Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ZFah3gHdloZfcslHOaPEr5uPoso.roa
File:                     ZFah3gHdloZfcslHOaPEr5uPoso.roa (raw, json)
Hash identifier:          kKBka8rBJy0Za6LiVh0S5IaAkTjV8ICgEK2+4PigkCQ=
Subject key identifier:   64:56:A1:DE:01:DD:96:86:5F:72:C9:47:39:A3:C4:AF:9B:8F:A2:CA
Certificate issuer:       /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial:       018572035533617712289291987B0CE164A5
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ZFah3gHdloZfcslHOaPEr5uPoso.roa
Signing time:             Mon 02 Jan 2023 10:24:59 +0000
ROA not before:           Mon 02 Jan 2023 10:24:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51424
IP address blocks:        212.4.132.0/24 maxlen: 24
                          212.96.184.0/24 maxlen: 24
                          213.211.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:03:55:33:61:77:12:28:92:91:98:7b:0c:e1:64:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
        Validity
            Not Before: Jan  2 10:24:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6456a1de01dd96865f72c94739a3c4af9b8fa2ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:02:95:6a:9e:1e:6a:29:25:e2:df:6e:96:b9:
                    3f:8d:c3:09:32:54:3c:da:43:bd:0e:25:c8:cc:19:
                    6e:b2:63:28:68:dc:4b:d5:35:6b:91:f8:1d:8c:f5:
                    4d:0d:0c:bf:d9:39:70:af:80:9d:51:86:f8:67:17:
                    ba:5c:b4:24:35:d1:0a:f4:56:96:f1:7e:57:3d:e9:
                    27:2d:26:4c:fc:a5:f7:34:87:a9:a4:c4:eb:47:8c:
                    2c:36:78:b3:c1:9d:e2:91:da:2b:2c:03:cb:d4:6c:
                    e7:87:c8:e7:80:43:2d:7f:c3:27:f3:2f:cf:63:ea:
                    51:ec:25:8f:ca:0a:f3:12:d3:fe:27:d7:e4:e8:6a:
                    ac:5f:8d:1b:61:21:da:ec:7f:55:38:12:c7:03:ef:
                    f8:33:5f:20:e2:d8:e8:c9:7c:c4:3d:62:2d:1e:d3:
                    79:f7:38:f2:10:bd:24:27:f7:c4:54:2c:fe:ec:47:
                    a5:2b:63:f3:8a:2a:92:24:96:62:7d:1e:90:a6:c1:
                    a4:a3:a0:c7:31:63:31:61:3b:b6:41:52:e5:05:a4:
                    dd:c6:63:94:6c:df:e6:3e:df:39:e8:1b:05:ae:b3:
                    24:3b:cb:80:cc:77:39:e1:8c:61:ed:eb:54:6a:99:
                    44:40:94:73:df:c7:61:d8:1f:50:02:38:ef:6c:28:
                    53:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:56:A1:DE:01:DD:96:86:5F:72:C9:47:39:A3:C4:AF:9B:8F:A2:CA
            X509v3 Authority Key Identifier:
                keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ZFah3gHdloZfcslHOaPEr5uPoso.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.4.132.0/24
                  212.96.184.0/24
                  213.211.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:99:75:db:52:31:f9:86:4f:b5:54:69:a4:89:45:02:a8:73:
         0d:93:c8:12:1d:e7:86:d0:95:2c:15:5d:a6:22:09:60:e3:cb:
         6f:93:ca:d4:04:98:1e:e9:b7:04:17:f8:db:e4:2d:8f:bd:cc:
         0a:11:b7:0e:66:76:42:54:18:64:ca:8f:d0:0b:51:20:50:b3:
         ee:7f:60:3d:d7:dd:39:94:3b:22:2b:cc:ff:29:68:ab:8f:7d:
         00:6c:30:90:8c:17:49:f4:81:fe:63:a3:b4:34:c6:b0:7e:d8:
         2b:79:60:70:bc:fa:13:c9:6c:a3:63:6c:80:65:bc:94:70:aa:
         80:91:e7:85:a6:96:91:49:a2:3a:86:e0:c7:29:e4:f5:e2:fc:
         e3:f0:ff:cb:9f:0f:7f:e6:8a:ad:ba:76:3d:9d:c5:fa:da:49:
         f2:e7:76:2a:41:a7:10:53:8e:00:7e:1f:2f:1e:79:47:7e:43:
         37:e3:fd:20:7b:90:a0:50:ca:82:be:7f:af:3f:16:b6:e0:f3:
         2f:4d:5b:fe:cc:5a:ad:0a:ea:9e:01:15:33:fa:63:83:ab:83:
         a9:cf:b5:fc:55:f0:8e:d2:bb:39:8f:d6:ed:88:d7:4c:83:1b:
         7b:9b:df:12:89:c6:ab:67:0c:5e:80:46:56:5c:01:d9:cd:ab:
         21:45:6b:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyA1UzYXcSKJKRmHsM4WSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjMwMTAyMTAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU2YTFkZTAxZGQ5Njg2NWY3MmM5NDczOWEzYzRhZjliOGZhMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQKVap4eaikl4t9ulrk/jcMJMlQ8
2kO9DiXIzBlusmMoaNxL1TVrkfgdjPVNDQy/2Tlwr4CdUYb4Zxe6XLQkNdEK9FaW
8X5XPeknLSZM/KX3NIeppMTrR4wsNnizwZ3ikdorLAPL1Gznh8jngEMtf8Mn8y/P
Y+pR7CWPygrzEtP+J9fk6GqsX40bYSHa7H9VOBLHA+/4M18g4tjoyXzEPWItHtN5
9zjyEL0kJ/fEVCz+7EelK2PziiqSJJZifR6QpsGko6DHMWMxYTu2QVLlBaTdxmOU
bN/mPt856BsFrrMkO8uAzHc54Yxh7etUaplEQJRz38dh2B9QAjjvbChT6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGRWod4B3ZaGX3LJRzmjxK+bj6LKMB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvWkZhaDNnSGRsb1pmY3NsSE9hUEVyNXVQb3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1ASEAwQA
1GC4AwQA1dMkMA0GCSqGSIb3DQEBCwUAA4IBAQCcmXXbUjH5hk+1VGmkiUUCqHMN
k8gSHeeG0JUsFV2mIglg48tvk8rUBJge6bcEF/jb5C2PvcwKEbcOZnZCVBhkyo/Q
C1EgULPuf2A91905lDsiK8z/KWirj30AbDCQjBdJ9IH+Y6O0NMawftgreWBwvPoT
yWyjY2yAZbyUcKqAkeeFppaRSaI6huDHKeT14vzj8P/Lnw9/5oqtunY9ncX62kny
53YqQacQU44Afh8vHnlHfkM34/0ge5CgUMqCvn+vPxa24PMvTVv+zFqtCuqeARUz
+mODq4Opz7X8VfCO0rs5j9btiNdMgxt7m98SicarZwxegEZWXAHZzashRWs6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org