Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1edd25-ff90-40ae-8a20-f76b8353ad68/1/BIZdVXGj0TRCG-5ioRYlY-w2tvw.roa
File:                     BIZdVXGj0TRCG-5ioRYlY-w2tvw.roa (raw, json)
Hash identifier:          7O0pcKeEKqRuL3/deCstDaeUlRXRe+5qw2NZZ6/kVb0=
Subject key identifier:   04:86:5D:55:71:A3:D1:34:42:1B:EE:62:A1:16:25:63:EC:36:B6:FC
Certificate issuer:       /CN=99962f5ee0278a60cbbcd4169191f71481216ad4
Certificate serial:       01856C6EE61C308D654484E818BCD37C3AD4
Authority key identifier: 99:96:2F:5E:E0:27:8A:60:CB:BC:D4:16:91:91:F7:14:81:21:6A:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mZYvXuAnimDLvNQWkZH3FIEhatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/1edd25-ff90-40ae-8a20-f76b8353ad68/1/BIZdVXGj0TRCG-5ioRYlY-w2tvw.roa
Signing time:             Sun 01 Jan 2023 08:24:45 +0000
ROA not before:           Sun 01 Jan 2023 08:24:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39626
IP address blocks:        195.246.227.0/24 maxlen: 24
                          2001:7f8:16::/64 maxlen: 64
                          2001:7f8:16::/48 maxlen: 64

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:e6:1c:30:8d:65:44:84:e8:18:bc:d3:7c:3a:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99962f5ee0278a60cbbcd4169191f71481216ad4
        Validity
            Not Before: Jan  1 08:24:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04865d5571a3d134421bee62a1162563ec36b6fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:1f:95:05:02:8b:f6:7c:f2:2e:95:63:21:34:
                    01:e6:0b:87:c2:b9:9f:68:78:ac:02:91:6f:b7:0c:
                    6e:65:c2:82:cf:18:bc:56:92:cb:66:3a:90:4c:af:
                    e0:f3:ac:53:9f:65:dc:0b:26:1a:b4:1c:fd:72:bc:
                    be:9f:87:3d:1e:d0:5b:3c:73:73:00:cb:4d:68:50:
                    b6:d9:fe:8f:8a:1f:87:3d:8a:2c:42:e3:d5:87:16:
                    fd:a6:f6:36:a6:08:40:ce:e2:38:68:81:57:ba:06:
                    0b:03:3a:1b:80:46:20:de:3f:ff:0a:70:f3:a6:4f:
                    87:4e:fb:67:96:00:3c:f9:fd:9d:e5:8f:51:3d:c5:
                    d8:2c:a7:fb:43:37:3d:4b:92:b7:36:9a:80:dd:78:
                    99:8e:b9:d6:b8:89:47:03:9d:61:5e:35:00:cd:d0:
                    df:2b:ab:be:90:af:86:bd:19:0c:cf:07:4d:18:dd:
                    2a:cf:68:c1:ff:4a:c8:4b:61:b8:1c:9c:ac:2c:91:
                    35:8b:f8:19:d7:8f:33:a7:68:b0:74:26:45:d7:96:
                    08:7b:3b:70:ac:9f:c8:58:c0:14:ab:6f:ec:f7:07:
                    b8:35:46:72:86:f5:4d:35:0c:b2:1a:9c:5b:f1:32:
                    c8:d7:81:36:06:4b:2d:e5:c7:5f:f9:bd:44:0f:60:
                    e4:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:86:5D:55:71:A3:D1:34:42:1B:EE:62:A1:16:25:63:EC:36:B6:FC
            X509v3 Authority Key Identifier:
                keyid:99:96:2F:5E:E0:27:8A:60:CB:BC:D4:16:91:91:F7:14:81:21:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZYvXuAnimDLvNQWkZH3FIEhatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1edd25-ff90-40ae-8a20-f76b8353ad68/1/BIZdVXGj0TRCG-5ioRYlY-w2tvw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1edd25-ff90-40ae-8a20-f76b8353ad68/1/mZYvXuAnimDLvNQWkZH3FIEhatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.246.227.0/24
                IPv6:
                  2001:7f8:16::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:95:ff:03:8f:c5:9c:50:70:d3:90:63:59:09:4b:89:6b:06:
         90:c7:4e:d3:63:80:dd:ef:ec:0d:5b:e4:a4:db:77:ab:c0:a4:
         ce:3f:93:c2:75:fe:11:60:e6:bd:cf:ec:6d:34:3f:17:17:4a:
         fc:ca:fa:62:08:25:5c:db:d2:b5:ed:f5:23:14:c5:53:0f:55:
         20:5c:c8:6d:23:7a:27:71:f3:5c:69:f5:da:19:14:70:e6:79:
         8d:6e:b2:d9:5c:65:a8:31:66:ed:13:3d:7e:c2:0d:f3:7b:4a:
         32:bb:f1:f9:76:20:52:44:f7:16:66:86:9d:af:d5:0d:89:b3:
         9e:19:18:83:15:be:25:df:e3:c6:fd:d1:8c:b1:42:5e:5a:0e:
         8c:c6:1b:f6:25:28:02:f6:2d:db:cb:15:94:9e:95:dc:d0:4b:
         da:f7:21:12:b9:02:cf:b9:f0:7e:c1:be:38:47:03:ae:51:4c:
         4f:54:61:39:04:29:dd:12:07:21:73:7e:98:e8:a6:55:ad:86:
         1b:60:0e:db:f5:7a:2f:1b:bf:f4:b3:4f:5f:de:b8:5d:df:3a:
         16:a9:0b:a3:20:eb:b1:bf:ba:8d:b8:f2:f2:37:7e:40:be:80:
         5c:e8:7e:f5:a8:74:97:ec:f4:78:fa:22:db:4e:54:09:cb:9e:
         df:d7:49:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsbuYcMI1lRIToGLzTfDrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OTYyZjVlZTAyNzhhNjBjYmJjZDQxNjkxOTFmNzE0ODEy
MTZhZDQwHhcNMjMwMTAxMDgyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg2NWQ1NTcxYTNkMTM0NDIxYmVlNjJhMTE2MjU2M2VjMzZiNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR+VBQKL9nzyLpVjITQB5guHwrmf
aHisApFvtwxuZcKCzxi8VpLLZjqQTK/g86xTn2XcCyYatBz9cry+n4c9HtBbPHNz
AMtNaFC22f6Pih+HPYosQuPVhxb9pvY2pghAzuI4aIFXugYLAzobgEYg3j//CnDz
pk+HTvtnlgA8+f2d5Y9RPcXYLKf7Qzc9S5K3NpqA3XiZjrnWuIlHA51hXjUAzdDf
K6u+kK+GvRkMzwdNGN0qz2jB/0rIS2G4HJysLJE1i/gZ148zp2iwdCZF15YIeztw
rJ/IWMAUq2/s9we4NUZyhvVNNQyyGpxb8TLI14E2Bkst5cdf+b1ED2Dk4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFASGXVVxo9E0QhvuYqEWJWPsNrb8MB8GA1UdIwQY
MBaAFJmWL17gJ4pgy7zUFpGR9xSBIWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVpZdlh1QW5pbURMdk5RV2taSDNGSUVoYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZWRkMjUtZmY5MC00MGFlLThhMjAt
Zjc2YjgzNTNhZDY4LzEvQklaZFZYR2owVFJDRy01aW9SWWxZLXcydHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZWRkMjUtZmY5MC00MGFlLThhMjAtZjc2YjgzNTNhZDY4
LzEvbVpZdlh1QW5pbURMdk5RV2taSDNGSUVoYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw/bjMA8E
AgACMAkDBwAgAQf4ABYwDQYJKoZIhvcNAQELBQADggEBAHKV/wOPxZxQcNOQY1kJ
S4lrBpDHTtNjgN3v7A1b5KTbd6vApM4/k8J1/hFg5r3P7G00PxcXSvzK+mIIJVzb
0rXt9SMUxVMPVSBcyG0jeidx81xp9doZFHDmeY1ustlcZagxZu0TPX7CDfN7SjK7
8fl2IFJE9xZmhp2v1Q2Js54ZGIMVviXf48b90YyxQl5aDozGG/YlKAL2LdvLFZSe
ldzQS9r3IRK5As+58H7BvjhHA65RTE9UYTkEKd0SByFzfpjoplWthhtgDtv1ei8b
v/SzT1/euF3fOhapC6Mg67G/uo248vI3fkC+gFzofvWodJfs9Hj6IttOVAnLnt/X
STM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:03 2024 by rpki-client on console-fra.rpki-client.org