Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/ZEFwbY72gUJsFNr1lZFx6DViucw.roa
File:                     ZEFwbY72gUJsFNr1lZFx6DViucw.roa (raw, json)
Hash identifier:          0dmz9Vx2sitZlls9Sg3qrSk0O0Jhc8m58fJGOeqH7W0=
Subject key identifier:   64:41:70:6D:8E:F6:81:42:6C:14:DA:F5:95:91:71:E8:35:62:B9:CC
Certificate issuer:       /CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Certificate serial:       01856C53D933890E7B0730AC1896B59C822A
Authority key identifier: 6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/ZEFwbY72gUJsFNr1lZFx6DViucw.roa
Signing time:             Sun 01 Jan 2023 07:55:12 +0000
ROA not before:           Sun 01 Jan 2023 07:55:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15806
IP address blocks:        193.178.96.0/20 maxlen: 24
                          193.178.64.0/19 maxlen: 24
                          2a01:88::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:d9:33:89:0e:7b:07:30:ac:18:96:b5:9c:82:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
        Validity
            Not Before: Jan  1 07:55:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6441706d8ef681426c14daf5959171e83562b9cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fb:f3:2d:d7:f2:b2:3c:ca:fe:f3:c6:9f:fd:
                    64:3f:e6:32:df:ed:54:89:58:f9:97:e2:4a:bc:1d:
                    1b:d8:95:47:29:54:aa:e9:61:c5:f3:11:34:24:4c:
                    d8:0a:b8:18:1d:4e:68:1b:49:2f:4c:5a:c8:b8:83:
                    50:6a:3b:72:68:4e:a6:8f:fb:19:5e:5b:8b:0b:16:
                    14:7c:87:98:9f:33:68:e1:a4:d2:96:ca:f1:fc:d3:
                    96:94:da:30:79:aa:1a:79:d9:0a:d6:20:27:9d:fb:
                    b8:ae:b4:2e:c6:c1:e4:30:70:62:c0:f4:f6:a6:1f:
                    fc:02:dd:21:4e:33:47:0d:b0:f3:43:29:81:b4:68:
                    c0:d6:07:7e:22:2e:87:69:ad:3c:06:c4:fd:f0:f6:
                    83:26:50:f4:92:c6:07:1f:52:74:9e:92:73:4f:d5:
                    93:b8:97:ca:55:93:85:0b:58:87:cf:1e:1b:90:ef:
                    2a:d8:9d:14:42:1f:e1:3e:f7:96:52:d6:f9:80:db:
                    34:c1:1b:5c:cb:59:94:9e:96:d6:ac:fe:6e:7a:7e:
                    e1:cc:2e:06:0f:b8:06:16:cd:58:8b:54:c5:fe:7c:
                    f0:bd:01:ec:2c:df:fc:bf:ce:bf:95:2a:1e:77:7b:
                    3c:b9:f3:f2:69:d0:65:e6:77:9f:45:17:ca:b5:be:
                    54:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:41:70:6D:8E:F6:81:42:6C:14:DA:F5:95:91:71:E8:35:62:B9:CC
            X509v3 Authority Key Identifier:
                keyid:6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/ZEFwbY72gUJsFNr1lZFx6DViucw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.64.0-193.178.111.255
                IPv6:
                  2a01:88::/32

    Signature Algorithm: sha256WithRSAEncryption
         9f:1c:af:15:1f:56:0a:31:bb:84:87:59:12:67:d5:43:b0:eb:
         6e:af:7b:50:c3:2b:07:95:64:e8:5f:f9:88:c1:72:ae:e8:44:
         6e:0c:0b:19:6c:08:f4:2e:a5:0f:67:3a:f8:7a:9a:27:ce:57:
         5b:63:61:42:01:ed:22:ff:06:0f:94:b5:be:96:2e:51:b6:71:
         b6:5a:48:56:41:41:dc:ad:06:f1:fc:81:68:b3:47:df:cf:97:
         a8:97:e3:80:68:48:e8:f4:04:9f:0c:8a:c8:de:f1:99:68:ba:
         3e:70:f2:4d:14:7a:ad:84:de:8a:09:20:83:b9:29:19:a5:14:
         d7:17:a3:31:1d:af:e0:ce:3e:d2:07:5b:74:99:7d:7f:33:68:
         29:1b:3e:2f:55:c9:a8:77:93:88:71:7f:3e:08:42:91:ba:e5:
         7b:52:9a:77:7e:a7:bc:b9:31:44:9f:f2:81:f1:19:9e:4f:ed:
         ed:8f:f5:d6:b8:ce:79:10:39:0d:34:78:c3:88:a0:cf:80:85:
         b1:54:2c:b9:c9:ca:16:18:1a:79:c7:20:bb:ce:f3:5c:51:c6:
         bf:ab:35:62:e5:ad:ab:4e:d9:f4:ad:16:5e:73:54:d7:9b:3d:
         2e:98:70:b9:b8:5a:09:7a:17:93:71:ee:07:5f:9d:29:65:a0:
         02:87:f3:00
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsU9kziQ57BzCsGJa1nIIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzNhMDRhN2QwZWIyZGY0N2RhZjBjMzlmYmE3NWUzNjVj
ODg1M2QwHhcNMjMwMTAxMDc1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDQxNzA2ZDhlZjY4MTQyNmMxNGRhZjU5NTkxNzFlODM1NjJiOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/vzLdfysjzK/vPGn/1kP+Yy3+1U
iVj5l+JKvB0b2JVHKVSq6WHF8xE0JEzYCrgYHU5oG0kvTFrIuINQajtyaE6mj/sZ
XluLCxYUfIeYnzNo4aTSlsrx/NOWlNoweaoaedkK1iAnnfu4rrQuxsHkMHBiwPT2
ph/8At0hTjNHDbDzQymBtGjA1gd+Ii6Haa08BsT98PaDJlD0ksYHH1J0npJzT9WT
uJfKVZOFC1iHzx4bkO8q2J0UQh/hPveWUtb5gNs0wRtcy1mUnpbWrP5uen7hzC4G
D7gGFs1Yi1TF/nzwvQHsLN/8v86/lSoed3s8ufPyadBl5nefRRfKtb5UBQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGRBcG2O9oFCbBTa9ZWRceg1YrnMMB8GA1UdIwQY
MBaAFGxzoEp9DrLfR9rww5+6deNlyIU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMt
Zjk2MzMyOTJjOTc3LzEvWkVGd2JZNzJnVUpzRk5yMWxaRng2RFZpdWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMtZjk2MzMyOTJjOTc3
LzEvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAbBskAD
BATBsmAwDQQCAAIwBwMFACoBAIgwDQYJKoZIhvcNAQELBQADggEBAJ8crxUfVgox
u4SHWRJn1UOw626ve1DDKweVZOhf+YjBcq7oRG4MCxlsCPQupQ9nOvh6mifOV1tj
YUIB7SL/Bg+Utb6WLlG2cbZaSFZBQdytBvH8gWizR9/Pl6iX44BoSOj0BJ8Misje
8Zlouj5w8k0Ueq2E3ooJIIO5KRmlFNcXozEdr+DOPtIHW3SZfX8zaCkbPi9Vyah3
k4hxfz4IQpG65XtSmnd+p7y5MUSf8oHxGZ5P7e2P9da4znkQOQ00eMOIoM+AhbFU
LLnJyhYYGnnHILvO81xRxr+rNWLlratO2fStFl5zVNebPS6YcLm4Wgl6F5Nx7gdf
nSlloAKH8wA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:16 2024 by rpki-client on console-fra.rpki-client.org