Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/AzT4ITedfv8mzBYdgYccOqiWUCo.roa
File:                     AzT4ITedfv8mzBYdgYccOqiWUCo.roa (raw, json)
Hash identifier:          N/g25Db0K1netePG1firBq6pcHir0ZIMURewiTlNBvk=
Subject key identifier:   03:34:F8:21:37:9D:7E:FF:26:CC:16:1D:81:87:1C:3A:A8:96:50:2A
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       018B283E08DAD37D90405958EBD9952B29FE
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/AzT4ITedfv8mzBYdgYccOqiWUCo.roa
Signing time:             Fri 13 Oct 2023 08:53:55 +0000
ROA not before:           Fri 13 Oct 2023 08:53:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34295
IP address blocks:        46.10.217.0/24 maxlen: 24
                          62.176.118.0/24 maxlen: 24
                          87.126.120.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:28:3e:08:da:d3:7d:90:40:59:58:eb:d9:95:2b:29:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Oct 13 08:53:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0334f821379d7eff26cc161d81871c3aa896502a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:a7:53:26:c3:12:c8:af:b5:50:cc:47:c5:30:
                    ec:75:6c:7e:71:3f:1a:71:b8:34:19:32:d2:eb:fb:
                    be:ad:83:e1:c5:47:4f:00:d0:be:a5:d7:f1:c4:ca:
                    64:63:60:dc:86:5e:ad:51:84:34:56:b5:61:ce:6b:
                    9e:65:e3:27:54:79:fc:65:1a:94:1f:e8:7e:49:7f:
                    93:29:cf:54:22:9e:cc:fd:fb:ca:75:df:fe:6e:cb:
                    9f:06:2a:e1:19:8a:13:23:c2:fb:8d:75:49:a0:78:
                    2f:ab:2b:13:da:ac:b1:63:07:43:2d:32:41:4f:30:
                    f6:b7:37:13:0f:89:0c:2c:45:f8:cf:bf:b3:54:ab:
                    5a:15:0c:fa:23:d1:8c:e1:b1:81:c2:d8:db:9f:f3:
                    f3:50:a4:80:91:c8:85:f2:7f:24:a6:7c:a9:e2:55:
                    5c:57:ce:29:af:04:db:95:47:a5:76:22:7d:e9:06:
                    66:f5:cf:e0:e3:de:d2:e1:19:a9:18:45:cc:72:d3:
                    23:ac:1f:e1:a1:4c:d4:07:75:8a:f1:96:36:17:d6:
                    e8:fc:82:b8:32:9a:0f:97:97:53:42:7d:a2:34:c3:
                    82:7c:de:d2:2b:6f:a6:27:d3:57:91:a9:dd:01:15:
                    b4:cc:4e:17:9a:80:96:fd:c3:da:74:1f:80:e9:d6:
                    98:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:34:F8:21:37:9D:7E:FF:26:CC:16:1D:81:87:1C:3A:A8:96:50:2A
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/AzT4ITedfv8mzBYdgYccOqiWUCo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.10.217.0/24
                  62.176.118.0/24
                  87.126.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:1a:dd:76:26:4e:24:80:88:66:90:68:0c:82:90:52:a5:10:
         24:dc:16:9e:c6:5f:71:75:88:93:39:e1:30:74:b8:cc:db:ab:
         70:92:e7:64:d0:cd:ce:19:ff:74:49:3d:4d:b6:3e:7f:72:5a:
         fe:50:71:90:a2:eb:1e:23:bd:e9:d5:c6:62:c4:14:9a:cd:86:
         cf:51:9d:c7:d7:87:9b:c1:36:85:d2:a9:75:8e:91:e8:54:c0:
         41:a0:38:43:83:f5:82:cd:9f:f0:44:01:cc:2d:d5:4e:1f:23:
         2f:b1:8e:d7:c4:27:ae:5f:ba:20:6e:67:1a:67:a5:ba:a8:ec:
         56:2c:f3:8b:79:37:99:f5:14:ca:e7:32:d1:9e:87:cb:7b:b4:
         78:e1:f5:f7:59:24:3f:17:e8:cf:f7:c0:0e:60:3c:d6:81:b6:
         d9:0e:27:81:4a:d1:c5:81:7a:00:d6:f4:7f:1a:a0:ab:36:52:
         ef:30:e8:1b:13:ea:d0:6e:1f:91:ff:19:1c:14:d1:64:e4:e1:
         6b:c9:62:28:0a:8e:2d:1d:0b:36:07:8d:ac:d9:6c:01:65:d9:
         46:fe:f8:9a:ee:e5:69:cb:f3:0e:84:dc:a2:29:9b:0e:db:a1:
         99:ab:4f:a8:b7:01:ec:cb:4d:e2:7d:a8:4d:2f:bf:0d:55:81:
         d3:06:df:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsoPgja032QQFlY69mVKyn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMxMDEzMDg1MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM0ZjgyMTM3OWQ3ZWZmMjZjYzE2MWQ4MTg3MWMzYWE4OTY1MDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qdTJsMSyK+1UMxHxTDsdWx+cT8a
cbg0GTLS6/u+rYPhxUdPANC+pdfxxMpkY2Dchl6tUYQ0VrVhzmueZeMnVHn8ZRqU
H+h+SX+TKc9UIp7M/fvKdd/+bsufBirhGYoTI8L7jXVJoHgvqysT2qyxYwdDLTJB
TzD2tzcTD4kMLEX4z7+zVKtaFQz6I9GM4bGBwtjbn/PzUKSAkciF8n8kpnyp4lVc
V84prwTblUeldiJ96QZm9c/g497S4RmpGEXMctMjrB/hoUzUB3WK8ZY2F9bo/IK4
MpoPl5dTQn2iNMOCfN7SK2+mJ9NXkandARW0zE4XmoCW/cPadB+A6daYOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAM0+CE3nX7/JswWHYGHHDqollAqMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvQXpUNElUZWRmdjhtekJZZGdZY2NPcWlXVUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALgrZAwQA
PrB2AwQCV354MA0GCSqGSIb3DQEBCwUAA4IBAQBdGt12Jk4kgIhmkGgMgpBSpRAk
3Baexl9xdYiTOeEwdLjM26twkudk0M3OGf90ST1Ntj5/clr+UHGQouseI73p1cZi
xBSazYbPUZ3H14ebwTaF0ql1jpHoVMBBoDhDg/WCzZ/wRAHMLdVOHyMvsY7XxCeu
X7ogbmcaZ6W6qOxWLPOLeTeZ9RTK5zLRnofLe7R44fX3WSQ/F+jP98AOYDzWgbbZ
DieBStHFgXoA1vR/GqCrNlLvMOgbE+rQbh+R/xkcFNFk5OFryWIoCo4tHQs2B42s
2WwBZdlG/via7uVpy/MOhNyiKZsO26GZq0+otwHsy03ifahNL78NVYHTBt+S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org