Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZY7-7LcjAJWcFgwbN-y6PZylpZg.roa
File:                     ZY7-7LcjAJWcFgwbN-y6PZylpZg.roa (raw, json)
Hash identifier:          LTFcZAX1dG5LQvScEp2ptInPOmXRnN7hal5vlUugEy0=
Subject key identifier:   65:8E:FE:EC:B7:23:00:95:9C:16:0C:1B:37:EC:BA:3D:9C:A5:A5:98
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018C1B652196ED6CD98A2AF346EE5F6DCAFC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZY7-7LcjAJWcFgwbN-y6PZylpZg.roa
Signing time:             Wed 29 Nov 2023 14:04:21 +0000
ROA not before:           Wed 29 Nov 2023 14:04:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        81.5.189.0/24 maxlen: 24
                          82.153.65.0/24 maxlen: 24
                          89.213.152.0/24 maxlen: 24
                          82.152.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 08:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1b:65:21:96:ed:6c:d9:8a:2a:f3:46:ee:5f:6d:ca:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 29 14:04:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=658efeecb72300959c160c1b37ecba3d9ca5a598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:91:3f:51:c2:52:0d:ca:20:48:87:f1:25:0b:
                    b5:9d:9a:4b:93:b5:1c:bb:ee:08:00:fe:a9:53:28:
                    28:51:1f:ed:8b:1f:80:c3:02:05:14:d2:e4:1a:8e:
                    b9:59:cf:0d:7c:9f:1a:a3:e6:69:14:27:9f:27:58:
                    64:ad:2c:c4:fb:17:24:2c:80:09:1b:b3:f6:16:51:
                    06:28:92:8a:ce:02:0d:e7:a1:c0:05:83:b9:da:7f:
                    f1:e8:3f:70:7c:8c:6f:e3:a5:55:96:a9:b3:d2:d6:
                    dc:23:f3:3d:70:c5:00:5d:61:5d:d2:5e:e7:51:32:
                    a0:eb:09:c0:37:a5:98:65:dd:0b:b7:38:4a:13:1f:
                    3a:0d:64:3b:12:99:b2:68:d8:71:a5:de:6b:a2:31:
                    c4:74:fc:98:72:2e:5d:79:c9:15:08:1c:14:39:04:
                    54:35:6f:49:33:90:5d:82:a0:ec:3f:8d:de:2d:92:
                    40:b1:de:7a:3d:ca:dd:8a:ca:cc:da:31:4f:49:3c:
                    89:d1:09:9d:57:87:41:ce:c9:72:ea:f8:33:d1:6e:
                    ee:29:04:ba:7f:fb:09:e5:7c:56:77:78:8e:6c:e5:
                    be:c7:04:41:f9:16:12:46:3a:35:d9:4f:2b:5d:c3:
                    85:38:3e:e4:a7:7c:00:1b:86:7d:75:f6:00:ae:58:
                    37:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:8E:FE:EC:B7:23:00:95:9C:16:0C:1B:37:EC:BA:3D:9C:A5:A5:98
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZY7-7LcjAJWcFgwbN-y6PZylpZg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  82.152.49.0/24
                  82.153.65.0/24
                  89.213.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:05:a0:ff:77:8e:2a:be:91:56:d9:60:1b:71:82:4f:84:5d:
         73:78:3c:42:3f:3c:fd:9e:7d:bd:be:7d:af:cb:a2:64:f6:ca:
         1e:e2:79:e0:3b:c6:59:c0:1e:f1:bf:2a:5d:3a:b4:81:24:bb:
         12:0a:74:89:29:8e:72:2a:7c:46:3a:dc:75:e6:5e:f5:5e:23:
         58:15:f8:6b:f1:cd:91:00:e0:bb:e9:6e:fc:91:9e:75:8a:00:
         69:2d:a4:6d:b8:cd:b6:74:8d:7a:92:48:02:ce:7c:a8:0b:4b:
         18:b5:ba:e7:3e:f6:ba:43:be:ea:cf:03:3b:8b:cd:21:5e:79:
         d5:66:11:cb:53:14:75:5d:f0:6d:d2:dc:3a:f1:14:20:39:7b:
         fe:c4:30:b5:39:2b:60:03:cc:90:03:eb:d1:83:ab:f8:85:01:
         2f:7e:b6:3d:92:63:d4:80:c7:21:2f:2e:00:5f:0b:bc:ef:ea:
         1f:a9:21:79:9a:17:cd:e8:fc:60:74:4e:4e:fd:21:a3:f5:0f:
         f9:22:9a:3a:55:b5:7f:73:3c:70:99:ba:4f:4a:b0:35:f4:5f:
         15:f5:2f:cf:cb:f5:fb:7c:c1:e1:d9:94:a9:32:7f:b7:16:28:
         9a:19:78:35:29:27:68:c1:7c:13:e5:6b:7f:00:b2:d2:15:98:
         92:19:e7:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwbZSGW7WzZiirzRu5fbcr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTI5MTQwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThlZmVlY2I3MjMwMDk1OWMxNjBjMWIzN2VjYmEzZDljYTVhNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppE/UcJSDcogSIfxJQu1nZpLk7Uc
u+4IAP6pUygoUR/tix+AwwIFFNLkGo65Wc8NfJ8ao+ZpFCefJ1hkrSzE+xckLIAJ
G7P2FlEGKJKKzgIN56HABYO52n/x6D9wfIxv46VVlqmz0tbcI/M9cMUAXWFd0l7n
UTKg6wnAN6WYZd0LtzhKEx86DWQ7EpmyaNhxpd5rojHEdPyYci5deckVCBwUOQRU
NW9JM5BdgqDsP43eLZJAsd56PcrdisrM2jFPSTyJ0QmdV4dBzsly6vgz0W7uKQS6
f/sJ5XxWd3iObOW+xwRB+RYSRjo12U8rXcOFOD7kp3wAG4Z9dfYArlg3KQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGWO/uy3IwCVnBYMGzfsuj2cpaWYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWlk3LTdMY2pBSldjRmd3Yk4teTZQWnlscFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUQW9AwQA
UpgxAwQAUplBAwQAWdWYMA0GCSqGSIb3DQEBCwUAA4IBAQA/BaD/d44qvpFW2WAb
cYJPhF1zeDxCPzz9nn29vn2vy6Jk9soe4nngO8ZZwB7xvypdOrSBJLsSCnSJKY5y
KnxGOtx15l71XiNYFfhr8c2RAOC76W78kZ51igBpLaRtuM22dI16kkgCznyoC0sY
tbrnPva6Q77qzwM7i80hXnnVZhHLUxR1XfBt0tw68RQgOXv+xDC1OStgA8yQA+vR
g6v4hQEvfrY9kmPUgMchLy4AXwu87+ofqSF5mhfN6PxgdE5O/SGj9Q/5Ipo6VbV/
czxwmbpPSrA19F8V9S/Py/X7fMHh2ZSpMn+3FiiaGXg1KSdowXwT5Wt/ALLSFZiS
GefY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org