Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DZTfP1fOZGD-vo_ipkZgraShgcg.roa
File:                     DZTfP1fOZGD-vo_ipkZgraShgcg.roa (raw, json)
Hash identifier:          C3PE70gkS0wmyLfYtAPJGSdfnXNDFUllmZJVoe2ZP+4=
Subject key identifier:   0D:94:DF:3F:57:CE:64:60:FE:BE:8F:E2:A6:46:60:AD:A4:A1:81:C8
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       0192DC7523E9400580AE149D65555BCEA6E7
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DZTfP1fOZGD-vo_ipkZgraShgcg.roa
Signing time:             Wed 30 Oct 2024 08:05:17 +0000
ROA not before:           Wed 30 Oct 2024 08:05:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        2.57.242.0/24 maxlen: 24
                          45.135.182.0/24 maxlen: 24
                          45.135.183.0/24 maxlen: 24
                          89.34.106.0/24 maxlen: 24
                          93.114.183.0/24 maxlen: 24
                          188.64.142.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 30 Oct 2024 21:13:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:dc:75:23:e9:40:05:80:ae:14:9d:65:55:5b:ce:a6:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Oct 30 08:05:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d94df3f57ce6460febe8fe2a64660ada4a181c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:28:66:6d:63:15:7a:be:19:d9:d9:6c:df:7d:
                    67:27:2b:fc:c4:c4:3f:9f:92:24:e4:5f:73:a9:e6:
                    3d:85:8a:64:6b:55:b6:57:8e:dd:df:f9:f6:07:36:
                    76:ac:06:5e:3d:0f:df:15:07:e9:d0:02:11:00:76:
                    be:5a:a2:00:e9:e8:f9:94:26:69:2f:85:b8:c6:d2:
                    c5:07:12:82:ea:25:66:43:e8:b3:ea:91:62:10:a2:
                    5d:b1:a6:72:00:b5:aa:d7:55:56:04:85:32:2c:55:
                    a7:d6:ee:21:e4:33:5b:37:19:8b:77:fe:b1:16:80:
                    a4:c1:dc:19:50:3f:93:26:b9:60:ff:9f:2d:12:55:
                    a7:9d:a7:38:03:f9:25:61:54:c1:f9:15:31:f7:e9:
                    fd:ad:ba:b4:61:34:62:cf:fb:36:6f:9a:08:02:db:
                    c2:84:dd:2b:b3:76:b0:6a:31:e2:0a:dd:0d:94:f9:
                    5c:1a:22:a9:9b:42:17:33:b0:fb:55:47:16:22:26:
                    74:bf:b2:4f:2a:aa:6b:fc:af:b1:34:63:b6:5b:26:
                    06:c8:e8:45:67:cb:c1:80:d6:5a:b6:bc:14:48:de:
                    3b:9a:ea:ed:fe:d8:e1:ab:0a:c4:02:1d:40:a9:27:
                    01:ea:3b:5a:87:76:26:fd:58:fa:2c:92:b7:55:8b:
                    5f:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:94:DF:3F:57:CE:64:60:FE:BE:8F:E2:A6:46:60:AD:A4:A1:81:C8
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DZTfP1fOZGD-vo_ipkZgraShgcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.242.0/24
                  45.135.182.0/23
                  89.34.106.0/24
                  93.114.183.0/24
                  188.64.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:00:6d:0e:9e:41:73:4c:58:6c:1a:36:b8:80:ec:46:d7:6b:
         9c:55:35:89:07:62:5f:e5:ae:90:e6:c9:c2:82:34:f5:35:7f:
         40:e3:9a:9e:33:78:35:c4:e3:6b:9f:a1:ed:51:ca:9d:fa:33:
         d7:5a:ea:0f:3b:ec:da:e7:22:36:70:f0:b1:21:31:07:12:1a:
         7c:1e:03:ec:bd:3c:81:4e:f0:47:54:78:15:dd:6d:b6:1c:be:
         f9:76:06:82:91:d7:f6:02:e8:21:0b:33:87:e8:a2:c4:1f:f1:
         f8:e6:da:6f:d3:33:43:a3:3a:5b:08:be:7c:85:ac:33:fa:d8:
         06:d4:fe:a4:47:03:ec:0b:f8:de:a8:9a:0a:bf:78:ee:2e:7a:
         89:fe:ea:18:68:de:57:dc:c8:ec:a8:e9:bb:03:ff:59:5f:c8:
         85:a6:49:57:79:96:a0:a5:d3:4e:49:36:74:be:f8:82:e4:8d:
         e6:11:55:cc:40:5d:9b:b5:64:90:76:f6:33:ab:85:74:e4:b8:
         f9:de:98:61:a7:f2:fd:02:b4:11:05:b9:f2:dd:18:06:12:a0:
         cb:b5:e0:22:8d:c3:e4:d5:73:fd:a5:53:4c:bc:77:6d:02:d6:
         6c:63:7c:b7:e3:f3:f1:fc:6a:40:6c:34:dc:b0:c4:58:17:01:
         ff:ec:72:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLcdSPpQAWArhSdZVVbzqbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMDMwMDgwNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDk0ZGYzZjU3Y2U2NDYwZmViZThmZTJhNjQ2NjBhZGE0YTE4MWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ihmbWMVer4Z2dls331nJyv8xMQ/
n5Ik5F9zqeY9hYpka1W2V47d3/n2BzZ2rAZePQ/fFQfp0AIRAHa+WqIA6ej5lCZp
L4W4xtLFBxKC6iVmQ+iz6pFiEKJdsaZyALWq11VWBIUyLFWn1u4h5DNbNxmLd/6x
FoCkwdwZUD+TJrlg/58tElWnnac4A/klYVTB+RUx9+n9rbq0YTRiz/s2b5oIAtvC
hN0rs3awajHiCt0NlPlcGiKpm0IXM7D7VUcWIiZ0v7JPKqpr/K+xNGO2WyYGyOhF
Z8vBgNZatrwUSN47murt/tjhqwrEAh1AqScB6jtah3Ym/Vj6LJK3VYtf1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA2U3z9XzmRg/r6P4qZGYK2koYHIMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvRFpUZlAxZk9aR0Qtdm9faXBrWmdyYVNoZ2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjnyAwQB
LYe2AwQAWSJqAwQAXXK3AwQAvECOMA0GCSqGSIb3DQEBCwUAA4IBAQAiAG0OnkFz
TFhsGja4gOxG12ucVTWJB2Jf5a6Q5snCgjT1NX9A45qeM3g1xONrn6HtUcqd+jPX
WuoPO+za5yI2cPCxITEHEhp8HgPsvTyBTvBHVHgV3W22HL75dgaCkdf2AughCzOH
6KLEH/H45tpv0zNDozpbCL58hawz+tgG1P6kRwPsC/jeqJoKv3juLnqJ/uoYaN5X
3MjsqOm7A/9ZX8iFpklXeZagpdNOSTZ0vviC5I3mEVXMQF2btWSQdvYzq4V05Lj5
3phhp/L9ArQRBbny3RgGEqDLteAijcPk1XP9pVNMvHdtAtZsY3y34/Px/GpAbDTc
sMRYFwH/7HI8
-----END CERTIFICATE-----
Generated at Wed Oct 30 22:49:39 2024 by rpki-client on console-fra.rpki-client.org