Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/f93da2-1457-4cd9-9073-806a315dd1fd/1/2ZCSL2a4UCejfnGjYYkU188DSfA.roa
File:                     2ZCSL2a4UCejfnGjYYkU188DSfA.roa (raw, json)
Hash identifier:          5yBOPJSEAvmSq0cZplSzzl5q5JCAHWtVdCv+150KD9c=
Subject key identifier:   D9:90:92:2F:66:B8:50:27:A3:7E:71:A3:61:89:14:D7:CF:03:49:F0
Certificate issuer:       /CN=84df54bdc104106cdb299e01ef08a60985ec35fb
Certificate serial:       01856BCA2607984D94B8C1A64CDBB459871B
Authority key identifier: 84:DF:54:BD:C1:04:10:6C:DB:29:9E:01:EF:08:A6:09:85:EC:35:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hN9UvcEEEGzbKZ4B7wimCYXsNfs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/f93da2-1457-4cd9-9073-806a315dd1fd/1/2ZCSL2a4UCejfnGjYYkU188DSfA.roa
Signing time:             Sun 01 Jan 2023 05:24:48 +0000
ROA not before:           Sun 01 Jan 2023 05:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51918
IP address blocks:        185.117.236.0/22 maxlen: 22
                          2a06:94c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ca:26:07:98:4d:94:b8:c1:a6:4c:db:b4:59:87:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84df54bdc104106cdb299e01ef08a60985ec35fb
        Validity
            Not Before: Jan  1 05:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d990922f66b85027a37e71a3618914d7cf0349f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:94:a6:80:7d:15:24:9c:d9:a3:d3:f7:97:91:
                    f9:f4:ad:cf:b3:56:cf:92:fa:e4:7b:56:4d:ba:e5:
                    e3:07:7b:e4:bd:bc:a3:be:d6:50:72:ef:20:f6:9d:
                    41:e8:60:f4:cf:50:f8:2a:42:6a:ad:ed:fc:56:50:
                    54:46:79:13:68:57:ca:0b:8d:cb:65:8b:3f:73:48:
                    94:5a:55:81:fd:10:e3:76:b0:81:93:51:35:41:1d:
                    d1:a9:1f:3d:03:0b:a3:be:7a:90:bd:8f:cb:bb:4e:
                    73:3a:7b:b7:93:89:c2:95:3e:11:50:29:b1:c7:da:
                    5a:12:62:40:4d:d3:e3:26:5d:9a:8d:de:05:88:bd:
                    6d:85:6d:7e:ac:8f:7a:8d:d3:a9:f1:44:4b:19:17:
                    44:57:be:bd:41:0c:c8:77:56:29:f3:50:e6:85:7f:
                    ee:01:75:bd:4a:e3:87:fa:89:7e:5c:34:2b:d5:94:
                    3d:39:52:82:3d:9b:fa:3b:bf:37:08:87:f9:c6:9a:
                    31:3e:e7:59:9a:f7:c0:44:a1:ef:2c:1c:38:06:15:
                    55:b2:da:31:68:02:c3:6c:ae:45:c0:de:22:a2:92:
                    55:2d:c9:c2:31:43:cb:bd:45:6f:a8:bb:d4:02:af:
                    ca:e3:6b:f0:65:a9:ed:bd:b7:5c:a6:0d:7a:bf:15:
                    f6:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:90:92:2F:66:B8:50:27:A3:7E:71:A3:61:89:14:D7:CF:03:49:F0
            X509v3 Authority Key Identifier:
                keyid:84:DF:54:BD:C1:04:10:6C:DB:29:9E:01:EF:08:A6:09:85:EC:35:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hN9UvcEEEGzbKZ4B7wimCYXsNfs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/f93da2-1457-4cd9-9073-806a315dd1fd/1/2ZCSL2a4UCejfnGjYYkU188DSfA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/f93da2-1457-4cd9-9073-806a315dd1fd/1/hN9UvcEEEGzbKZ4B7wimCYXsNfs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.236.0/22
                IPv6:
                  2a06:94c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         34:4e:a4:a8:a7:d2:dc:dd:67:0f:4a:26:10:b3:cb:5a:22:dd:
         b4:53:f1:22:89:f9:7d:3c:71:87:e6:d7:0d:68:c2:a4:45:c7:
         2c:11:a0:08:5f:c8:56:8e:9f:54:b2:2a:03:23:5e:44:b2:2f:
         16:91:af:8a:cd:8c:49:49:10:b6:9c:74:82:54:c0:c0:36:9d:
         7a:51:60:75:65:1f:61:fa:9f:ff:1f:4c:03:2f:37:45:6d:53:
         3c:30:55:5f:da:c5:12:b5:64:f1:c5:d8:94:00:10:7e:0b:e2:
         db:28:1d:bc:d7:f0:de:d7:20:c2:88:e0:27:8e:1f:6b:4b:d4:
         d2:5e:49:20:fc:ab:a0:bc:18:8b:7c:6e:72:0f:d0:21:70:63:
         b1:0f:5b:1d:27:f3:dc:ff:e5:75:06:38:41:4f:11:6e:7e:2f:
         2e:d0:a2:c4:50:6e:3f:52:46:d3:78:02:b0:c5:ae:79:a1:ce:
         d2:3b:6c:b4:cd:1b:ea:cc:50:39:83:f9:03:ba:4c:c6:04:db:
         d0:3f:fd:7d:58:3c:51:10:8d:ac:83:96:14:a5:93:f0:42:1b:
         f2:03:0e:4b:93:0d:cc:d4:c4:b7:52:4e:52:f8:66:a6:73:82:
         94:cf:95:eb:3e:a9:ef:51:69:2f:84:03:e0:67:02:5b:16:41:
         58:7f:e1:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVryiYHmE2UuMGmTNu0WYcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZGY1NGJkYzEwNDEwNmNkYjI5OWUwMWVmMDhhNjA5ODVl
YzM1ZmIwHhcNMjMwMTAxMDUyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTkwOTIyZjY2Yjg1MDI3YTM3ZTcxYTM2MTg5MTRkN2NmMDM0OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZSmgH0VJJzZo9P3l5H59K3Ps1bP
kvrke1ZNuuXjB3vkvbyjvtZQcu8g9p1B6GD0z1D4KkJqre38VlBURnkTaFfKC43L
ZYs/c0iUWlWB/RDjdrCBk1E1QR3RqR89AwujvnqQvY/Lu05zOnu3k4nClT4RUCmx
x9paEmJATdPjJl2ajd4FiL1thW1+rI96jdOp8URLGRdEV769QQzId1Yp81DmhX/u
AXW9SuOH+ol+XDQr1ZQ9OVKCPZv6O783CIf5xpoxPudZmvfARKHvLBw4BhVVstox
aALDbK5FwN4iopJVLcnCMUPLvUVvqLvUAq/K42vwZantvbdcpg16vxX2UwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNmQki9muFAno35xo2GJFNfPA0nwMB8GA1UdIwQY
MBaAFITfVL3BBBBs2ymeAe8IpgmF7DX7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE45VXZjRUVFR3piS1o0Qjd3aW1DWVhzTmZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9mOTNkYTItMTQ1Ny00Y2Q5LTkwNzMt
ODA2YTMxNWRkMWZkLzEvMlpDU0wyYTRVQ2VqZm5HallZa1UxODhEU2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9mOTNkYTItMTQ1Ny00Y2Q5LTkwNzMtODA2YTMxNWRkMWZk
LzEvaE45VXZjRUVFR3piS1o0Qjd3aW1DWVhzTmZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXXsMA0E
AgACMAcDBQMqBpTAMA0GCSqGSIb3DQEBCwUAA4IBAQA0TqSop9Lc3WcPSiYQs8ta
It20U/Eiifl9PHGH5tcNaMKkRccsEaAIX8hWjp9UsioDI15Esi8Wka+KzYxJSRC2
nHSCVMDANp16UWB1ZR9h+p//H0wDLzdFbVM8MFVf2sUStWTxxdiUABB+C+LbKB28
1/De1yDCiOAnjh9rS9TSXkkg/KugvBiLfG5yD9AhcGOxD1sdJ/Pc/+V1BjhBTxFu
fi8u0KLEUG4/UkbTeAKwxa55oc7SO2y0zRvqzFA5g/kDukzGBNvQP/19WDxREI2s
g5YUpZPwQhvyAw5Lkw3M1MS3Uk5S+Gamc4KUz5XrPqnvUWkvhAPgZwJbFkFYf+EC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:34 2024 by rpki-client on console-ams.rpki-client.org