Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7fafdb-f74a-4ba1-9702-0fd02c44253b/1/Z8cfsjKYaHxki33XYzFBfVsS2DQ.roa
File:                     Z8cfsjKYaHxki33XYzFBfVsS2DQ.roa (raw, json)
Hash identifier:          hduI+t0P/TUhuzHBeYqXOHFDIqODAHUL8pogLagW6wI=
Subject key identifier:   67:C7:1F:B2:32:98:68:7C:64:8B:7D:D7:63:31:41:7D:5B:12:D8:34
Certificate issuer:       /CN=aa57e0eb4a4506a19ab2eff989a67d559b98cc1a
Certificate serial:       01856E8B49FE22A63E2ECD100A921B17882B
Authority key identifier: AA:57:E0:EB:4A:45:06:A1:9A:B2:EF:F9:89:A6:7D:55:9B:98:CC:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qlfg60pFBqGasu_5iaZ9VZuYzBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/7fafdb-f74a-4ba1-9702-0fd02c44253b/1/Z8cfsjKYaHxki33XYzFBfVsS2DQ.roa
Signing time:             Sun 01 Jan 2023 18:15:00 +0000
ROA not before:           Sun 01 Jan 2023 18:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2852
IP address blocks:        147.230.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:49:fe:22:a6:3e:2e:cd:10:0a:92:1b:17:88:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa57e0eb4a4506a19ab2eff989a67d559b98cc1a
        Validity
            Not Before: Jan  1 18:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67c71fb23298687c648b7dd76331417d5b12d834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:04:1b:ab:02:24:fd:ef:2f:d7:7e:34:45:46:
                    a0:bd:0a:9e:56:de:88:e2:c8:48:2e:ef:13:65:ae:
                    74:83:3b:ea:15:10:2e:6d:55:35:67:a5:ca:f1:9e:
                    91:79:10:bb:ab:40:e2:fc:27:f5:26:9c:29:df:23:
                    6b:66:cc:33:28:0b:b2:31:fc:3c:e9:e6:ca:28:7b:
                    a5:69:70:5e:f4:d1:fa:bb:d1:dd:22:89:12:64:a4:
                    8c:d5:6e:b8:32:54:bc:53:fa:fe:3e:c6:b2:39:c0:
                    61:50:5b:17:a3:37:fb:8e:89:a7:ba:39:3e:8d:65:
                    fb:dd:83:a9:05:dd:da:ac:60:35:c1:dc:54:de:df:
                    93:48:3f:bc:0f:80:31:41:eb:43:55:56:fc:73:76:
                    62:a0:82:47:2b:06:ab:0a:53:35:b6:53:2e:fb:e4:
                    a3:00:97:82:fe:ec:27:db:59:9e:ba:53:32:d0:f4:
                    82:41:d3:6a:bb:ee:10:44:aa:48:a2:ef:5a:86:d7:
                    c3:ce:aa:43:a5:f0:af:8e:58:c6:8a:90:25:4f:4c:
                    f5:43:4a:f3:20:5d:26:89:99:ed:79:23:18:f4:9d:
                    14:fe:0b:18:e9:4a:61:8c:a3:1a:df:8b:50:1b:97:
                    99:63:03:8f:41:21:48:49:98:a5:33:1c:26:aa:ee:
                    df:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C7:1F:B2:32:98:68:7C:64:8B:7D:D7:63:31:41:7D:5B:12:D8:34
            X509v3 Authority Key Identifier:
                keyid:AA:57:E0:EB:4A:45:06:A1:9A:B2:EF:F9:89:A6:7D:55:9B:98:CC:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlfg60pFBqGasu_5iaZ9VZuYzBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7fafdb-f74a-4ba1-9702-0fd02c44253b/1/Z8cfsjKYaHxki33XYzFBfVsS2DQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7fafdb-f74a-4ba1-9702-0fd02c44253b/1/qlfg60pFBqGasu_5iaZ9VZuYzBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.230.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         14:8f:b4:87:3a:d1:8c:cc:53:02:e0:de:27:88:13:6f:ed:3c:
         4b:92:0b:dc:38:b3:67:3f:2a:5c:c0:fa:7e:5d:dc:d4:03:7a:
         ca:ff:65:74:ec:b4:00:b4:cf:5d:82:3c:dc:70:8f:99:89:d8:
         33:84:91:08:5a:ed:eb:d2:e3:03:f0:e9:98:0d:53:76:c2:07:
         8c:e2:44:14:ea:06:1d:97:90:6a:47:10:e1:39:1b:b6:06:8d:
         49:5f:24:f0:f4:ad:47:19:34:86:a6:e8:fa:b7:f1:41:93:61:
         b6:30:36:86:13:51:c3:f1:86:92:45:15:06:b7:08:aa:4c:01:
         4d:89:3c:cd:cf:71:ba:a4:4c:77:a7:57:3f:ba:ee:91:86:3e:
         02:bd:15:a5:46:6a:b7:67:65:dc:0d:28:90:3c:e8:0d:60:18:
         61:a6:98:81:b3:21:28:79:ea:92:71:f8:e0:59:31:54:3f:d1:
         a5:17:00:09:69:1a:86:64:b8:94:0f:fd:91:36:7c:27:8e:ec:
         4c:da:6b:0f:aa:bc:7a:3d:ff:f4:71:a4:2b:31:03:eb:8f:20:
         fd:12:97:c6:a0:c2:d0:f4:53:53:e8:ea:f8:06:85:b7:3b:67:
         40:af:03:c3:10:b7:37:10:f1:f0:23:5a:4c:56:6c:85:65:db:
         49:bc:d3:27
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVui0n+IqY+Ls0QCpIbF4grMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTdlMGViNGE0NTA2YTE5YWIyZWZmOTg5YTY3ZDU1OWI5
OGNjMWEwHhcNMjMwMTAxMTgxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2M3MWZiMjMyOTg2ODdjNjQ4YjdkZDc2MzMxNDE3ZDViMTJkODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQQbqwIk/e8v1340RUagvQqeVt6I
4shILu8TZa50gzvqFRAubVU1Z6XK8Z6ReRC7q0Di/Cf1Jpwp3yNrZswzKAuyMfw8
6ebKKHulaXBe9NH6u9HdIokSZKSM1W64MlS8U/r+PsayOcBhUFsXozf7jomnujk+
jWX73YOpBd3arGA1wdxU3t+TSD+8D4AxQetDVVb8c3ZioIJHKwarClM1tlMu++Sj
AJeC/uwn21meulMy0PSCQdNqu+4QRKpIou9ahtfDzqpDpfCvjljGipAlT0z1Q0rz
IF0miZnteSMY9J0U/gsY6UphjKMa34tQG5eZYwOPQSFISZilMxwmqu7fwwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGfHH7IymGh8ZIt912MxQX1bEtg0MB8GA1UdIwQY
MBaAFKpX4OtKRQahmrLv+YmmfVWbmMwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxmZzYwcEZCcUdhc3VfNWlhWjlWWnVZekJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83ZmFmZGItZjc0YS00YmExLTk3MDIt
MGZkMDJjNDQyNTNiLzEvWjhjZnNqS1lhSHhraTMzWFl6RkJmVnNTMkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83ZmFmZGItZjc0YS00YmExLTk3MDItMGZkMDJjNDQyNTNi
LzEvcWxmZzYwcEZCcUdhc3VfNWlhWjlWWnVZekJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk+YwDQYJ
KoZIhvcNAQELBQADggEBABSPtIc60YzMUwLg3ieIE2/tPEuSC9w4s2c/KlzA+n5d
3NQDesr/ZXTstAC0z12CPNxwj5mJ2DOEkQha7evS4wPw6ZgNU3bCB4ziRBTqBh2X
kGpHEOE5G7YGjUlfJPD0rUcZNIam6Pq38UGTYbYwNoYTUcPxhpJFFQa3CKpMAU2J
PM3PcbqkTHenVz+67pGGPgK9FaVGardnZdwNKJA86A1gGGGmmIGzISh56pJx+OBZ
MVQ/0aUXAAlpGoZkuJQP/ZE2fCeO7Ezaaw+qvHo9//RxpCsxA+uPIP0Sl8agwtD0
U1Po6vgGhbc7Z0CvA8MQtzcQ8fAjWkxWbIVl20m80yc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:45 2024 by rpki-client on console-fra.rpki-client.org