Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ZPvSAY0GMB5gODfPAMC-TGNL_vQ.roa
File:                     ZPvSAY0GMB5gODfPAMC-TGNL_vQ.roa (raw, json)
Hash identifier:          yRznUs+tJf8sEP0R42ss8Mn59DRzE3108JvvuY8QEfo=
Subject key identifier:   64:FB:D2:01:8D:06:30:1E:60:38:37:CF:00:C0:BE:4C:63:4B:FE:F4
Certificate issuer:       /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial:       01856D53F2C7E41E3B1ED98FACA0A5B71D61
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ZPvSAY0GMB5gODfPAMC-TGNL_vQ.roa
Signing time:             Sun 01 Jan 2023 12:34:56 +0000
ROA not before:           Sun 01 Jan 2023 12:34:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207743
IP address blocks:        188.74.129.0/24 maxlen: 24
                          188.74.132.0/22 maxlen: 24
                          188.119.156.0/23 maxlen: 24
                          5.154.252.0/23 maxlen: 23
                          5.157.130.0/23 maxlen: 23
                          5.157.129.0/24 maxlen: 24
                          5.154.254.0/23 maxlen: 23
                          37.35.42.0/23 maxlen: 23
                          37.35.40.0/23 maxlen: 23
                          178.157.72.0/22 maxlen: 24
                          188.74.210.0/23 maxlen: 23
                          178.157.102.0/23 maxlen: 23
                          188.74.240.0/22 maxlen: 24
                          188.74.140.0/22 maxlen: 22
                          188.74.168.0/23 maxlen: 23
                          188.74.182.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:f2:c7:e4:1e:3b:1e:d9:8f:ac:a0:a5:b7:1d:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
        Validity
            Not Before: Jan  1 12:34:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64fbd2018d06301e603837cf00c0be4c634bfef4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:8e:54:26:22:d9:94:95:24:df:86:4d:1e:92:
                    e5:83:49:a7:53:d9:70:21:42:08:83:d1:3f:04:ba:
                    d0:2a:0e:6a:b9:84:88:29:01:70:ca:05:c0:03:33:
                    fc:91:44:72:ed:12:1a:31:37:06:23:89:3c:67:93:
                    de:ad:a0:8e:db:3b:1d:28:15:04:c7:9c:b3:aa:6f:
                    8f:c4:87:6c:db:9b:45:28:3d:fe:a4:8f:74:16:97:
                    73:85:50:ae:94:d3:5e:2e:63:81:ea:7d:97:8d:6b:
                    40:ba:c5:eb:0f:50:d6:6f:8a:90:4b:ce:af:a6:ee:
                    1f:18:4d:e5:49:b3:ea:30:4f:68:f9:45:7f:31:a5:
                    af:8a:a4:a5:0c:b0:be:ab:00:2a:a1:31:83:62:32:
                    ee:45:e3:8e:c5:e3:2b:9f:75:a0:21:0f:54:e0:cd:
                    47:00:c0:8e:f1:5c:aa:15:3e:b3:21:61:e8:e8:8e:
                    aa:0e:23:37:60:c1:50:d8:79:d5:5e:bf:04:f4:fb:
                    eb:15:27:dd:13:93:03:84:63:4e:72:11:6c:0e:58:
                    f3:d7:a8:41:17:4b:3d:6d:c7:5b:9b:e0:c3:f7:e0:
                    92:ee:5c:eb:eb:29:d6:cd:31:6d:a9:88:ce:c6:f2:
                    77:ff:71:c8:02:0f:1d:80:2a:5b:c6:4c:2d:68:88:
                    bb:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:FB:D2:01:8D:06:30:1E:60:38:37:CF:00:C0:BE:4C:63:4B:FE:F4
            X509v3 Authority Key Identifier:
                keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ZPvSAY0GMB5gODfPAMC-TGNL_vQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.252.0/22
                  5.157.129.0-5.157.131.255
                  37.35.40.0/22
                  178.157.72.0/22
                  178.157.102.0/23
                  188.74.129.0/24
                  188.74.132.0/22
                  188.74.140.0/22
                  188.74.168.0/23
                  188.74.182.0/23
                  188.74.210.0/23
                  188.74.240.0/22
                  188.119.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         53:48:aa:d7:e1:fb:81:31:14:51:c7:37:e4:6d:92:d7:b2:e6:
         eb:48:5a:a5:88:60:f2:66:56:f8:d8:9c:90:b6:0c:78:89:50:
         de:ef:2f:e2:5d:10:3e:38:83:98:bd:04:b9:75:f6:d5:0d:cd:
         1d:3d:f4:09:56:0c:00:c3:6a:a1:24:0b:75:3b:6d:3d:ee:f2:
         0f:21:eb:ca:a4:8b:40:ba:ff:d3:2d:9d:e8:71:fa:5e:fc:75:
         58:64:4c:a1:f5:ba:f6:4c:2c:29:57:e8:2e:06:c7:ae:64:24:
         9b:42:cf:73:0c:15:20:a4:5b:1d:fb:2a:a1:cc:5b:f9:aa:87:
         c4:e0:75:5c:e2:9b:87:ed:fc:25:4a:92:f7:81:ae:ec:58:f4:
         e5:6b:7d:55:68:56:8a:ba:47:ca:5b:ce:0a:fd:e0:85:d6:de:
         96:ab:c2:49:60:9a:49:2d:60:76:79:de:1d:a0:74:d1:eb:1e:
         5b:8a:7c:2e:59:f2:fe:9d:cf:98:cb:fe:11:49:d4:c0:a6:bc:
         27:1f:00:3e:ff:ab:95:dc:c4:51:44:32:c6:84:6b:5f:3e:29:
         da:83:88:dd:b3:fd:19:fa:c7:9b:ba:07:8f:23:12:45:e3:ae:
         a0:83:75:05:14:27:b7:43:9e:17:43:b4:d0:38:c5:10:5d:7a:
         30:42:9c:91
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVtU/LH5B47HtmPrKCltx1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGZiZDIwMThkMDYzMDFlNjAzODM3Y2YwMGMwYmU0YzYzNGJmZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh45UJiLZlJUk34ZNHpLlg0mnU9lw
IUIIg9E/BLrQKg5quYSIKQFwygXAAzP8kURy7RIaMTcGI4k8Z5PeraCO2zsdKBUE
x5yzqm+PxIds25tFKD3+pI90FpdzhVCulNNeLmOB6n2XjWtAusXrD1DWb4qQS86v
pu4fGE3lSbPqME9o+UV/MaWviqSlDLC+qwAqoTGDYjLuReOOxeMrn3WgIQ9U4M1H
AMCO8VyqFT6zIWHo6I6qDiM3YMFQ2HnVXr8E9PvrFSfdE5MDhGNOchFsDljz16hB
F0s9bcdbm+DD9+CS7lzr6ynWzTFtqYjOxvJ3/3HIAg8dgCpbxkwtaIi7bQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGT70gGNBjAeYDg3zwDAvkxjS/70MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvWlB2U0FZMEdNQjVnT0RmUEFNQy1UR05MX3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCBZr8MAwD
BAAFnYEDBAIFnYADBAIlIygDBAKynUgDBAGynWYDBAC8SoEDBAK8SoQDBAK8SowD
BAG8SqgDBAG8SrYDBAG8StIDBAK8SvADBAG8d5wwDQYJKoZIhvcNAQELBQADggEB
AFNIqtfh+4ExFFHHN+Rtktey5utIWqWIYPJmVvjYnJC2DHiJUN7vL+JdED44g5i9
BLl19tUNzR099AlWDADDaqEkC3U7bT3u8g8h68qki0C6/9Mtnehx+l78dVhkTKH1
uvZMLClX6C4Gx65kJJtCz3MMFSCkWx37KqHMW/mqh8TgdVzim4ft/CVKkveBruxY
9OVrfVVoVoq6R8pbzgr94IXW3parwklgmkktYHZ53h2gdNHrHluKfC5Z8v6dz5jL
/hFJ1MCmvCcfAD7/q5XcxFFEMsaEa18+KdqDiN2z/Rn6x5u6B48jEkXjrqCDdQUU
J7dDnhdDtNA4xRBdejBCnJE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org