Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/9cc39c-dd7b-4892-94bf-ee46ac018600/1/KzsQzKHRLDg5l9pXt5uYpfpN9CI.roa
File:                     KzsQzKHRLDg5l9pXt5uYpfpN9CI.roa (raw, json)
Hash identifier:          e3lR/Qa8KQvtDBC4NKuzdurV4nCGGyQ+VqwAEdzbi3I=
Subject key identifier:   2B:3B:10:CC:A1:D1:2C:38:39:97:DA:57:B7:9B:98:A5:FA:4D:F4:22
Certificate issuer:       /CN=b0b6a49bcc10de340e39d203f56658bd7d648ddf
Certificate serial:       0193DEA56E2C05FE5BC3066C181C1035AF46
Authority key identifier: B0:B6:A4:9B:CC:10:DE:34:0E:39:D2:03:F5:66:58:BD:7D:64:8D:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sLakm8wQ3jQOOdID9WZYvX1kjd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/9cc39c-dd7b-4892-94bf-ee46ac018600/1/KzsQzKHRLDg5l9pXt5uYpfpN9CI.roa
Signing time:             Thu 19 Dec 2024 11:20:03 +0000
ROA not before:           Thu 19 Dec 2024 11:20:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31225
IP address blocks:        83.219.224.0/19 maxlen: 19
                          83.219.224.0/22 maxlen: 22
                          83.219.225.0/24 maxlen: 24
                          83.219.226.0/24 maxlen: 24
                          83.219.227.0/24 maxlen: 24
                          83.219.228.0/24 maxlen: 24
                          83.219.229.0/24 maxlen: 24
                          83.219.230.0/24 maxlen: 24
                          83.219.231.0/24 maxlen: 24
                          83.219.232.0/24 maxlen: 24
                          83.219.233.0/24 maxlen: 24
                          83.219.234.0/24 maxlen: 24
                          83.219.235.0/24 maxlen: 24
                          83.219.236.0/24 maxlen: 24
                          83.219.237.0/24 maxlen: 24
                          83.219.238.0/24 maxlen: 24
                          83.219.239.0/24 maxlen: 24
                          83.219.240.0/24 maxlen: 24
                          83.219.241.0/24 maxlen: 24
                          83.219.242.0/24 maxlen: 24
                          83.219.244.0/24 maxlen: 24
                          83.219.246.0/24 maxlen: 24
                          83.219.247.0/24 maxlen: 24
                          83.219.248.0/24 maxlen: 24
                          83.219.249.0/24 maxlen: 24
                          83.219.250.0/24 maxlen: 24
                          83.219.252.0/22 maxlen: 22
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 17:48:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:de:a5:6e:2c:05:fe:5b:c3:06:6c:18:1c:10:35:af:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0b6a49bcc10de340e39d203f56658bd7d648ddf
        Validity
            Not Before: Dec 19 11:20:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2b3b10cca1d12c383997da57b79b98a5fa4df422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5e:8b:b8:22:04:a8:52:9f:41:c6:8f:e4:67:
                    66:60:19:e7:75:be:4c:16:58:2c:63:8c:15:45:48:
                    fa:82:76:51:90:b7:92:6e:20:69:6d:16:f3:14:65:
                    d4:87:b9:9f:8d:11:92:b5:76:ee:75:44:75:13:83:
                    7b:b9:a1:c4:a0:e1:4e:9b:12:13:e1:0b:36:a2:e5:
                    fd:1a:9c:4e:8a:39:85:b3:05:db:c0:fb:c1:06:4d:
                    11:73:c9:e4:ec:52:d6:2d:36:5f:2f:6f:64:8a:b5:
                    6d:42:49:9a:ca:55:4b:b5:c7:e7:d2:a2:68:19:47:
                    54:a4:06:87:ed:89:11:b3:23:dc:91:b4:ed:4f:a9:
                    c4:6f:7e:53:f2:86:10:81:0c:3c:e4:95:d8:2a:f7:
                    5d:55:fa:4a:9b:ce:4f:ea:0a:c5:d2:1c:a2:25:c7:
                    2d:17:cd:22:95:83:a2:68:fa:6d:5c:90:59:e9:6d:
                    ba:c5:ab:b9:61:39:24:7d:7b:5e:cd:6d:eb:0a:9a:
                    b2:3c:85:9e:3c:b2:01:b7:11:76:b8:86:e3:5b:52:
                    82:e2:87:bb:7e:e5:bc:14:03:03:63:31:27:07:d6:
                    03:9b:77:9a:62:a9:74:9d:72:3f:ee:db:48:11:fa:
                    df:c9:7e:f2:0e:46:e5:c5:9e:fa:0f:ef:3e:2f:15:
                    cd:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:3B:10:CC:A1:D1:2C:38:39:97:DA:57:B7:9B:98:A5:FA:4D:F4:22
            X509v3 Authority Key Identifier:
                keyid:B0:B6:A4:9B:CC:10:DE:34:0E:39:D2:03:F5:66:58:BD:7D:64:8D:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLakm8wQ3jQOOdID9WZYvX1kjd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cc39c-dd7b-4892-94bf-ee46ac018600/1/KzsQzKHRLDg5l9pXt5uYpfpN9CI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cc39c-dd7b-4892-94bf-ee46ac018600/1/sLakm8wQ3jQOOdID9WZYvX1kjd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.219.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         44:32:5b:f8:a5:56:67:c9:98:f7:67:27:92:2e:97:94:a4:41:
         ad:75:20:0f:e0:66:27:c7:3b:9b:1b:69:21:a0:98:db:2d:ec:
         c6:ef:46:68:21:5e:d2:5d:7a:7f:24:40:9e:b9:3f:f5:e0:38:
         d7:68:b0:c5:48:12:b6:49:b8:13:05:91:e6:64:db:e7:0c:3a:
         e2:45:f1:67:31:09:60:ee:02:3c:9d:df:3f:28:3d:a3:60:7e:
         a7:36:90:7a:65:0d:ed:24:db:c6:72:db:17:5e:00:56:b7:0c:
         c6:ae:46:61:db:e2:3a:11:0c:d6:95:ee:dd:6e:7d:34:54:2e:
         26:61:70:7e:f4:0f:c7:33:6b:59:ed:1d:58:9a:84:55:bc:35:
         9d:ca:44:4a:3f:79:5f:c1:e1:8e:bb:b7:96:cf:66:3c:1f:6a:
         21:ee:75:44:52:e5:fe:c8:73:18:33:93:e4:a0:1e:25:a8:dd:
         6d:fc:65:c7:2d:c8:a7:fb:48:31:03:45:4a:9c:ec:f4:db:7c:
         6a:ff:75:1d:78:7d:be:f5:19:de:2f:00:b8:1b:29:ef:11:36:
         bd:d6:50:7f:73:e5:c8:c3:d9:45:5d:56:b2:21:76:44:c8:0b:
         f6:4c:3c:2a:66:89:58:14:f9:c6:09:d5:db:9f:40:14:f6:fa:
         7b:74:66:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPepW4sBf5bwwZsGBwQNa9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjZhNDliY2MxMGRlMzQwZTM5ZDIwM2Y1NjY1OGJkN2Q2
NDhkZGYwHhcNMjQxMjE5MTEyMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjNiMTBjY2ExZDEyYzM4Mzk5N2RhNTdiNzliOThhNWZhNGRmNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF6LuCIEqFKfQcaP5GdmYBnndb5M
FlgsY4wVRUj6gnZRkLeSbiBpbRbzFGXUh7mfjRGStXbudUR1E4N7uaHEoOFOmxIT
4Qs2ouX9GpxOijmFswXbwPvBBk0Rc8nk7FLWLTZfL29kirVtQkmaylVLtcfn0qJo
GUdUpAaH7YkRsyPckbTtT6nEb35T8oYQgQw85JXYKvddVfpKm85P6grF0hyiJcct
F80ilYOiaPptXJBZ6W26xau5YTkkfXtezW3rCpqyPIWePLIBtxF2uIbjW1KC4oe7
fuW8FAMDYzEnB9YDm3eaYql0nXI/7ttIEfrfyX7yDkblxZ76D+8+LxXNEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCs7EMyh0Sw4OZfaV7ebmKX6TfQiMB8GA1UdIwQY
MBaAFLC2pJvMEN40DjnSA/VmWL19ZI3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xha204d1EzalFPT2RJRDlXWll2WDFramQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85Y2MzOWMtZGQ3Yi00ODkyLTk0YmYt
ZWU0NmFjMDE4NjAwLzEvS3pzUXpLSFJMRGc1bDlwWHQ1dVlwZnBOOUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi85Y2MzOWMtZGQ3Yi00ODkyLTk0YmYtZWU0NmFjMDE4NjAw
LzEvc0xha204d1EzalFPT2RJRDlXWll2WDFramQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU9vgMA0G
CSqGSIb3DQEBCwUAA4IBAQBEMlv4pVZnyZj3ZyeSLpeUpEGtdSAP4GYnxzubG2kh
oJjbLezG70ZoIV7SXXp/JECeuT/14DjXaLDFSBK2SbgTBZHmZNvnDDriRfFnMQlg
7gI8nd8/KD2jYH6nNpB6ZQ3tJNvGctsXXgBWtwzGrkZh2+I6EQzWle7dbn00VC4m
YXB+9A/HM2tZ7R1YmoRVvDWdykRKP3lfweGOu7eWz2Y8H2oh7nVEUuX+yHMYM5Pk
oB4lqN1t/GXHLcin+0gxA0VKnOz023xq/3UdeH2+9RneLwC4GynvETa91lB/c+XI
w9lFXVayIXZEyAv2TDwqZolYFPnGCdXbn0AU9vp7dGZj
-----END CERTIFICATE-----