Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/zfyYco5-odrFlr_uLxfTOu_zJT8.roa
File:                     zfyYco5-odrFlr_uLxfTOu_zJT8.roa (raw, json)
Hash identifier:          BdlnxIUc+p4Ux098rgfj5Vd3LTtqt1FguF/YzSTovFs=
Subject key identifier:   CD:FC:98:72:8E:7E:A1:DA:C5:96:BF:EE:2F:17:D3:3A:EF:F3:25:3F
Certificate issuer:       /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial:       0186C0C1A2BF110CA26FFD2B8A7C82F222A6
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/zfyYco5-odrFlr_uLxfTOu_zJT8.roa
Signing time:             Wed 08 Mar 2023 10:26:00 +0000
ROA not before:           Wed 08 Mar 2023 10:26:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.144.236.0/22 maxlen: 24
                          2a07:4407::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c0:c1:a2:bf:11:0c:a2:6f:fd:2b:8a:7c:82:f2:22:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
        Validity
            Not Before: Mar  8 10:26:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cdfc98728e7ea1dac596bfee2f17d33aeff3253f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0b:55:a3:e8:5a:c2:9b:f6:be:d6:06:02:bd:
                    df:d1:28:8d:92:16:55:24:5b:f3:e7:cd:1b:eb:d6:
                    15:d9:09:32:54:3e:bf:36:aa:f1:29:8e:6d:07:ee:
                    94:da:74:65:57:4c:3a:29:b7:f4:fb:b8:0e:0d:9b:
                    01:34:a6:0e:09:ee:7c:7f:9b:be:d6:62:c8:6e:7a:
                    57:39:75:7a:18:30:2d:46:22:d5:ae:32:af:d5:d4:
                    0c:9c:1b:8b:ff:a7:6c:ab:a7:45:a4:00:8e:8c:69:
                    e1:df:e8:ba:16:25:25:ee:db:e5:b8:28:bd:0d:e9:
                    de:2d:bc:65:70:36:fc:f0:b8:4a:29:de:9a:7c:42:
                    9f:3f:72:65:b3:78:d7:cc:d7:8a:95:c2:53:79:e8:
                    0a:5d:f6:ea:ea:6e:cb:7e:7b:72:1e:4b:52:e4:75:
                    26:fb:e9:f5:79:51:af:83:a2:7f:4b:02:2c:22:89:
                    d7:e0:8c:74:fc:d6:b6:4c:22:c4:f9:f9:bb:4d:59:
                    24:9c:03:ed:d0:66:b6:eb:6f:59:6c:48:e0:f1:9a:
                    40:f0:c8:83:e6:10:64:a0:84:17:be:fc:52:98:2d:
                    03:75:09:ec:08:c4:b8:76:2e:5d:5f:2e:f6:35:e5:
                    a1:96:e8:30:f1:19:17:ea:d2:f3:36:41:57:55:9b:
                    f3:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:FC:98:72:8E:7E:A1:DA:C5:96:BF:EE:2F:17:D3:3A:EF:F3:25:3F
            X509v3 Authority Key Identifier:
                keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/zfyYco5-odrFlr_uLxfTOu_zJT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.144.236.0/22
                IPv6:
                  2a07:4407::/32

    Signature Algorithm: sha256WithRSAEncryption
         8a:91:04:ad:d2:a4:fc:34:ac:78:b3:a8:89:d6:95:e7:85:82:
         79:d3:66:26:10:92:c8:5c:8f:33:47:4e:56:84:84:3b:23:07:
         53:7d:cd:99:0c:69:6e:11:db:11:51:22:b5:fb:72:5c:0d:4f:
         cc:b0:de:6e:91:01:7c:87:e9:a5:14:16:e3:67:0d:54:ef:9d:
         4b:0f:b0:d2:6d:70:a8:07:73:46:68:af:65:38:38:ae:35:61:
         f4:04:4a:e5:ac:fa:6a:58:82:88:51:ee:05:ad:9c:64:b9:17:
         bb:5b:2e:1d:96:c2:25:c5:2a:5e:af:6d:a1:0a:fe:16:17:64:
         75:2b:4d:c7:91:56:89:2d:c4:92:97:74:08:31:ab:2f:14:47:
         85:55:f3:c6:67:05:91:87:3d:08:96:1c:b1:e4:61:1d:af:ca:
         38:a9:4d:ee:70:ed:63:34:0d:c6:81:94:63:d7:80:69:93:47:
         6c:41:1a:06:16:46:7e:56:79:64:2b:c5:5d:ed:da:50:f7:ec:
         a0:a8:ca:13:6e:b7:09:2c:d2:55:c5:bc:15:cf:0e:e0:dc:65:
         20:9f:5b:7b:d9:53:2f:63:9b:27:e7:38:fd:72:3d:fb:e8:08:
         f0:e3:4a:49:60:65:7d:1a:d4:c8:cc:bd:4c:ab:36:62:e6:31:
         de:90:a1:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbAwaK/EQyib/0rinyC8iKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMzA4MTAyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGZjOTg3MjhlN2VhMWRhYzU5NmJmZWUyZjE3ZDMzYWVmZjMyNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwtVo+hawpv2vtYGAr3f0SiNkhZV
JFvz580b69YV2QkyVD6/NqrxKY5tB+6U2nRlV0w6Kbf0+7gODZsBNKYOCe58f5u+
1mLIbnpXOXV6GDAtRiLVrjKv1dQMnBuL/6dsq6dFpACOjGnh3+i6FiUl7tvluCi9
DeneLbxlcDb88LhKKd6afEKfP3Jls3jXzNeKlcJTeegKXfbq6m7LfntyHktS5HUm
++n1eVGvg6J/SwIsIonX4Ix0/Na2TCLE+fm7TVkknAPt0Ga2629ZbEjg8ZpA8MiD
5hBkoIQXvvxSmC0DdQnsCMS4di5dXy72NeWhlugw8RkX6tLzNkFXVZvz7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM38mHKOfqHaxZa/7i8X0zrv8yU/MB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvemZ5WWNvNS1vZHJGbHJfdUx4ZlRPdV96SlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQCKkQSt0qT8NKx4s6iJ1pXn
hYJ502YmEJLIXI8zR05WhIQ7IwdTfc2ZDGluEdsRUSK1+3JcDU/MsN5ukQF8h+ml
FBbjZw1U751LD7DSbXCoB3NGaK9lODiuNWH0BErlrPpqWIKIUe4FrZxkuRe7Wy4d
lsIlxSper22hCv4WF2R1K03HkVaJLcSSl3QIMasvFEeFVfPGZwWRhz0Ilhyx5GEd
r8o4qU3ucO1jNA3GgZRj14Bpk0dsQRoGFkZ+VnlkK8Vd7dpQ9+ygqMoTbrcJLNJV
xbwVzw7g3GUgn1t72VMvY5sn5zj9cj376Ajw40pJYGV9GtTIzL1MqzZi5jHekKGo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:37 2024 by rpki-client on console-fra.rpki-client.org