Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/ZIcL4uDV8GVROXl-_NenD0NOBns.roa
File:                     ZIcL4uDV8GVROXl-_NenD0NOBns.roa (raw, json)
Hash identifier:          D7VnFfxJ1fuDWwBkG0uVjCBIdZ2e2Dzbh5nvRH08wUQ=
Subject key identifier:   64:87:0B:E2:E0:D5:F0:65:51:39:79:7E:FC:D7:A7:0F:43:4E:06:7B
Certificate issuer:       /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial:       01870EBE90120504CB42AF06CFAA22CCC708
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/ZIcL4uDV8GVROXl-_NenD0NOBns.roa
Signing time:             Thu 23 Mar 2023 13:53:02 +0000
ROA not before:           Thu 23 Mar 2023 13:53:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207044
IP address blocks:        185.106.88.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:0e:be:90:12:05:04:cb:42:af:06:cf:aa:22:cc:c7:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
        Validity
            Not Before: Mar 23 13:53:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64870be2e0d5f0655139797efcd7a70f434e067b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:dd:52:15:93:c3:eb:ab:c9:5a:95:09:55:25:
                    e1:2f:3c:d8:3a:27:5d:fc:0e:59:fb:a8:19:c3:a6:
                    db:05:a0:c1:74:06:46:e5:bd:c7:9b:d0:03:af:88:
                    2b:ba:73:6c:8a:71:01:7e:11:df:b4:cf:84:14:62:
                    80:90:42:83:3b:e5:3b:66:46:0c:2a:74:63:61:fd:
                    87:ac:af:54:f0:58:44:2c:89:7f:fb:ca:09:cc:a3:
                    21:49:f9:d9:aa:80:79:ae:02:ff:18:74:4f:93:13:
                    2a:fc:6b:d0:fe:2d:77:54:38:62:a6:58:2a:ba:46:
                    ac:c2:80:c6:76:1c:57:0e:c1:95:f2:89:36:1a:e4:
                    7d:0d:fa:d3:a9:ac:50:51:bc:ae:b4:55:cb:8c:57:
                    b0:2f:2a:0a:46:47:6a:7e:4f:70:28:46:b5:a5:90:
                    99:68:35:07:b1:93:fe:0c:9b:90:32:36:0c:fb:57:
                    c5:dc:a6:64:df:58:50:22:ea:4e:aa:b3:9b:21:aa:
                    60:29:59:69:7a:3b:e9:a6:a5:e7:24:de:70:e8:d6:
                    28:79:dd:20:40:73:f0:55:ad:63:b3:c8:d6:7d:06:
                    56:ef:b4:52:ea:69:20:1e:69:2a:4c:71:1c:4c:67:
                    d1:55:87:d0:48:56:9f:b6:ac:0f:02:c2:57:ee:d6:
                    02:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:87:0B:E2:E0:D5:F0:65:51:39:79:7E:FC:D7:A7:0F:43:4E:06:7B
            X509v3 Authority Key Identifier:
                keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/ZIcL4uDV8GVROXl-_NenD0NOBns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.106.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:12:50:97:aa:00:1a:1a:fe:d7:1e:44:24:4b:52:c4:64:0b:
         31:67:6e:5f:ee:fc:3f:5f:b8:ab:28:a5:46:5e:7a:5f:03:8f:
         77:f6:9b:70:f9:27:68:71:f5:38:42:6c:09:3d:42:43:97:23:
         d9:ef:46:91:4e:fc:6f:8b:01:9d:86:cf:b9:c2:31:7f:9d:e4:
         27:3d:55:6b:9e:02:2f:28:3e:74:c5:eb:2a:d4:c8:2e:01:58:
         19:1a:61:7c:f4:ed:89:2e:c5:cf:24:02:63:b1:19:b4:55:76:
         b7:71:75:93:15:ae:3e:44:bf:3c:85:3b:22:63:9e:32:ca:65:
         63:24:f0:e4:ba:a4:3d:b7:40:b5:30:b8:3a:55:34:e4:50:c9:
         78:f7:86:cb:cc:c1:87:3b:be:17:90:80:f2:d3:ac:da:3a:40:
         03:10:00:66:f1:7f:6c:75:51:9f:78:7d:4b:79:b5:3a:62:1b:
         dd:9e:0a:1d:4e:ec:83:87:ea:b3:f2:68:b6:21:ae:6c:97:d8:
         b0:73:47:e2:bc:45:40:80:60:b1:12:80:bb:39:58:ff:6c:b2:
         fe:81:e8:8f:01:3c:79:ea:ff:5c:1d:61:8f:8f:28:77:51:a7:
         51:1a:b8:a5:89:81:e4:9c:eb:c2:a2:84:ad:79:e3:e8:54:f4:
         d0:87:be:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcOvpASBQTLQq8Gz6oizMcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjMwMzIzMTM1MzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg3MGJlMmUwZDVmMDY1NTEzOTc5N2VmY2Q3YTcwZjQzNGUwNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvt1SFZPD66vJWpUJVSXhLzzYOidd
/A5Z+6gZw6bbBaDBdAZG5b3Hm9ADr4grunNsinEBfhHftM+EFGKAkEKDO+U7ZkYM
KnRjYf2HrK9U8FhELIl/+8oJzKMhSfnZqoB5rgL/GHRPkxMq/GvQ/i13VDhiplgq
ukaswoDGdhxXDsGV8ok2GuR9DfrTqaxQUbyutFXLjFewLyoKRkdqfk9wKEa1pZCZ
aDUHsZP+DJuQMjYM+1fF3KZk31hQIupOqrObIapgKVlpejvppqXnJN5w6NYoed0g
QHPwVa1js8jWfQZW77RS6mkgHmkqTHEcTGfRVYfQSFaftqwPAsJX7tYChwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSHC+Lg1fBlUTl5fvzXpw9DTgZ7MB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvWkljTDR1RFY4R1ZST1hsLV9OZW5EME5PQm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWpYMA0G
CSqGSIb3DQEBCwUAA4IBAQBgElCXqgAaGv7XHkQkS1LEZAsxZ25f7vw/X7irKKVG
XnpfA4939ptw+SdocfU4QmwJPUJDlyPZ70aRTvxviwGdhs+5wjF/neQnPVVrngIv
KD50xesq1MguAVgZGmF89O2JLsXPJAJjsRm0VXa3cXWTFa4+RL88hTsiY54yymVj
JPDkuqQ9t0C1MLg6VTTkUMl494bLzMGHO74XkIDy06zaOkADEABm8X9sdVGfeH1L
ebU6YhvdngodTuyDh+qz8mi2Ia5sl9iwc0fivEVAgGCxEoC7OVj/bLL+geiPATx5
6v9cHWGPjyh3UadRGriliYHknOvCooSteePoVPTQh76+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:52 2024 by rpki-client on console-ams.rpki-client.org