Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/6e5ff1-39f9-466b-827f-7bc268a0b517/1/rzdwS5vZTnR3Zs0yfSU2xTzyMiI.roa
File:                     rzdwS5vZTnR3Zs0yfSU2xTzyMiI.roa (raw, json)
Hash identifier:          xAlGzTvCd6QJe8H6IAB8pXEmGxCDCmSaIAOc6/r4JDk=
Subject key identifier:   AF:37:70:4B:9B:D9:4E:74:77:66:CD:32:7D:25:36:C5:3C:F2:32:22
Certificate issuer:       /CN=6b66c53b13566d01c4a893adf130bbb4fa1653aa
Certificate serial:       018CC727149C0A03450B2F33D621C223B338
Authority key identifier: 6B:66:C5:3B:13:56:6D:01:C4:A8:93:AD:F1:30:BB:B4:FA:16:53:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2bFOxNWbQHEqJOt8TC7tPoWU6o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/6e5ff1-39f9-466b-827f-7bc268a0b517/1/rzdwS5vZTnR3Zs0yfSU2xTzyMiI.roa
Signing time:             Mon 01 Jan 2024 22:31:16 +0000
ROA not before:           Mon 01 Jan 2024 22:31:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204817
IP address blocks:        185.219.8.0/22 maxlen: 24
                          2a0b:dd40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 21 May 2024 18:21:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:14:9c:0a:03:45:0b:2f:33:d6:21:c2:23:b3:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b66c53b13566d01c4a893adf130bbb4fa1653aa
        Validity
            Not Before: Jan  1 22:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=af37704b9bd94e747766cd327d2536c53cf23222
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:11:bc:da:33:85:69:7c:d2:f0:87:27:0f:8d:
                    69:49:b3:89:07:f2:5b:1e:c6:9c:eb:e5:9f:bb:9e:
                    9a:0e:7c:9b:95:46:f4:41:a8:d2:a9:a4:cb:cd:f8:
                    22:6e:45:c9:b3:1c:75:df:b3:a0:b3:ec:d0:93:59:
                    46:e2:17:59:06:5d:84:d7:76:5d:e7:ee:81:29:2f:
                    f5:bf:4c:0a:48:b5:a8:9b:5f:9e:c1:e3:a2:90:da:
                    c7:42:28:ff:65:db:98:18:1d:62:21:84:0e:4b:02:
                    1f:c2:4f:93:e6:c1:37:f5:47:6b:e8:77:4e:44:bf:
                    eb:99:49:09:7a:3d:8f:7f:11:bb:7b:1d:40:27:78:
                    45:9a:be:c3:7a:97:0f:fb:3e:57:30:84:9e:ce:cd:
                    5a:35:99:a1:20:03:77:90:3e:5d:71:da:dd:3f:df:
                    7d:1d:6f:86:35:94:e5:e5:88:03:d1:27:e8:b1:f5:
                    2a:74:96:97:98:eb:5b:3d:f9:f2:4d:76:23:b3:93:
                    0b:6a:d4:38:71:b7:d1:d8:f5:10:14:a1:b4:53:ef:
                    4c:ab:22:d3:69:12:d7:f9:95:40:7b:8a:5b:b9:d6:
                    d5:d6:a1:36:b2:d8:51:24:3a:14:ec:4f:41:97:9e:
                    b5:40:fa:9c:34:a3:4e:63:92:bd:e7:52:08:95:4d:
                    64:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:37:70:4B:9B:D9:4E:74:77:66:CD:32:7D:25:36:C5:3C:F2:32:22
            X509v3 Authority Key Identifier:
                keyid:6B:66:C5:3B:13:56:6D:01:C4:A8:93:AD:F1:30:BB:B4:FA:16:53:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2bFOxNWbQHEqJOt8TC7tPoWU6o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/6e5ff1-39f9-466b-827f-7bc268a0b517/1/rzdwS5vZTnR3Zs0yfSU2xTzyMiI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/6e5ff1-39f9-466b-827f-7bc268a0b517/1/a2bFOxNWbQHEqJOt8TC7tPoWU6o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.219.8.0/22
                IPv6:
                  2a0b:dd40::/29

    Signature Algorithm: sha256WithRSAEncryption
         b2:1e:5d:bb:89:0c:c3:e7:7f:ec:37:cf:c6:d5:e1:f8:1c:b5:
         3e:b3:32:30:fa:c9:47:b1:39:d9:4e:e8:e0:b4:92:b9:0d:eb:
         4e:43:6f:94:14:6c:47:5b:30:5d:8b:db:20:85:4d:27:53:ac:
         b3:18:74:da:75:6f:36:c4:c2:3e:56:c2:77:9a:5c:49:14:87:
         94:da:8c:28:e4:c6:58:5e:8c:92:3a:ea:48:06:da:0c:07:ea:
         6b:9f:5c:d0:23:fe:ef:35:93:f5:a1:02:ba:0c:f8:55:25:16:
         16:9b:57:73:6a:b4:87:6e:fe:f7:f7:59:b9:c1:3a:29:35:d6:
         0d:1f:b0:2c:94:1d:1d:06:d4:ea:7a:30:4d:42:83:f2:50:25:
         f1:db:40:53:1c:03:00:7f:b6:9a:3a:7a:a3:18:e2:2e:a9:67:
         74:77:d4:ad:d5:ab:da:43:af:10:6b:de:e7:47:44:ba:36:69:
         28:2f:01:c2:8c:c0:95:e0:c7:2a:36:63:07:7c:5d:f7:02:92:
         af:7d:a7:80:1f:16:83:31:2f:ee:6a:7d:60:a5:84:d5:b3:63:
         45:fd:43:29:fb:13:ae:f6:af:65:d4:6b:cf:70:08:1b:c8:58:
         35:55:4e:53:d4:00:8a:cc:e1:5b:81:42:85:6e:65:52:38:32:
         52:89:49:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJxScCgNFCy8z1iHCI7M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNjZjNTNiMTM1NjZkMDFjNGE4OTNhZGYxMzBiYmI0ZmEx
NjUzYWEwHhcNMjQwMTAxMjIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM3NzA0YjliZDk0ZTc0Nzc2NmNkMzI3ZDI1MzZjNTNjZjIzMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhG82jOFaXzS8IcnD41pSbOJB/Jb
Hsac6+Wfu56aDnyblUb0QajSqaTLzfgibkXJsxx137Ogs+zQk1lG4hdZBl2E13Zd
5+6BKS/1v0wKSLWom1+eweOikNrHQij/ZduYGB1iIYQOSwIfwk+T5sE39Udr6HdO
RL/rmUkJej2PfxG7ex1AJ3hFmr7DepcP+z5XMISezs1aNZmhIAN3kD5dcdrdP999
HW+GNZTl5YgD0SfosfUqdJaXmOtbPfnyTXYjs5MLatQ4cbfR2PUQFKG0U+9MqyLT
aRLX+ZVAe4pbudbV1qE2sthRJDoU7E9Bl561QPqcNKNOY5K951IIlU1kSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK83cEub2U50d2bNMn0lNsU88jIiMB8GA1UdIwQY
MBaAFGtmxTsTVm0BxKiTrfEwu7T6FlOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJiRk94TldiUUhFcUpPdDhUQzd0UG9XVTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC82ZTVmZjEtMzlmOS00NjZiLTgyN2Yt
N2JjMjY4YTBiNTE3LzEvcnpkd1M1dlpUblIzWnMweWZTVTJ4VHp5TWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC82ZTVmZjEtMzlmOS00NjZiLTgyN2YtN2JjMjY4YTBiNTE3
LzEvYTJiRk94TldiUUhFcUpPdDhUQzd0UG9XVTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudsIMA0E
AgACMAcDBQMqC91AMA0GCSqGSIb3DQEBCwUAA4IBAQCyHl27iQzD53/sN8/G1eH4
HLU+szIw+slHsTnZTujgtJK5DetOQ2+UFGxHWzBdi9sghU0nU6yzGHTadW82xMI+
VsJ3mlxJFIeU2owo5MZYXoySOupIBtoMB+prn1zQI/7vNZP1oQK6DPhVJRYWm1dz
arSHbv7391m5wTopNdYNH7AslB0dBtTqejBNQoPyUCXx20BTHAMAf7aaOnqjGOIu
qWd0d9St1avaQ68Qa97nR0S6NmkoLwHCjMCV4McqNmMHfF33ApKvfaeAHxaDMS/u
an1gpYTVs2NF/UMp+xOu9q9l1GvPcAgbyFg1VU5T1ACKzOFbgUKFbmVSODJSiUkx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:52 2024 by rpki-client on console-fra.rpki-client.org