Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/zL34cSLMZnobLfW1wop5mNibl74.roa
File:                     zL34cSLMZnobLfW1wop5mNibl74.roa (raw, json)
Hash identifier:          t94JgOo9saapYoX2Ob1scrZ2dWktZKCwi8f6FYyNw7I=
Subject key identifier:   CC:BD:F8:71:22:CC:66:7A:1B:2D:F5:B5:C2:8A:79:98:D8:9B:97:BE
Certificate issuer:       /CN=0424c1165818a432f797c8ddf4b5307b1e5aef74
Certificate serial:       01892BF0B83D162EAB6383EBA4D191CD35CE
Authority key identifier: 04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/zL34cSLMZnobLfW1wop5mNibl74.roa
Signing time:             Thu 06 Jul 2023 16:02:23 +0000
ROA not before:           Thu 06 Jul 2023 16:02:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39104
IP address blocks:        185.234.80.0/22 maxlen: 22
                          158.255.64.0/21 maxlen: 21
                          185.8.28.0/22 maxlen: 22
                          195.60.188.0/23 maxlen: 23
                          185.189.156.0/22 maxlen: 22
                          195.110.12.0/23 maxlen: 23
                          2a0d:700::/29 maxlen: 29
                          2a03:c580::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2b:f0:b8:3d:16:2e:ab:63:83:eb:a4:d1:91:cd:35:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0424c1165818a432f797c8ddf4b5307b1e5aef74
        Validity
            Not Before: Jul  6 16:02:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ccbdf87122cc667a1b2df5b5c28a7998d89b97be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a7:a2:06:25:79:ad:3e:61:b3:1f:cc:50:fd:
                    10:91:5e:0d:72:04:03:f8:63:37:0f:dc:95:85:31:
                    e2:18:bb:ee:f3:87:e2:c6:2e:0e:af:12:23:b4:76:
                    9a:35:20:2d:d5:bd:d5:4a:a2:13:6e:05:d4:e3:71:
                    d9:d8:bd:6e:cb:cb:5a:4a:d3:ec:c8:48:c7:76:46:
                    99:96:57:3b:4d:44:d0:6e:53:8f:20:a7:34:20:d0:
                    1c:20:c0:f4:b6:75:e0:c4:9b:59:0b:9c:7a:c9:3d:
                    56:fb:5e:0f:e9:1c:ea:d2:05:2c:52:18:b5:a6:db:
                    3d:a5:1f:b1:e9:f3:a9:1e:64:c6:16:ed:f8:b9:82:
                    7d:1e:71:2b:70:80:a9:38:25:d2:ff:3a:90:eb:c1:
                    f9:38:53:22:0b:79:d6:3b:f0:f3:fb:ca:bb:79:2a:
                    db:35:57:ac:19:a3:78:1f:bd:9e:f3:c6:12:d1:35:
                    77:63:0a:db:49:03:f5:7d:a0:9d:51:44:bd:c1:e7:
                    c8:cb:ca:9f:65:c0:ba:1c:35:66:b6:6f:cf:29:9b:
                    04:87:85:4e:2c:e2:e8:c9:38:54:43:aa:2a:fa:36:
                    9c:cd:05:f1:e2:d2:77:a0:11:29:10:0b:9a:7d:66:
                    a0:2a:ad:9c:9c:d7:a7:30:a5:1d:75:99:61:13:00:
                    64:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:BD:F8:71:22:CC:66:7A:1B:2D:F5:B5:C2:8A:79:98:D8:9B:97:BE
            X509v3 Authority Key Identifier:
                keyid:04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/zL34cSLMZnobLfW1wop5mNibl74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/BCTBFlgYpDL3l8jd9LUwex5a73Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.255.64.0/21
                  185.8.28.0/22
                  185.189.156.0/22
                  185.234.80.0/22
                  195.60.188.0/23
                  195.110.12.0/23
                IPv6:
                  2a03:c580::/32
                  2a0d:700::/29

    Signature Algorithm: sha256WithRSAEncryption
         28:61:50:03:1e:26:48:66:85:6a:e3:81:d9:e8:89:06:7c:95:
         8b:a6:2e:c9:50:06:70:14:32:4a:eb:63:86:9b:fd:d9:6a:01:
         a1:dc:12:6d:99:d4:da:b7:44:b7:c7:47:ae:a4:ae:bf:5f:e1:
         f0:47:b6:a0:e4:2f:99:0d:81:f8:17:74:a2:7b:9d:35:b2:57:
         dd:a1:3b:d5:2c:d4:fe:61:de:81:77:40:4e:68:64:02:b8:55:
         6b:38:11:7b:f5:7b:37:da:31:6d:ad:78:17:09:1e:28:d9:20:
         8c:d4:54:8b:f1:45:2d:0d:c9:e8:d4:cd:8a:1d:48:9e:47:63:
         05:08:83:07:6f:dc:18:7a:a0:ff:99:51:40:78:3a:31:dc:1e:
         a3:e0:78:80:20:f9:cc:36:d6:21:8e:d6:e4:08:6e:95:8f:11:
         36:2d:ea:37:e3:09:6e:f7:4a:ed:0c:c8:92:62:da:1d:30:ca:
         bc:06:02:aa:1d:1a:04:de:da:d7:02:df:77:95:c2:27:63:d2:
         4f:00:b5:b0:12:8e:3c:fd:11:59:d0:77:16:d5:b0:d3:2d:c1:
         80:e0:2c:46:ed:4f:63:40:67:1c:4f:74:b6:33:16:6e:d5:1d:
         58:75:98:25:3f:60:45:5a:a6:9a:14:a7:0a:bb:16:52:af:6c:
         83:7a:7c:5d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYkr8Lg9Fi6rY4PrpNGRzTXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MjRjMTE2NTgxOGE0MzJmNzk3YzhkZGY0YjUzMDdiMWU1
YWVmNzQwHhcNMjMwNzA2MTYwMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2JkZjg3MTIyY2M2NjdhMWIyZGY1YjVjMjhhNzk5OGQ4OWI5N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6eiBiV5rT5hsx/MUP0QkV4NcgQD
+GM3D9yVhTHiGLvu84fixi4OrxIjtHaaNSAt1b3VSqITbgXU43HZ2L1uy8taStPs
yEjHdkaZllc7TUTQblOPIKc0INAcIMD0tnXgxJtZC5x6yT1W+14P6Rzq0gUsUhi1
pts9pR+x6fOpHmTGFu34uYJ9HnErcICpOCXS/zqQ68H5OFMiC3nWO/Dz+8q7eSrb
NVesGaN4H72e88YS0TV3YwrbSQP1faCdUUS9wefIy8qfZcC6HDVmtm/PKZsEh4VO
LOLoyThUQ6oq+jaczQXx4tJ3oBEpEAuafWagKq2cnNenMKUddZlhEwBkpQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMy9+HEizGZ6Gy31tcKKeZjYm5e+MB8GA1UdIwQY
MBaAFAQkwRZYGKQy95fI3fS1MHseWu90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTkt
YzMzOWNjYWYzYTFlLzEvekwzNGNTTE1abm9iTGZXMXdvcDVtTmlibDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTktYzMzOWNjYWYzYTFl
LzEvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDnv9AAwQC
uQgcAwQCub2cAwQCuepQAwQBwzy8AwQBw24MMBQEAgACMA4DBQAqA8WAAwUDKg0H
ADANBgkqhkiG9w0BAQsFAAOCAQEAKGFQAx4mSGaFauOB2eiJBnyVi6YuyVAGcBQy
Sutjhpv92WoBodwSbZnU2rdEt8dHrqSuv1/h8Ee2oOQvmQ2B+Bd0onudNbJX3aE7
1SzU/mHegXdATmhkArhVazgRe/V7N9oxba14FwkeKNkgjNRUi/FFLQ3J6NTNih1I
nkdjBQiDB2/cGHqg/5lRQHg6Mdweo+B4gCD5zDbWIY7W5AhulY8RNi3qN+MJbvdK
7QzIkmLaHTDKvAYCqh0aBN7a1wLfd5XCJ2PSTwC1sBKOPP0RWdB3FtWw0y3BgOAs
Ru1PY0BnHE90tjMWbtUdWHWYJT9gRVqmmhSnCrsWUq9sg3p8XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:11 2024 by rpki-client on console-ams.rpki-client.org