Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/szzZby6sBmkG1TSD6pJVk1KhG3A.roa
File:                     szzZby6sBmkG1TSD6pJVk1KhG3A.roa (raw, json)
Hash identifier:          xKG7CEYo9WKR7MQuQrLr3MLup68Lkh1AHjsZW/PZVow=
Subject key identifier:   B3:3C:D9:6F:2E:AC:06:69:06:D5:34:83:EA:92:55:93:52:A1:1B:70
Certificate issuer:       /CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Certificate serial:       01857042815C95FFE14D111514E375740815
Authority key identifier: D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/szzZby6sBmkG1TSD6pJVk1KhG3A.roa
Signing time:             Mon 02 Jan 2023 02:14:44 +0000
ROA not before:           Mon 02 Jan 2023 02:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13074
IP address blocks:        192.118.70.0/24 maxlen: 24
                          192.118.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:81:5c:95:ff:e1:4d:11:15:14:e3:75:74:08:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
        Validity
            Not Before: Jan  2 02:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b33cd96f2eac066906d53483ea92559352a11b70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:1a:29:3f:5c:17:4b:95:dd:1a:fd:15:86:b3:
                    fb:d6:73:f7:f6:c3:e5:e7:97:c9:fa:01:bd:2e:28:
                    40:0c:2b:2c:d7:3d:e8:de:de:0e:04:11:d3:04:9e:
                    fc:87:c2:fb:78:cb:65:e2:14:47:2f:ac:b7:24:b1:
                    b0:27:30:e2:0e:0b:b7:4b:88:4a:e0:04:bf:1c:52:
                    10:0b:61:29:21:98:04:3d:bf:7a:c8:ec:67:fa:be:
                    6a:38:9f:48:e2:ec:ed:42:ad:c4:fd:05:63:3d:19:
                    84:69:2f:d1:81:a0:34:a5:17:44:6e:aa:3c:cf:5f:
                    79:93:09:b9:dd:d0:da:97:e6:ab:99:6f:ce:2d:28:
                    1b:29:39:68:b5:4a:e7:95:11:5d:b7:68:31:63:f3:
                    ef:9e:75:93:1a:61:26:b2:c0:1b:0f:88:39:20:9b:
                    7d:12:18:cd:f5:28:6f:71:ed:aa:60:87:77:aa:da:
                    45:76:b2:37:da:05:84:a9:71:cd:3b:09:26:df:5b:
                    e2:80:fb:43:7d:c4:9b:0c:10:85:53:a0:46:ed:0d:
                    21:c2:d1:46:0a:c1:15:f5:61:1d:99:b2:c9:c5:cf:
                    03:a8:ea:71:80:d8:e4:4d:36:96:b7:f9:40:50:7a:
                    14:a6:65:f3:07:ca:eb:8d:42:ff:d8:2b:cb:44:74:
                    9c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:3C:D9:6F:2E:AC:06:69:06:D5:34:83:EA:92:55:93:52:A1:1B:70
            X509v3 Authority Key Identifier:
                keyid:D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/szzZby6sBmkG1TSD6pJVk1KhG3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/0sHV_U4greXxG2avsQpUyP_ksEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.118.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c0:5f:5e:2c:77:48:41:27:f3:18:85:de:5c:f4:94:3d:bc:2b:
         9a:eb:14:f4:2b:99:b4:6d:30:8f:72:de:10:a4:76:29:7a:9f:
         16:b6:21:48:a6:62:e9:18:8e:ab:69:18:7b:58:34:d5:2f:e8:
         33:ac:e4:c1:10:38:3a:2c:f9:63:51:9a:da:01:b4:8c:c8:73:
         a8:69:15:18:52:ec:7c:35:a5:93:e4:61:a3:2b:9f:a8:d1:5a:
         dd:c7:3a:7e:d9:c3:6b:5c:22:6f:50:97:01:7b:23:6c:37:12:
         1a:ad:4e:fb:4c:8e:2e:37:d1:7b:2d:d7:4f:2c:04:4c:ab:f1:
         50:a2:42:dc:69:61:52:ef:eb:80:81:bb:c1:c7:3f:ad:c1:f3:
         dc:74:3e:ee:21:ea:19:0c:b9:06:fc:fe:6c:c2:c9:24:e6:de:
         c7:85:9d:4e:b7:b9:cd:5e:6d:88:42:14:4c:20:df:c6:4a:fd:
         8d:ff:3a:82:22:f3:20:f8:4e:df:d7:ba:5b:49:e3:b8:80:52:
         04:31:84:96:80:e0:3e:7e:82:40:66:80:cf:4a:59:0a:cf:dd:
         6f:b2:5e:18:b3:8f:7c:41:e1:b5:b1:2d:71:f8:db:54:18:3d:
         06:b8:1d:0a:7c:95:08:f5:ad:86:ca:f8:a2:a5:de:51:33:d7:
         e4:85:b8:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQoFclf/hTREVFON1dAgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzFkNWZkNGUyMGFkZTVmMTFiNjZhZmIxMGE1NGM4ZmZl
NGIwNDAwHhcNMjMwMTAyMDIxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNjZDk2ZjJlYWMwNjY5MDZkNTM0ODNlYTkyNTU5MzUyYTExYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhopP1wXS5XdGv0VhrP71nP39sPl
55fJ+gG9LihADCss1z3o3t4OBBHTBJ78h8L7eMtl4hRHL6y3JLGwJzDiDgu3S4hK
4AS/HFIQC2EpIZgEPb96yOxn+r5qOJ9I4uztQq3E/QVjPRmEaS/RgaA0pRdEbqo8
z195kwm53dDal+armW/OLSgbKTlotUrnlRFdt2gxY/PvnnWTGmEmssAbD4g5IJt9
EhjN9Shvce2qYId3qtpFdrI32gWEqXHNOwkm31vigPtDfcSbDBCFU6BG7Q0hwtFG
CsEV9WEdmbLJxc8DqOpxgNjkTTaWt/lAUHoUpmXzB8rrjUL/2CvLRHScGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLM82W8urAZpBtU0g+qSVZNSoRtwMB8GA1UdIwQY
MBaAFNLB1f1OIK3l8Rtmr7EKVMj/5LBAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNIVl9VNGdyZVh4RzJhdnNRcFV5UF9rc0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC84NjEzYWQtNGY1Zi00NWZkLTg3OTkt
YTA5YTg3NWY1OTAzLzEvc3p6WmJ5NnNCbWtHMVRTRDZwSlZrMUtoRzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC84NjEzYWQtNGY1Zi00NWZkLTg3OTktYTA5YTg3NWY1OTAz
LzEvMHNIVl9VNGdyZVh4RzJhdnNRcFV5UF9rc0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwHZGMA0G
CSqGSIb3DQEBCwUAA4IBAQDAX14sd0hBJ/MYhd5c9JQ9vCua6xT0K5m0bTCPct4Q
pHYpep8WtiFIpmLpGI6raRh7WDTVL+gzrOTBEDg6LPljUZraAbSMyHOoaRUYUux8
NaWT5GGjK5+o0Vrdxzp+2cNrXCJvUJcBeyNsNxIarU77TI4uN9F7LddPLARMq/FQ
okLcaWFS7+uAgbvBxz+twfPcdD7uIeoZDLkG/P5swskk5t7HhZ1Ot7nNXm2IQhRM
IN/GSv2N/zqCIvMg+E7f17pbSeO4gFIEMYSWgOA+foJAZoDPSlkKz91vsl4Ys498
QeG1sS1x+NtUGD0GuB0KfJUI9a2Gyviipd5RM9fkhbin
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:49 2024 by rpki-client on console-fra.rpki-client.org