Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/ZbsSYRS6vuWqsAtnk_mCaH4WbYY.roa
File:                     ZbsSYRS6vuWqsAtnk_mCaH4WbYY.roa (raw, json)
Hash identifier:          dVluysOuem+R4SwWakLiHaFwjG+l/x/vdYEeCySqX2Q=
Subject key identifier:   65:BB:12:61:14:BA:BE:E5:AA:B0:0B:67:93:F9:82:68:7E:16:6D:86
Certificate issuer:       /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial:       0188480AC1B390A2DE8E5F62B2722CB93CAF
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/ZbsSYRS6vuWqsAtnk_mCaH4WbYY.roa
Signing time:             Tue 23 May 2023 09:57:24 +0000
ROA not before:           Tue 23 May 2023 09:57:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29422
IP address blocks:        194.29.192.0/21 maxlen: 21
                          81.17.192.0/21 maxlen: 21
                          109.75.224.0/21 maxlen: 21
                          194.79.16.0/22 maxlen: 22
                          185.123.116.0/22 maxlen: 22
                          80.69.160.0/21 maxlen: 21
                          80.69.168.0/22 maxlen: 22
                          2a01:51c0::/29 maxlen: 29
                          2001:1bc8::/32 maxlen: 32
                          2a01:51c1::/32 maxlen: 32
                          2001:1bc8::/29 maxlen: 29
                          2a01:51c0::/32 maxlen: 32
                          2001:67c:70::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 25 May 2023 11:34:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:48:0a:c1:b3:90:a2:de:8e:5f:62:b2:72:2c:b9:3c:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
        Validity
            Not Before: May 23 09:57:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=65bb126114babee5aab00b6793f982687e166d86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:27:e0:ac:c0:36:d7:a6:a5:cb:a5:18:bb:5d:
                    88:f2:44:b7:e8:cf:be:d9:18:6d:b9:7f:1e:2b:ce:
                    2f:d2:3f:55:69:03:3b:36:c2:b3:98:6c:ad:22:55:
                    83:e6:eb:a0:b0:9d:96:05:76:21:41:81:00:06:95:
                    c7:af:46:8a:f3:57:4f:c6:bf:76:50:65:d4:5b:9d:
                    81:5f:e8:9c:1f:c3:c6:b3:40:50:7e:65:30:04:b8:
                    93:d9:8c:7a:ad:25:7b:9f:70:c6:c2:00:a8:87:b8:
                    21:2b:0a:db:6c:94:72:67:a9:80:40:5a:61:26:48:
                    90:c5:e2:c9:8e:e1:96:19:5c:26:43:b9:eb:06:ad:
                    c4:b6:18:cd:09:57:60:af:11:35:ff:91:5c:63:0e:
                    6b:8e:70:40:a9:ff:dc:8d:08:cf:54:d9:5a:67:e3:
                    bf:a6:02:af:56:d1:58:c4:45:a2:42:86:22:db:48:
                    f6:dd:7b:7d:90:e6:18:3f:ff:2d:42:7d:d4:36:c3:
                    1c:4d:d6:f1:2d:89:94:e0:9e:4c:a9:9f:80:82:6f:
                    6a:73:ec:2c:88:52:f1:46:81:39:37:dc:a6:7d:d7:
                    21:58:6f:ba:30:f4:a3:65:9d:4b:2e:bc:aa:84:a1:
                    e8:ee:51:6d:0a:98:c6:2e:e2:20:76:32:5a:77:f5:
                    8c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:BB:12:61:14:BA:BE:E5:AA:B0:0B:67:93:F9:82:68:7E:16:6D:86
            X509v3 Authority Key Identifier:
                keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/ZbsSYRS6vuWqsAtnk_mCaH4WbYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.69.160.0-80.69.171.255
                  81.17.192.0/21
                  109.75.224.0/21
                  185.123.116.0/22
                  194.29.192.0/21
                  194.79.16.0/22
                IPv6:
                  2001:67c:70::/48
                  2001:1bc8::/29
                  2a01:51c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         a3:f1:a3:27:43:02:e7:0b:4f:76:7c:1f:41:bf:6d:53:4b:c4:
         d4:e3:68:fe:24:15:53:56:65:d2:f6:d2:a4:16:54:04:9b:de:
         ef:4c:ff:42:43:5e:64:8f:a7:b4:29:c2:09:ee:44:e2:32:bf:
         c5:7e:16:34:42:d6:c7:a6:4c:88:f2:da:0f:60:ed:34:73:bc:
         5f:37:90:5d:d5:a4:18:cf:82:96:f7:82:5b:b0:d5:99:9a:d8:
         47:87:6e:5b:90:8a:fe:7e:9c:42:3a:bb:a3:e4:6e:33:43:04:
         28:67:4b:7d:54:8f:dd:68:bf:eb:ea:50:83:51:59:12:ed:30:
         d1:97:82:5f:4e:49:5c:1b:af:18:eb:47:f8:f2:2c:88:6e:b8:
         6b:a1:10:00:6e:2c:e1:01:c1:08:68:6f:8e:d4:38:2f:e5:4a:
         6e:13:d5:85:9d:f7:38:0d:3d:66:42:16:f4:11:70:a2:1f:ef:
         cd:e4:fa:9e:de:de:d7:61:6f:ee:55:77:aa:e4:58:cb:80:00:
         40:a9:fb:6d:66:7b:c2:05:6d:89:04:d2:76:ba:8c:f9:a9:a7:
         09:27:81:a5:43:e1:bf:7c:84:9c:09:d2:f1:bf:72:e8:06:86:
         b9:f6:5c:df:d0:ca:88:69:2a:e6:ea:cd:4d:16:17:34:82:f2:
         7f:ca:8e:f4
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYhICsGzkKLejl9isnIsuTyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjMwNTIzMDk1NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWJiMTI2MTE0YmFiZWU1YWFiMDBiNjc5M2Y5ODI2ODdlMTY2ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSfgrMA216aly6UYu12I8kS36M++
2RhtuX8eK84v0j9VaQM7NsKzmGytIlWD5uugsJ2WBXYhQYEABpXHr0aK81dPxr92
UGXUW52BX+icH8PGs0BQfmUwBLiT2Yx6rSV7n3DGwgCoh7ghKwrbbJRyZ6mAQFph
JkiQxeLJjuGWGVwmQ7nrBq3EthjNCVdgrxE1/5FcYw5rjnBAqf/cjQjPVNlaZ+O/
pgKvVtFYxEWiQoYi20j23Xt9kOYYP/8tQn3UNsMcTdbxLYmU4J5MqZ+Agm9qc+ws
iFLxRoE5N9ymfdchWG+6MPSjZZ1LLryqhKHo7lFtCpjGLuIgdjJad/WM/wIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGW7EmEUur7lqrALZ5P5gmh+Fm2GMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvWmJzU1lSUzZ2dVdxc0F0bmtfbUNhSDRXYllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAyBAIAATAsMAwDBAVQRaAD
BAJQRagDBANREcADBANtS+ADBAK5e3QDBAPCHcADBALCTxAwHQQCAAIwFwMHACAB
BnwAcAMFAyABG8gDBQMqAVHAMA0GCSqGSIb3DQEBCwUAA4IBAQCj8aMnQwLnC092
fB9Bv21TS8TU42j+JBVTVmXS9tKkFlQEm97vTP9CQ15kj6e0KcIJ7kTiMr/FfhY0
QtbHpkyI8toPYO00c7xfN5Bd1aQYz4KW94JbsNWZmthHh25bkIr+fpxCOruj5G4z
QwQoZ0t9VI/daL/r6lCDUVkS7TDRl4JfTklcG68Y60f48iyIbrhroRAAbizhAcEI
aG+O1Dgv5UpuE9WFnfc4DT1mQhb0EXCiH+/N5Pqe3t7XYW/uVXeq5FjLgABAqftt
ZnvCBW2JBNJ2uoz5qacJJ4GlQ+G/fIScCdLxv3LoBoa59lzf0MqIaSrm6s1NFhc0
gvJ/yo70
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:28 2024 by rpki-client on console-ams.rpki-client.org