Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/xZonIXP8kvb6uyBmVmWpwwHpLMo.roa
File:                     xZonIXP8kvb6uyBmVmWpwwHpLMo.roa (raw, json)
Hash identifier:          q3iXsvJpOD8IG3ZbXLFvVfy4db+KFRlVRYos4AMTj+Y=
Subject key identifier:   C5:9A:27:21:73:FC:92:F6:FA:BB:20:66:56:65:A9:C3:01:E9:2C:CA
Certificate issuer:       /CN=b262bf21de51385859416c4c608001e2025a5d25
Certificate serial:       01856B257E14FAB6B64F9977F6ADA1BF7349
Authority key identifier: B2:62:BF:21:DE:51:38:58:59:41:6C:4C:60:80:01:E2:02:5A:5D:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/smK_Id5ROFhZQWxMYIAB4gJaXSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/xZonIXP8kvb6uyBmVmWpwwHpLMo.roa
Signing time:             Sun 01 Jan 2023 02:24:57 +0000
ROA not before:           Sun 01 Jan 2023 02:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30746
IP address blocks:        185.61.113.0/24 maxlen: 24
                          185.61.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Feb 2023 15:52:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:25:7e:14:fa:b6:b6:4f:99:77:f6:ad:a1:bf:73:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b262bf21de51385859416c4c608001e2025a5d25
        Validity
            Not Before: Jan  1 02:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c59a272173fc92f6fabb20665665a9c301e92cca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:51:b2:c9:71:0e:1a:d4:38:ed:98:36:b9:a5:
                    9a:be:76:64:59:7e:2d:70:d5:20:16:cc:2c:b4:0d:
                    29:84:73:00:68:2a:23:9d:42:ee:b7:d0:c6:61:71:
                    90:d6:ff:ce:74:a4:ff:4a:d7:4e:2b:e6:52:e1:89:
                    b9:73:06:35:3b:67:f8:22:97:ab:d7:cc:11:fd:a6:
                    b2:d5:32:ae:15:a1:97:fd:1c:9b:9b:65:2a:b3:98:
                    fb:61:f5:fe:8b:7f:08:eb:71:ad:25:9c:62:2d:11:
                    03:bf:b7:c0:b7:f1:df:a7:0d:27:31:0a:b0:a5:a2:
                    7a:e5:4e:6e:09:c2:c2:06:7b:97:9e:b3:a6:c2:f9:
                    9e:3a:0b:ad:f9:39:0a:c8:d9:b9:62:30:63:bb:dd:
                    8e:ff:6c:3e:63:81:62:e9:ce:e7:b9:3f:9c:bc:5b:
                    e5:f9:3e:d8:78:7b:0d:80:36:43:8a:78:f6:18:00:
                    44:17:08:0f:c8:59:f1:75:ca:83:ef:78:52:6a:cc:
                    e7:cc:c6:f1:91:ba:0b:79:e7:2d:04:33:7e:c5:00:
                    1c:d5:0e:dc:47:6c:02:04:8a:fe:5e:d7:5f:8c:1f:
                    67:f8:66:ae:a9:af:1c:9c:00:5c:f6:89:5f:07:4c:
                    e6:a8:09:a1:00:55:79:ec:41:a5:c9:06:12:2a:09:
                    a0:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:9A:27:21:73:FC:92:F6:FA:BB:20:66:56:65:A9:C3:01:E9:2C:CA
            X509v3 Authority Key Identifier:
                keyid:B2:62:BF:21:DE:51:38:58:59:41:6C:4C:60:80:01:E2:02:5A:5D:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smK_Id5ROFhZQWxMYIAB4gJaXSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/xZonIXP8kvb6uyBmVmWpwwHpLMo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/smK_Id5ROFhZQWxMYIAB4gJaXSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.61.113.0-185.61.114.255

    Signature Algorithm: sha256WithRSAEncryption
         26:ef:23:3b:9f:bd:b5:4b:1b:20:53:d4:b7:d8:4a:83:f0:d6:
         e8:6b:d4:cf:51:5e:83:cf:59:a5:69:c4:7e:80:7d:71:ea:8a:
         c4:79:3a:83:39:9f:3b:f7:58:a8:42:df:f1:ea:9b:ab:cb:d4:
         a7:9e:34:ca:5f:eb:28:b7:ca:cb:6d:d0:c6:7a:d9:75:7b:f3:
         bf:45:c7:74:1b:2f:af:e0:f9:d5:1a:f2:8b:f5:6f:6e:25:87:
         cb:ea:59:a7:6b:1f:46:00:77:d3:bd:0f:a9:84:f6:36:2f:d4:
         1a:a4:7b:b5:0e:79:75:dd:e8:6a:68:77:a7:79:44:35:4d:48:
         b1:c7:40:4d:f8:63:3f:d6:31:4a:4b:8e:4a:ec:12:b3:d1:94:
         8d:f2:95:46:bd:ef:cf:c6:f9:cf:d2:a1:11:d4:ad:fe:3e:8b:
         5e:79:ed:bd:52:12:f6:ad:41:91:df:5d:3c:11:aa:c2:81:32:
         97:5d:67:cc:e0:b4:65:a0:ed:dd:77:25:da:b8:1a:19:74:98:
         cf:84:33:d5:7a:01:65:81:15:75:7a:ac:d7:83:23:25:70:62:
         b7:c8:25:f3:b7:f7:ac:d3:5d:8d:bc:9e:9d:57:67:db:f4:8c:
         94:4d:59:24:02:16:5d:97:c7:20:04:80:c0:76:69:d7:63:45:
         d1:1c:49:46
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVrJX4U+ra2T5l39q2hv3NJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNjJiZjIxZGU1MTM4NTg1OTQxNmM0YzYwODAwMWUyMDI1
YTVkMjUwHhcNMjMwMTAxMDIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTlhMjcyMTczZmM5MmY2ZmFiYjIwNjY1NjY1YTljMzAxZTkyY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVGyyXEOGtQ47Zg2uaWavnZkWX4t
cNUgFswstA0phHMAaCojnULut9DGYXGQ1v/OdKT/StdOK+ZS4Ym5cwY1O2f4Iper
18wR/aay1TKuFaGX/Rybm2Uqs5j7YfX+i38I63GtJZxiLREDv7fAt/Hfpw0nMQqw
paJ65U5uCcLCBnuXnrOmwvmeOgut+TkKyNm5YjBju92O/2w+Y4Fi6c7nuT+cvFvl
+T7YeHsNgDZDinj2GABEFwgPyFnxdcqD73hSasznzMbxkboLeectBDN+xQAc1Q7c
R2wCBIr+XtdfjB9n+Gauqa8cnABc9olfB0zmqAmhAFV57EGlyQYSKgmgRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMWaJyFz/JL2+rsgZlZlqcMB6SzKMB8GA1UdIwQY
MBaAFLJivyHeUThYWUFsTGCAAeICWl0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc21LX0lkNVJPRmhaUVd4TVlJQUI0Z0phWFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84NjMwOTMtNWVkNi00M2IyLWJiZGEt
MTRjNmM1MDU1Zjg4LzEveFpvbklYUDhrdmI2dXlCbVZtV3B3d0hwTE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi84NjMwOTMtNWVkNi00M2IyLWJiZGEtMTRjNmM1MDU1Zjg4
LzEvc21LX0lkNVJPRmhaUVd4TVlJQUI0Z0phWFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5PXED
BAC5PXIwDQYJKoZIhvcNAQELBQADggEBACbvIzufvbVLGyBT1LfYSoPw1uhr1M9R
XoPPWaVpxH6AfXHqisR5OoM5nzv3WKhC3/Hqm6vL1KeeNMpf6yi3ystt0MZ62XV7
879Fx3QbL6/g+dUa8ov1b24lh8vqWadrH0YAd9O9D6mE9jYv1Bqke7UOeXXd6Gpo
d6d5RDVNSLHHQE34Yz/WMUpLjkrsErPRlI3ylUa978/G+c/SoRHUrf4+i1557b1S
EvatQZHfXTwRqsKBMpddZ8zgtGWg7d13Jdq4Ghl0mM+EM9V6AWWBFXV6rNeDIyVw
YrfIJfO396zTXY28np1XZ9v0jJRNWSQCFl2XxyAEgMB2addjRdEcSUY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:32 2024 by rpki-client on console-ams.rpki-client.org