eb:5a:e1:c8:26:da:14:3c:2b:cd:8e:aa:63:53:e0:
                    a3:2b:97:ba:e5:9b:ad:2a:d9:04:95:7a:6a:7f:a0:
                    99:1e:3f:3a:a5:1a:83:3c:ea:37:c8:be:84:8e:59:
                    80:3f:73:34:ff:9d:34:1a:86:98:42:1c:24:3a:65:
                    f3:ff:80:ea:ec:d1:36:49:88:03:01:dc:64:93:0a:
                    e6:d4:e0:33:e1:ee:0c:70:82:03:a4:43:1c:cb:aa:
                    32:eb:eb:f6:ee:9d:06:5b:90:a2:79:62:31:54:2c:
                    a7:ed:50:1a:66:a0:ad:92:65:b1:ef:da:f8:2e:b8:
                    34:dd:61:41:02:75:cf:4c:1a:29:bd:7d:74:9f:03:
                    7b:0b:a0:eb:ad:ac:6f:47:2d:f9:c4:0d:f0:9e:ef:
                    fc:32:37:4d:ab:5c:eb:b1:3d:ff:a0:df:8b:88:ad:
                    82:61:13:74:85:30:ba:99:7f:fe:77:63:a1:68:23:
                    5f:03:6c:02:77:cb:7c:da:b1:d2:50:6c:84:4b:51:
                    41:ac:60:98:37:37:8c:eb:6c:dc:ac:03:47:f6:0e:
                    93:c1:c6:26:f7:59:7f:b4:e1:b8:8b:1d:15:46:fd:
                    ac:ad:02:ad:32:e1:78:4a:8d:c2:e8:d3:6e:b3:c7:
                    6b:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:29:F1:37:D8:0A:D1:CB:10:47:73:51:43:66:05:9E:EE:45:06:FB
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zynxN9gK0csQR3NRQ2YFnu5FBvs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.23.0/24
                  45.145.163.0/24
                  45.145.168.0/24
                  45.145.171.0/24
                  109.94.211.0/24
                  213.139.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:55:62:89:b6:be:d0:5a:e0:50:28:0d:8f:33:91:1b:5b:26:
         32:f0:a2:d5:97:2f:13:30:fe:7f:1c:3c:23:ec:cb:ae:02:1e:
         cf:ac:c8:58:bc:69:88:b9:0e:c4:ab:1b:c8:c3:0a:20:a0:51:
         7c:5b:e9:5a:95:db:49:c2:62:2f:cf:4f:7e:d8:d0:48:66:bc:
         cf:f3:9e:9c:1e:eb:65:5c:3f:59:ce:20:e6:48:48:38:dd:1c:
         aa:a8:e5:e6:7c:99:99:d8:ff:c9:ee:3e:c1:a5:1e:16:52:db:
         1d:c0:be:51:2d:85:00:33:2c:ae:35:40:3f:8c:fb:bc:5b:10:
         82:22:57:b1:a7:69:f7:b3:07:b3:51:21:b1:8c:8c:d4:e6:7b:
         d0:61:59:fe:0c:4b:62:55:fb:29:f2:19:32:2c:d9:5e:57:d9:
         43:dc:cd:5c:e4:c2:b3:62:e6:b9:5e:0a:91:07:c7:b8:1a:c9:
         5e:c1:ac:d6:d8:03:a2:8a:83:12:bd:9e:c7:d1:6e:6b:f4:09:
         0e:a8:86:81:90:8e:3a:a0:ea:aa:44:34:7e:6e:ce:ce:15:96:
         bc:37:d5:3d:16:25:b2:fd:96:7e:e5:d4:7b:71:65:46:d8:d3:
         4d:36:66:2d:c8:70:75:01:4c:bb:d2:a1:40:56:1d:ff:9d:89:
         eb:16:40:23
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlkmdsYBncp9dTDq2uXknz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzE3MTYwNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjI5ZjEzN2Q4MGFkMWNiMTA0NzczNTE0MzY2MDU5ZWVlNDUwNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1MfjeAggjbaHOrADAPrWuHIJtoU
PCvNjqpjU+CjK5e65ZutKtkElXpqf6CZHj86pRqDPOo3yL6EjlmAP3M0/500GoaY
QhwkOmXz/4Dq7NE2SYgDAdxkkwrm1OAz4e4McIIDpEMcy6oy6+v27p0GW5CieWIx
VCyn7VAaZqCtkmWx79r4Lrg03WFBAnXPTBopvX10nwN7C6DrraxvRy35xA3wnu/8
MjdNq1zrsT3/oN+LiK2CYRN0hTC6mX/+d2OhaCNfA2wCd8t82rHSUGyES1FBrGCY
NzeM62zcrANH9g6TwcYm91l/tOG4ix0VRv2srQKtMuF4So3C6NNus8drmQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM8p8TfYCtHLEEdzUUNmBZ7uRQb7MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvenlueE45Z0swY3NRUjNOUlEyWUZudTVGQnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALV4XAwQA
LZGjAwQALZGoAwQALZGrAwQAbV7TAwQA1YvlMA0GCSqGSIb3DQEBCwUAA4IBAQAs
VWKJtr7QWuBQKA2PM5EbWyYy8KLVly8TMP5/HDwj7MuuAh7PrMhYvGmIuQ7EqxvI
wwogoFF8W+laldtJwmIvz09+2NBIZrzP856cHutlXD9ZziDmSEg43RyqqOXmfJmZ
2P/J7j7BpR4WUtsdwL5RLYUAMyyuNUA/jPu8WxCCIlexp2n3swezUSGxjIzU5nvQ
YVn+DEtiVfsp8hkyLNleV9lD3M1c5MKzYua5XgqRB8e4GslewazW2AOiioMSvZ7H
0W5r9AkOqIaBkI46oOqqRDR+bs7OFZa8N9U9FiWy/ZZ+5dR7cWVG2NNNNmYtyHB1
AUy70qFAVh3/nYnrFkAj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org