Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/z0TZqqvxyx_gonJCjQSPFS6YYt8.roa
File:                     z0TZqqvxyx_gonJCjQSPFS6YYt8.roa (raw, json)
Hash identifier:          zH3ul1IecFkUgapCJuh/c6ymDHMn0tIktf9cgGbBe3w=
Subject key identifier:   CF:44:D9:AA:AB:F1:CB:1F:E0:A2:72:42:8D:04:8F:15:2E:98:62:DF
Certificate issuer:       /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial:       01856EA6D013D00126A152A8030CE30B21E5
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/z0TZqqvxyx_gonJCjQSPFS6YYt8.roa
Signing time:             Sun 01 Jan 2023 18:45:04 +0000
ROA not before:           Sun 01 Jan 2023 18:45:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400040
IP address blocks:        194.246.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:d0:13:d0:01:26:a1:52:a8:03:0c:e3:0b:21:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
        Validity
            Not Before: Jan  1 18:45:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf44d9aaabf1cb1fe0a272428d048f152e9862df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2e:80:bd:03:13:b5:c1:35:83:86:cc:06:65:
                    6e:85:d9:4f:ea:b2:0b:52:25:73:5a:a9:6d:a1:72:
                    2c:14:14:1c:90:e4:4e:ec:f4:67:52:90:5f:40:d3:
                    15:99:03:12:f3:79:67:53:f1:ce:9f:33:13:af:46:
                    20:89:75:3f:fc:72:a4:ac:8e:4b:9c:39:c5:01:e0:
                    9d:19:90:f4:ea:b7:67:6f:87:86:ad:d9:62:0e:4d:
                    d9:a7:81:3c:3f:66:81:23:1c:89:dc:83:2a:88:1f:
                    73:bc:57:30:db:09:a3:08:e3:5f:2e:56:c7:24:a0:
                    28:3f:61:c0:09:3e:05:35:8d:dd:2a:15:79:de:64:
                    8d:c9:29:4c:20:14:fc:fa:fb:7b:11:7d:96:51:4a:
                    98:89:23:34:a8:9f:61:a7:25:fa:eb:08:10:72:e2:
                    3f:c3:b8:a1:88:75:11:3c:36:3e:bc:2e:d9:75:16:
                    d2:99:cc:a7:46:30:21:dc:7f:65:52:55:eb:69:a1:
                    21:96:ae:8d:23:23:c0:86:30:97:53:31:f6:ae:a7:
                    df:5b:b6:cf:39:70:b2:70:7e:d3:1e:57:c4:c0:76:
                    79:fe:17:1e:db:51:e7:c5:28:3e:10:b0:54:c6:47:
                    51:54:47:a3:54:d5:59:4e:90:f1:b2:98:f3:fd:7f:
                    d8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:44:D9:AA:AB:F1:CB:1F:E0:A2:72:42:8D:04:8F:15:2E:98:62:DF
            X509v3 Authority Key Identifier:
                keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/z0TZqqvxyx_gonJCjQSPFS6YYt8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.246.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:82:11:69:31:06:54:cd:57:a6:25:26:cb:7e:ce:7d:cf:3d:
         07:63:65:38:b2:43:46:7c:a7:0e:d6:a3:02:ad:03:d6:3e:77:
         2f:71:22:9f:1b:f6:7c:37:26:56:a3:88:07:e6:16:1e:ef:a1:
         bb:8c:a7:f8:e3:5c:3d:7c:53:f6:94:bf:61:a9:3d:af:cf:fd:
         e2:c8:d3:56:91:d2:55:76:d3:a4:34:5e:56:56:83:7f:b3:11:
         14:9c:e0:b0:56:21:79:e2:90:a1:92:da:f0:b5:66:75:03:2f:
         b4:c4:28:25:2c:66:41:1c:9b:b5:c5:f9:cd:59:48:44:62:1e:
         89:ae:75:6c:00:c3:5a:d9:07:5c:11:d4:d3:24:5d:8a:77:b1:
         f0:04:76:a8:05:ed:30:63:31:a0:15:34:03:8f:ad:65:40:15:
         49:7b:a5:64:0e:ee:fc:96:49:0a:e2:1b:4d:9b:36:cb:92:56:
         96:c0:19:ec:bf:e5:33:fd:c5:f9:ce:9d:79:3d:de:c2:94:39:
         f6:29:f0:db:16:3a:cc:55:fa:79:88:fd:58:7a:90:b2:69:1b:
         6d:b4:d8:eb:75:12:c1:2b:3c:2a:72:57:27:99:8c:17:98:d9:
         45:d2:bc:ba:b9:1a:4a:bc:d6:a3:89:3c:e7:7f:79:b9:05:25:
         54:da:54:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuptAT0AEmoVKoAwzjCyHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjMwMTAxMTg0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQ0ZDlhYWFiZjFjYjFmZTBhMjcyNDI4ZDA0OGYxNTJlOTg2MmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2S6AvQMTtcE1g4bMBmVuhdlP6rIL
UiVzWqltoXIsFBQckORO7PRnUpBfQNMVmQMS83lnU/HOnzMTr0YgiXU//HKkrI5L
nDnFAeCdGZD06rdnb4eGrdliDk3Zp4E8P2aBIxyJ3IMqiB9zvFcw2wmjCONfLlbH
JKAoP2HACT4FNY3dKhV53mSNySlMIBT8+vt7EX2WUUqYiSM0qJ9hpyX66wgQcuI/
w7ihiHURPDY+vC7ZdRbSmcynRjAh3H9lUlXraaEhlq6NIyPAhjCXUzH2rqffW7bP
OXCycH7THlfEwHZ5/hce21HnxSg+ELBUxkdRVEejVNVZTpDxspjz/X/YPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9E2aqr8csf4KJyQo0EjxUumGLfMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvejBUWnFxdnh5eF9nb25KQ2pRU1BGUzZZWXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvYkMA0G
CSqGSIb3DQEBCwUAA4IBAQAOghFpMQZUzVemJSbLfs59zz0HY2U4skNGfKcO1qMC
rQPWPncvcSKfG/Z8NyZWo4gH5hYe76G7jKf441w9fFP2lL9hqT2vz/3iyNNWkdJV
dtOkNF5WVoN/sxEUnOCwViF54pChktrwtWZ1Ay+0xCglLGZBHJu1xfnNWUhEYh6J
rnVsAMNa2QdcEdTTJF2Kd7HwBHaoBe0wYzGgFTQDj61lQBVJe6VkDu78lkkK4htN
mzbLklaWwBnsv+Uz/cX5zp15Pd7ClDn2KfDbFjrMVfp5iP1YepCyaRtttNjrdRLB
KzwqclcnmYwXmNlF0ry6uRpKvNajiTznf3m5BSVU2lQP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org