Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/ZDieo2eLLonUnEA1h4qESxZwkPE.roa
File:                     ZDieo2eLLonUnEA1h4qESxZwkPE.roa (raw, json)
Hash identifier:          pG0LV46B53OWSFWgFKYDQz+FGsWfjsXcFWlSWqRiask=
Subject key identifier:   64:38:9E:A3:67:8B:2E:89:D4:9C:40:35:87:8A:84:4B:16:70:90:F1
Certificate issuer:       /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial:       018571BA04CE3E387C1F0F273098FFDB9ED6
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/ZDieo2eLLonUnEA1h4qESxZwkPE.roa
Signing time:             Mon 02 Jan 2023 09:04:54 +0000
ROA not before:           Mon 02 Jan 2023 09:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3549
IP address blocks:        85.209.206.0/23 maxlen: 23
                          85.209.204.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 17:52:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:04:ce:3e:38:7c:1f:0f:27:30:98:ff:db:9e:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
        Validity
            Not Before: Jan  2 09:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64389ea3678b2e89d49c4035878a844b167090f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:37:cb:98:bb:17:ad:b0:60:37:33:b6:e2:1f:
                    20:af:ed:e2:60:4c:09:13:25:4c:e9:37:dc:c2:3c:
                    53:13:07:95:af:82:c3:e8:c5:4a:fb:28:38:6d:c5:
                    3e:01:ed:6c:0c:ab:7a:58:03:f5:f5:c5:25:1e:68:
                    c8:17:77:7c:02:9d:9c:13:c6:24:d1:d9:77:8e:18:
                    c6:54:68:50:03:36:5a:61:4d:35:b3:f5:7d:e5:46:
                    0a:82:cf:d7:c0:e6:5b:fa:4b:c4:f4:28:9c:d4:03:
                    b2:d8:f4:78:56:c7:18:6b:ef:d2:ea:ce:c1:7a:e6:
                    3c:a1:45:d7:a5:4e:72:d7:13:15:6f:b6:17:14:0b:
                    cc:fb:01:32:8e:ee:85:69:5e:b3:a0:af:fc:ea:c5:
                    11:80:a1:27:ee:bf:d1:ea:ab:ef:fe:0a:44:a9:31:
                    13:d6:57:8e:66:bd:b5:95:3c:d0:83:3e:7c:21:9a:
                    6a:81:e4:5c:74:db:a3:6a:ea:61:1e:38:bc:a4:76:
                    15:82:95:3b:e0:78:7f:cc:d0:85:14:e4:20:62:5c:
                    bd:77:86:b8:ff:50:0e:c7:c5:8d:25:15:32:a3:96:
                    43:6a:4d:49:06:34:95:c3:79:90:19:91:24:f5:39:
                    55:cb:dc:dc:34:97:ac:e9:55:6b:6f:5a:76:ca:12:
                    40:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:38:9E:A3:67:8B:2E:89:D4:9C:40:35:87:8A:84:4B:16:70:90:F1
            X509v3 Authority Key Identifier:
                keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/ZDieo2eLLonUnEA1h4qESxZwkPE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:27:38:04:36:af:54:92:a4:45:9c:9f:e4:35:14:43:9a:46:
         71:c4:af:bb:8f:f3:aa:c8:5e:b1:4b:a9:54:02:3b:39:7c:60:
         0f:11:eb:0b:43:cb:d7:1a:57:54:ff:18:d1:38:c8:a4:78:05:
         c7:a2:0e:2d:16:16:75:0f:e6:36:17:c4:f6:7a:57:4f:8b:88:
         e1:7f:28:73:98:a3:26:73:a1:67:16:a9:04:bc:d3:f4:cb:ba:
         08:fa:b4:10:04:ab:e2:c9:52:3a:44:78:de:38:6f:2d:4c:f0:
         cb:e8:73:ed:b7:11:3e:2a:5e:a1:54:b4:be:3f:8c:83:b5:8e:
         73:f5:6b:3a:2c:3d:cf:2c:03:94:60:7a:5d:81:36:d7:e2:76:
         f0:77:33:03:fb:ac:64:de:59:f0:89:55:f5:16:e9:8d:1b:45:
         9b:08:c2:2c:45:ba:38:53:c6:55:51:e6:b7:85:ce:b7:89:71:
         ef:46:8b:b2:e6:46:ac:de:b5:5e:03:54:98:66:fd:cb:92:c5:
         82:c4:f1:fb:84:13:16:c7:e1:92:c9:29:be:53:38:37:48:bb:
         c6:54:6e:dc:b1:ce:e1:fc:55:75:99:7d:11:95:e3:01:89:ae:
         a1:57:5e:61:cd:99:12:41:d9:c9:95:11:f5:fc:6d:02:3a:f9:
         04:b7:4d:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxugTOPjh8Hw8nMJj/257WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVjYzRiYThhNGQ1MjQ5OGEwZDI5ODNhNjhiNjEzODNh
YTdmZDcwHhcNMjMwMTAyMDkwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDM4OWVhMzY3OGIyZTg5ZDQ5YzQwMzU4NzhhODQ0YjE2NzA5MGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDfLmLsXrbBgNzO24h8gr+3iYEwJ
EyVM6TfcwjxTEweVr4LD6MVK+yg4bcU+Ae1sDKt6WAP19cUlHmjIF3d8Ap2cE8Yk
0dl3jhjGVGhQAzZaYU01s/V95UYKgs/XwOZb+kvE9Cic1AOy2PR4VscYa+/S6s7B
euY8oUXXpU5y1xMVb7YXFAvM+wEyju6FaV6zoK/86sURgKEn7r/R6qvv/gpEqTET
1leOZr21lTzQgz58IZpqgeRcdNujauphHji8pHYVgpU74Hh/zNCFFOQgYly9d4a4
/1AOx8WNJRUyo5ZDak1JBjSVw3mQGZEk9TlVy9zcNJes6VVrb1p2yhJAaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQ4nqNniy6J1JxANYeKhEsWcJDxMB8GA1UdIwQY
MBaAFGK+zEuopNUkmKDSmDpothODqn/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMt
MmZmMTRjMjE4NzE5LzEvWkRpZW8yZUxMb25VbkVBMWg0cUVTeFp3a1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMtMmZmMTRjMjE4NzE5
LzEvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdHMMA0G
CSqGSIb3DQEBCwUAA4IBAQABJzgENq9UkqRFnJ/kNRRDmkZxxK+7j/OqyF6xS6lU
Ajs5fGAPEesLQ8vXGldU/xjROMikeAXHog4tFhZ1D+Y2F8T2eldPi4jhfyhzmKMm
c6FnFqkEvNP0y7oI+rQQBKviyVI6RHjeOG8tTPDL6HPttxE+Kl6hVLS+P4yDtY5z
9Ws6LD3PLAOUYHpdgTbX4nbwdzMD+6xk3lnwiVX1FumNG0WbCMIsRbo4U8ZVUea3
hc63iXHvRouy5kas3rVeA1SYZv3LksWCxPH7hBMWx+GSySm+Uzg3SLvGVG7csc7h
/FV1mX0RleMBia6hV15hzZkSQdnJlRH1/G0COvkEt02R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org