Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/36253f-cd8e-4fd0-ae37-e937099733c3/1/_zB24c9sGJ_zXTK0deEqD9wF3Hc.roa
File:                     _zB24c9sGJ_zXTK0deEqD9wF3Hc.roa (raw, json)
Hash identifier:          2crgTwCk3x8FV/mEPkjfn7EIj+FS0aTdRLKNbj4LClE=
Subject key identifier:   FF:30:76:E1:CF:6C:18:9F:F3:5D:32:B4:75:E1:2A:0F:DC:05:DC:77
Certificate issuer:       /CN=de8b8549e8cf71e91faa63b40791e6bfbbfdac04
Certificate serial:       01856F94A4E681D8B27AB7B91A2525387C09
Authority key identifier: DE:8B:85:49:E8:CF:71:E9:1F:AA:63:B4:07:91:E6:BF:BB:FD:AC:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ouFSejPcekfqmO0B5Hmv7v9rAQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/36253f-cd8e-4fd0-ae37-e937099733c3/1/_zB24c9sGJ_zXTK0deEqD9wF3Hc.roa
Signing time:             Sun 01 Jan 2023 23:04:50 +0000
ROA not before:           Sun 01 Jan 2023 23:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43824
IP address blocks:        185.217.85.0/24 maxlen: 24
                          185.217.84.0/24 maxlen: 24
                          185.217.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:a4:e6:81:d8:b2:7a:b7:b9:1a:25:25:38:7c:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de8b8549e8cf71e91faa63b40791e6bfbbfdac04
        Validity
            Not Before: Jan  1 23:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff3076e1cf6c189ff35d32b475e12a0fdc05dc77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0f:65:8f:11:2b:f0:5b:ac:0c:0e:97:5a:93:
                    14:26:89:3b:52:aa:16:da:7d:cb:6d:51:d8:ac:3e:
                    43:b0:e2:26:5e:26:61:b3:7d:cf:3b:a9:04:82:62:
                    00:ab:8d:16:ab:44:d7:85:58:a9:57:1e:d8:e8:e9:
                    11:eb:c8:ca:52:b0:94:80:75:44:3f:df:b2:84:24:
                    14:eb:83:6d:eb:ee:a6:f2:8b:6a:33:bd:82:41:33:
                    e7:56:ff:67:bb:32:e0:88:53:6d:d9:10:c8:f0:76:
                    93:5a:16:40:06:44:7c:69:45:2f:ee:7b:86:e6:c8:
                    5e:48:35:dd:db:0d:c5:85:8d:94:9b:56:13:f7:92:
                    3b:c8:37:69:55:67:49:6b:7a:e4:d0:2d:2e:9f:22:
                    27:da:16:85:86:3c:e2:20:7f:c6:65:ee:8c:21:17:
                    fc:6f:a1:be:ea:ec:e4:04:fc:bf:c3:60:27:13:47:
                    56:e1:23:f3:34:7e:49:8b:2c:62:32:52:3f:40:8c:
                    4e:27:d0:fd:fd:63:32:22:54:55:3d:04:69:ff:c0:
                    7c:bd:af:35:43:3b:a4:1f:12:97:12:f5:e9:40:c4:
                    af:11:0c:b4:c2:dd:8b:df:76:55:33:dd:4f:e1:af:
                    9f:6d:be:ca:b1:61:ef:55:86:f4:4a:b4:f3:ab:0b:
                    dc:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:30:76:E1:CF:6C:18:9F:F3:5D:32:B4:75:E1:2A:0F:DC:05:DC:77
            X509v3 Authority Key Identifier:
                keyid:DE:8B:85:49:E8:CF:71:E9:1F:AA:63:B4:07:91:E6:BF:BB:FD:AC:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ouFSejPcekfqmO0B5Hmv7v9rAQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/36253f-cd8e-4fd0-ae37-e937099733c3/1/_zB24c9sGJ_zXTK0deEqD9wF3Hc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/36253f-cd8e-4fd0-ae37-e937099733c3/1/3ouFSejPcekfqmO0B5Hmv7v9rAQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.84.0/23
                  185.217.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:1b:d7:29:1b:8c:a6:f6:7c:f6:eb:da:8d:6d:2f:cf:de:82:
         2f:2a:d4:6b:a5:7a:e2:75:02:52:0e:81:c4:20:d5:07:b0:b9:
         7f:ab:d2:a3:b4:c5:f8:da:57:09:33:e7:ad:89:49:86:9f:46:
         c1:c4:10:e0:4a:10:e1:6e:48:db:82:d8:28:28:0d:f7:d2:15:
         72:00:c8:0c:ad:61:5d:77:cb:ff:1e:45:1d:dc:cc:ab:47:8d:
         5c:a7:4d:f8:ee:c4:53:4e:30:3b:b8:ca:42:9c:02:47:ba:06:
         68:52:f6:93:6b:d0:15:44:1f:97:94:44:35:cf:23:ff:7b:3c:
         20:58:2d:63:e1:00:f8:84:13:3f:c5:80:1a:f2:fd:90:97:9e:
         60:2e:08:98:06:29:70:a1:89:b8:22:be:5d:42:c7:32:02:9d:
         ad:e9:35:10:84:10:0d:fb:01:85:14:61:64:d3:a2:da:b4:53:
         aa:98:d0:34:ee:23:e7:e3:33:04:6d:85:84:c3:89:b3:83:0f:
         85:78:5a:26:e0:a4:01:2c:0f:22:d8:b9:ed:90:4c:d8:6c:e9:
         35:2e:e1:88:2c:6b:4d:09:a9:a2:48:b5:a4:cb:88:f9:9d:54:
         9b:1c:71:80:55:ea:dd:90:92:43:86:06:27:9d:2a:81:39:97:
         d3:9b:6a:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvlKTmgdiyere5GiUlOHwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOGI4NTQ5ZThjZjcxZTkxZmFhNjNiNDA3OTFlNmJmYmJm
ZGFjMDQwHhcNMjMwMTAxMjMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjMwNzZlMWNmNmMxODlmZjM1ZDMyYjQ3NWUxMmEwZmRjMDVkYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA9ljxEr8FusDA6XWpMUJok7UqoW
2n3LbVHYrD5DsOImXiZhs33PO6kEgmIAq40Wq0TXhVipVx7Y6OkR68jKUrCUgHVE
P9+yhCQU64Nt6+6m8otqM72CQTPnVv9nuzLgiFNt2RDI8HaTWhZABkR8aUUv7nuG
5sheSDXd2w3FhY2Um1YT95I7yDdpVWdJa3rk0C0unyIn2haFhjziIH/GZe6MIRf8
b6G+6uzkBPy/w2AnE0dW4SPzNH5JiyxiMlI/QIxOJ9D9/WMyIlRVPQRp/8B8va81
QzukHxKXEvXpQMSvEQy0wt2L33ZVM91P4a+fbb7KsWHvVYb0SrTzqwvcawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP8wduHPbBif810ytHXhKg/cBdx3MB8GA1UdIwQY
MBaAFN6LhUnoz3HpH6pjtAeR5r+7/awEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM291RlNlalBjZWtmcW1PMEI1SG12N3Y5ckFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8zNjI1M2YtY2Q4ZS00ZmQwLWFlMzct
ZTkzNzA5OTczM2MzLzEvX3pCMjRjOXNHSl96WFRLMGRlRXFEOXdGM0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8zNjI1M2YtY2Q4ZS00ZmQwLWFlMzctZTkzNzA5OTczM2Mz
LzEvM291RlNlalBjZWtmcW1PMEI1SG12N3Y5ckFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudlUAwQA
udlXMA0GCSqGSIb3DQEBCwUAA4IBAQA+G9cpG4ym9nz269qNbS/P3oIvKtRrpXri
dQJSDoHEINUHsLl/q9KjtMX42lcJM+etiUmGn0bBxBDgShDhbkjbgtgoKA330hVy
AMgMrWFdd8v/HkUd3MyrR41cp0347sRTTjA7uMpCnAJHugZoUvaTa9AVRB+XlEQ1
zyP/ezwgWC1j4QD4hBM/xYAa8v2Ql55gLgiYBilwoYm4Ir5dQscyAp2t6TUQhBAN
+wGFFGFk06LatFOqmNA07iPn4zMEbYWEw4mzgw+FeFom4KQBLA8i2LntkEzYbOk1
LuGILGtNCamiSLWky4j5nVSbHHGAVerdkJJDhgYnnSqBOZfTm2qa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:42 2024 by rpki-client on console-ams.rpki-client.org