Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/EVZs25oHx2jXQf9uTHGOofMonJ8.roa
File:                     EVZs25oHx2jXQf9uTHGOofMonJ8.roa (raw, json)
Hash identifier:          Y6hy02Wnq4xyi+ecOzfddxirngRijlGEwp5TsYZg2o4=
Subject key identifier:   11:56:6C:DB:9A:07:C7:68:D7:41:FF:6E:4C:71:8E:A1:F3:28:9C:9F
Certificate issuer:       /CN=7699c189027e25ecc53f98b52ea65ae725d2a730
Certificate serial:       01856FF95FE601CD29B519F26E3932745597
Authority key identifier: 76:99:C1:89:02:7E:25:EC:C5:3F:98:B5:2E:A6:5A:E7:25:D2:A7:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dpnBiQJ-JezFP5i1LqZa5yXSpzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/EVZs25oHx2jXQf9uTHGOofMonJ8.roa
Signing time:             Mon 02 Jan 2023 00:54:52 +0000
ROA not before:           Mon 02 Jan 2023 00:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        185.46.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:5f:e6:01:cd:29:b5:19:f2:6e:39:32:74:55:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7699c189027e25ecc53f98b52ea65ae725d2a730
        Validity
            Not Before: Jan  2 00:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=11566cdb9a07c768d741ff6e4c718ea1f3289c9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ba:6a:ea:ba:d4:77:0e:9f:90:0e:7e:b5:23:
                    4a:39:81:be:19:b8:66:3a:b4:86:5b:3d:b8:1d:17:
                    d6:c2:79:32:1a:bd:70:36:a5:67:79:15:b8:a3:c3:
                    0f:f4:1c:78:5c:a2:f4:a2:53:89:2c:e9:d0:18:50:
                    7f:e4:e8:e8:14:61:60:a8:27:b4:29:52:f9:2b:66:
                    72:27:d6:79:ff:57:f6:2a:1a:26:21:1e:6b:10:2d:
                    7f:03:4a:60:24:29:bc:75:7c:5d:4e:96:a5:b1:a5:
                    f4:2f:b8:f8:63:9e:74:3c:12:1e:9f:17:54:64:35:
                    3c:62:c9:89:7f:9c:0f:f3:82:f3:6f:65:c4:63:c3:
                    37:1f:1c:23:bb:14:8d:43:a2:c6:d1:8b:25:c2:2e:
                    67:e8:66:08:23:08:8b:71:e1:50:b5:04:9b:ce:e7:
                    83:12:8e:7f:57:fa:15:fb:c6:53:9a:af:65:4d:28:
                    2f:5b:35:ed:9b:d1:e7:58:7f:23:99:67:cf:56:a3:
                    1d:9f:74:44:12:e3:e2:0e:18:ab:74:a8:74:5f:ea:
                    95:63:37:53:6d:97:5d:a0:10:20:1e:77:63:45:4c:
                    33:71:45:26:0a:fa:c2:a1:b7:b7:39:ed:8e:6a:0f:
                    72:0d:03:7c:7c:06:6a:8f:14:ac:3c:2c:93:d7:b1:
                    fa:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:56:6C:DB:9A:07:C7:68:D7:41:FF:6E:4C:71:8E:A1:F3:28:9C:9F
            X509v3 Authority Key Identifier:
                keyid:76:99:C1:89:02:7E:25:EC:C5:3F:98:B5:2E:A6:5A:E7:25:D2:A7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpnBiQJ-JezFP5i1LqZa5yXSpzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/EVZs25oHx2jXQf9uTHGOofMonJ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/717555-354f-4b37-8a6a-0940436691bd/1/dpnBiQJ-JezFP5i1LqZa5yXSpzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:ec:fc:1b:81:bf:c2:3c:75:25:00:db:37:22:14:1c:87:90:
         49:ba:72:57:23:a3:aa:54:c2:66:b1:77:7b:1c:e6:6d:87:e1:
         bc:b1:af:3c:02:e0:94:04:dc:42:de:c5:93:16:78:d8:d0:aa:
         51:e1:69:61:a9:b2:b8:10:ca:f1:ca:96:00:69:2e:bd:6d:c5:
         90:3e:6a:6e:d8:0a:29:db:2a:c9:83:7c:15:ee:b0:a2:50:c5:
         50:67:46:24:88:c0:96:63:04:be:86:48:8d:18:bf:5d:23:17:
         0a:be:4d:a8:95:4b:06:ed:5b:05:a0:3d:41:15:d4:d4:78:6f:
         49:81:e4:98:05:47:4c:89:b8:c6:6a:fb:dc:a7:99:c6:21:97:
         52:b0:aa:4f:f5:71:93:31:72:01:12:ea:2f:1a:5e:12:40:52:
         c2:65:d2:7c:69:b2:59:42:77:7a:48:9c:89:58:a1:f9:9a:74:
         22:84:a1:aa:50:75:ca:78:77:9d:cb:b6:dd:02:5a:c0:7e:3c:
         61:df:e3:38:75:01:ca:72:cc:a7:37:29:1e:46:9e:93:b0:eb:
         d3:01:c5:9a:bd:72:cd:8f:28:44:cd:92:cb:5b:34:8d:71:1c:
         0d:3a:4b:19:a0:0c:49:8e:a9:19:64:49:a9:9c:bf:04:f7:d1:
         c7:d8:62:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+V/mAc0ptRnybjkydFWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OTljMTg5MDI3ZTI1ZWNjNTNmOThiNTJlYTY1YWU3MjVk
MmE3MzAwHhcNMjMwMTAyMDA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTU2NmNkYjlhMDdjNzY4ZDc0MWZmNmU0YzcxOGVhMWYzMjg5YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLpq6rrUdw6fkA5+tSNKOYG+Gbhm
OrSGWz24HRfWwnkyGr1wNqVneRW4o8MP9Bx4XKL0olOJLOnQGFB/5OjoFGFgqCe0
KVL5K2ZyJ9Z5/1f2KhomIR5rEC1/A0pgJCm8dXxdTpalsaX0L7j4Y550PBIenxdU
ZDU8YsmJf5wP84Lzb2XEY8M3HxwjuxSNQ6LG0Yslwi5n6GYIIwiLceFQtQSbzueD
Eo5/V/oV+8ZTmq9lTSgvWzXtm9HnWH8jmWfPVqMdn3REEuPiDhirdKh0X+qVYzdT
bZddoBAgHndjRUwzcUUmCvrCobe3Oe2Oag9yDQN8fAZqjxSsPCyT17H68QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBFWbNuaB8do10H/bkxxjqHzKJyfMB8GA1UdIwQY
MBaAFHaZwYkCfiXsxT+YtS6mWucl0qcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHBuQmlRSi1KZXpGUDVpMUxxWmE1eVhTcHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83MTc1NTUtMzU0Zi00YjM3LThhNmEt
MDk0MDQzNjY5MWJkLzEvRVZaczI1b0h4MmpYUWY5dVRIR09vZk1vbko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83MTc1NTUtMzU0Zi00YjM3LThhNmEtMDk0MDQzNjY5MWJk
LzEvZHBuQmlRSi1KZXpGUDVpMUxxWmE1eVhTcHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuS7pMA0G
CSqGSIb3DQEBCwUAA4IBAQCD7Pwbgb/CPHUlANs3IhQch5BJunJXI6OqVMJmsXd7
HOZth+G8sa88AuCUBNxC3sWTFnjY0KpR4WlhqbK4EMrxypYAaS69bcWQPmpu2Aop
2yrJg3wV7rCiUMVQZ0YkiMCWYwS+hkiNGL9dIxcKvk2olUsG7VsFoD1BFdTUeG9J
geSYBUdMibjGavvcp5nGIZdSsKpP9XGTMXIBEuovGl4SQFLCZdJ8abJZQnd6SJyJ
WKH5mnQihKGqUHXKeHedy7bdAlrAfjxh3+M4dQHKcsynNykeRp6TsOvTAcWavXLN
jyhEzZLLWzSNcRwNOksZoAxJjqkZZEmpnL8E99HH2GJu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:01 2024 by rpki-client on console-fra.rpki-client.org