Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/zynRaakOMAuTnSqB5mPBBlI9vLI.roa
File:                     zynRaakOMAuTnSqB5mPBBlI9vLI.roa (raw, json)
Hash identifier:          KQkoxqaa9qS5yJcr4+GnOkfLsqLeMJN01WcDllhitsc=
Subject key identifier:   CF:29:D1:69:A9:0E:30:0B:93:9D:2A:81:E6:63:C1:06:52:3D:BC:B2
Certificate issuer:       /CN=a73d640d90bf3d67f2498138cc371f654647ddad
Certificate serial:       01856F391789A6F88BEB18A2CDAEF5C128D3
Authority key identifier: A7:3D:64:0D:90:BF:3D:67:F2:49:81:38:CC:37:1F:65:46:47:DD:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/zynRaakOMAuTnSqB5mPBBlI9vLI.roa
Signing time:             Sun 01 Jan 2023 21:24:50 +0000
ROA not before:           Sun 01 Jan 2023 21:24:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41970
IP address blocks:        194.60.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:17:89:a6:f8:8b:eb:18:a2:cd:ae:f5:c1:28:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a73d640d90bf3d67f2498138cc371f654647ddad
        Validity
            Not Before: Jan  1 21:24:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf29d169a90e300b939d2a81e663c106523dbcb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ac:4d:87:ba:b4:a9:91:aa:a8:9c:50:6f:b8:
                    d0:c5:32:d9:5f:56:0a:9e:2d:6f:af:b8:cb:fa:66:
                    13:de:83:3a:47:79:bc:55:d6:b8:99:7e:bf:77:1b:
                    bb:70:50:8f:3a:ff:7d:b6:7b:a7:f3:3f:b4:b8:a8:
                    67:c8:dc:75:5e:8f:1b:1f:a3:20:bf:8b:16:70:ad:
                    eb:ab:18:44:c8:10:1d:9e:7c:ad:d1:9b:ff:4b:06:
                    e3:5d:cd:e1:c6:34:58:6c:11:9c:00:22:76:40:a9:
                    d2:b9:2a:f1:99:94:dd:3a:c6:f4:4a:44:de:78:e6:
                    fd:90:c6:c7:2a:2f:46:07:9f:ac:53:27:43:8e:62:
                    78:0f:d4:8c:7b:ca:d6:66:86:d8:9b:d7:93:33:da:
                    04:32:40:f5:4b:fa:4e:0e:b9:e8:4a:05:ec:8c:ee:
                    93:81:40:23:78:3f:68:f9:89:36:4d:b4:58:6f:37:
                    f6:74:41:41:41:02:0b:3c:9f:38:d0:3a:11:57:d3:
                    26:6f:31:41:70:53:6f:ad:7b:eb:70:36:5f:32:49:
                    c2:10:fb:24:67:9a:b2:43:87:40:6d:cf:eb:c0:c0:
                    53:89:c8:86:99:5a:0f:fd:9b:d6:10:2f:97:89:97:
                    28:6b:b0:5c:53:78:89:20:32:d4:ed:73:cf:e6:dc:
                    26:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:29:D1:69:A9:0E:30:0B:93:9D:2A:81:E6:63:C1:06:52:3D:BC:B2
            X509v3 Authority Key Identifier:
                keyid:A7:3D:64:0D:90:BF:3D:67:F2:49:81:38:CC:37:1F:65:46:47:DD:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/zynRaakOMAuTnSqB5mPBBlI9vLI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.60.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:7c:f2:7b:db:2c:04:6f:02:a1:b8:44:38:eb:8f:30:66:2a:
         22:8e:53:47:23:d7:aa:3b:bc:4c:0e:78:b0:00:f8:06:83:05:
         3c:09:19:5c:ad:89:74:a5:a5:e5:1b:4c:d6:f0:44:1e:23:f5:
         41:16:3f:4f:e1:6c:2a:cc:6c:c0:b7:4b:84:82:79:7e:f6:f9:
         08:7a:f8:52:5d:70:3a:d1:81:9c:02:2a:99:c6:32:5b:53:87:
         69:07:45:15:01:3d:af:3d:2a:16:1b:52:2f:6c:39:47:34:9e:
         89:78:68:82:fd:b9:58:a4:f2:dd:5d:f2:0a:07:85:56:19:be:
         ac:fc:87:25:ad:3a:3b:7d:f7:dc:cd:c3:90:5f:21:ca:d9:6f:
         23:19:1f:c9:87:a6:a4:e5:ff:d7:05:3a:30:b1:d2:a6:f3:1a:
         b5:56:a8:18:c2:08:3d:11:a0:1d:fa:5d:61:f7:74:db:1a:9d:
         b0:7d:df:d1:ea:96:75:66:a3:fc:7f:19:f1:71:c9:7a:0e:fc:
         ff:64:0b:c8:e8:83:ef:cd:49:b4:d9:55:59:fc:1f:cc:08:07:
         28:7b:a2:cd:24:af:ae:99:fa:db:06:aa:52:f7:31:62:09:e0:
         6c:82:3e:79:a0:17:cd:2a:e2:14:b9:c4:29:1c:85:e9:2d:30:
         54:65:80:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOReJpviL6xiiza71wSjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3M2Q2NDBkOTBiZjNkNjdmMjQ5ODEzOGNjMzcxZjY1NDY0
N2RkYWQwHhcNMjMwMTAxMjEyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjI5ZDE2OWE5MGUzMDBiOTM5ZDJhODFlNjYzYzEwNjUyM2RiY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqxNh7q0qZGqqJxQb7jQxTLZX1YK
ni1vr7jL+mYT3oM6R3m8Vda4mX6/dxu7cFCPOv99tnun8z+0uKhnyNx1Xo8bH6Mg
v4sWcK3rqxhEyBAdnnyt0Zv/SwbjXc3hxjRYbBGcACJ2QKnSuSrxmZTdOsb0SkTe
eOb9kMbHKi9GB5+sUydDjmJ4D9SMe8rWZobYm9eTM9oEMkD1S/pODrnoSgXsjO6T
gUAjeD9o+Yk2TbRYbzf2dEFBQQILPJ840DoRV9MmbzFBcFNvrXvrcDZfMknCEPsk
Z5qyQ4dAbc/rwMBTiciGmVoP/ZvWEC+XiZcoa7BcU3iJIDLU7XPP5twmJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8p0WmpDjALk50qgeZjwQZSPbyyMB8GA1UdIwQY
MBaAFKc9ZA2Qvz1n8kmBOMw3H2VGR92tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83Mjg5MmEtM2JjMC00ZjU3LWJjNWIt
NzUwMzk3NTBiZDY4LzEvenluUmFha09NQXVUblNxQjVtUEJCbEk5dkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83Mjg5MmEtM2JjMC00ZjU3LWJjNWItNzUwMzk3NTBiZDY4
LzEvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjxKMA0G
CSqGSIb3DQEBCwUAA4IBAQB1fPJ72ywEbwKhuEQ4648wZioijlNHI9eqO7xMDniw
APgGgwU8CRlcrYl0paXlG0zW8EQeI/VBFj9P4WwqzGzAt0uEgnl+9vkIevhSXXA6
0YGcAiqZxjJbU4dpB0UVAT2vPSoWG1IvbDlHNJ6JeGiC/blYpPLdXfIKB4VWGb6s
/IclrTo7fffczcOQXyHK2W8jGR/Jh6ak5f/XBTowsdKm8xq1VqgYwgg9EaAd+l1h
93TbGp2wfd/R6pZ1ZqP8fxnxccl6Dvz/ZAvI6IPvzUm02VVZ/B/MCAcoe6LNJK+u
mfrbBqpS9zFiCeBsgj55oBfNKuIUucQpHIXpLTBUZYD1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:09 2024 by rpki-client on console-fra.rpki-client.org