Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/PzQRvHjDQotJdutabIBQw2-iXXI.roa
File:                     PzQRvHjDQotJdutabIBQw2-iXXI.roa (raw, json)
Hash identifier:          yXAq5Nr04jcvHLp3gvBTZf8b9WNjVlD3yzLjppWpMvI=
Subject key identifier:   3F:34:11:BC:78:C3:42:8B:49:76:EB:5A:6C:80:50:C3:6F:A2:5D:72
Certificate issuer:       /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial:       0185DEFEC7C19D72A28E8C74DECC8132076A
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/PzQRvHjDQotJdutabIBQw2-iXXI.roa
Signing time:             Mon 23 Jan 2023 14:18:37 +0000
ROA not before:           Mon 23 Jan 2023 14:18:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56908
IP address blocks:        194.58.198.0/24 maxlen: 24
                          194.58.198.0/23 maxlen: 23
                          194.58.199.0/24 maxlen: 24
                          2a01:3f1:3000::/38 maxlen: 38
                          2a01:3f1:1980::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:de:fe:c7:c1:9d:72:a2:8e:8c:74:de:cc:81:32:07:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
        Validity
            Not Before: Jan 23 14:18:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f3411bc78c3428b4976eb5a6c8050c36fa25d72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:db:17:14:10:bc:2e:e2:0d:06:1c:9e:1b:0b:
                    0e:dd:e5:38:94:fb:ff:32:90:a2:3f:ee:22:69:6c:
                    d2:7f:a5:c5:ba:5d:ee:ec:05:6b:e8:0b:46:7f:50:
                    8a:f2:b6:c2:5d:56:24:8e:de:00:ad:b6:49:f2:e8:
                    bc:89:35:1d:a6:3f:d8:68:5d:1d:78:74:ca:9a:7d:
                    67:80:12:26:0e:e0:f8:35:e1:49:bc:b2:3b:a8:af:
                    c0:a5:6a:29:01:9d:f1:9f:ce:55:f0:9e:9a:3c:11:
                    87:4a:72:0d:48:f0:4a:b1:95:45:7d:dd:9f:6d:ff:
                    9f:2b:f3:ba:6d:17:dc:cf:85:d1:99:f5:49:be:6c:
                    bb:d1:60:d6:ca:2c:f5:e2:42:13:86:45:fa:07:ff:
                    28:bd:02:1e:43:ad:0d:59:5f:1e:30:2d:ab:07:d4:
                    b2:7c:15:ba:07:6f:62:6b:8b:6c:43:b0:26:1a:97:
                    42:86:3d:5b:25:4f:ee:3e:1e:df:4b:69:26:3c:86:
                    49:d9:3f:bd:41:2c:88:36:2d:40:99:c9:4c:f0:ea:
                    fc:ed:54:18:01:0f:5e:fd:52:59:62:8e:d2:56:c9:
                    90:c7:ce:b7:90:5f:5f:d7:a8:02:53:51:5d:b5:10:
                    70:43:2a:1a:83:70:0a:89:95:e1:0e:3b:26:66:c8:
                    d9:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:34:11:BC:78:C3:42:8B:49:76:EB:5A:6C:80:50:C3:6F:A2:5D:72
            X509v3 Authority Key Identifier:
                keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/PzQRvHjDQotJdutabIBQw2-iXXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.198.0/23
                IPv6:
                  2a01:3f1:1980::/44
                  2a01:3f1:3000::/38

    Signature Algorithm: sha256WithRSAEncryption
         ca:d3:c3:36:6d:ca:a2:af:4e:97:7f:6d:9e:8f:4a:9f:c5:28:
         39:80:2d:bd:60:3b:f7:3e:9a:4f:40:6d:7a:af:1a:a4:f8:09:
         e5:54:a9:9e:9b:e9:dd:9c:01:76:fa:c7:05:79:86:ff:a3:e3:
         0c:2c:5b:1e:21:54:11:83:f9:d0:0a:2a:3a:f0:78:dc:f8:39:
         7f:92:de:98:ea:79:ba:cf:da:7a:89:99:a8:3c:4c:ef:f3:e4:
         fe:5f:26:07:70:3b:3e:11:d2:f3:e0:16:6d:4e:26:74:20:40:
         da:8f:77:ef:9a:4a:ad:9c:b2:bd:b5:c8:9b:0e:67:59:aa:95:
         32:24:24:32:39:db:58:96:0b:9f:ab:93:19:c8:f2:71:07:70:
         02:3a:cf:5f:46:73:c2:70:49:9b:b1:7f:41:a7:19:aa:89:b2:
         95:5b:76:e3:01:50:d0:e0:14:14:ad:0c:a4:63:c4:75:b9:37:
         03:6f:5e:ce:7d:cd:de:fa:57:c8:93:a4:7a:c2:7f:6f:69:2a:
         d7:77:0c:0b:17:a6:d2:c3:d6:20:23:71:22:38:d6:1b:c4:74:
         63:07:25:82:e3:4b:0e:4e:dd:2e:05:9c:d0:38:8f:45:56:b7:
         1e:4f:92:dc:06:6f:66:4f:9e:12:65:b1:5f:1c:f4:15:e9:e5:
         b7:67:85:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYXe/sfBnXKijox03syBMgdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjMwMTIzMTQxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjM0MTFiYzc4YzM0MjhiNDk3NmViNWE2YzgwNTBjMzZmYTI1ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNsXFBC8LuINBhyeGwsO3eU4lPv/
MpCiP+4iaWzSf6XFul3u7AVr6AtGf1CK8rbCXVYkjt4ArbZJ8ui8iTUdpj/YaF0d
eHTKmn1ngBImDuD4NeFJvLI7qK/ApWopAZ3xn85V8J6aPBGHSnINSPBKsZVFfd2f
bf+fK/O6bRfcz4XRmfVJvmy70WDWyiz14kIThkX6B/8ovQIeQ60NWV8eMC2rB9Sy
fBW6B29ia4tsQ7AmGpdChj1bJU/uPh7fS2kmPIZJ2T+9QSyINi1AmclM8Or87VQY
AQ9e/VJZYo7SVsmQx863kF9f16gCU1FdtRBwQyoag3AKiZXhDjsmZsjZSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD80Ebx4w0KLSXbrWmyAUMNvol1yMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvUHpRUnZIakRRb3RKZHV0YWJJQlF3Mi1pWFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQBwjrGMBcE
AgACMBEDBwQqAQPxGYADBgIqAQPxMDANBgkqhkiG9w0BAQsFAAOCAQEAytPDNm3K
oq9Ol39tno9Kn8UoOYAtvWA79z6aT0Bteq8apPgJ5VSpnpvp3ZwBdvrHBXmG/6Pj
DCxbHiFUEYP50AoqOvB43Pg5f5LemOp5us/aeomZqDxM7/Pk/l8mB3A7PhHS8+AW
bU4mdCBA2o9375pKrZyyvbXImw5nWaqVMiQkMjnbWJYLn6uTGcjycQdwAjrPX0Zz
wnBJm7F/QacZqomylVt24wFQ0OAUFK0MpGPEdbk3A29ezn3N3vpXyJOkesJ/b2kq
13cMCxem0sPWICNxIjjWG8R0YwclguNLDk7dLgWc0DiPRVa3Hk+S3AZvZk+eEmWx
Xxz0Fenlt2eFtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:34 2024 by rpki-client on console-fra.rpki-client.org