Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/ZmZLempaa5S1wLzQpjbLVZ0t_rk.roa
File:                     ZmZLempaa5S1wLzQpjbLVZ0t_rk.roa (raw, json)
Hash identifier:          BvP2R4dS35CHGOGubvWPXzRblSk0ENvN+107rNHiozk=
Subject key identifier:   66:66:4B:7A:6A:5A:6B:94:B5:C0:BC:D0:A6:36:CB:55:9D:2D:FE:B9
Certificate issuer:       /CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Certificate serial:       01856F8B8ACB2C4FE264F4A04B76C7E2615C
Authority key identifier: 30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/ZmZLempaa5S1wLzQpjbLVZ0t_rk.roa
Signing time:             Sun 01 Jan 2023 22:54:54 +0000
ROA not before:           Sun 01 Jan 2023 22:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.64.6.0/24 maxlen: 24
                          2a10:2307:fffd::/48 maxlen: 48
                          2a10:2307:ffff::/48 maxlen: 48
                          2a10:2307:fffe::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:8a:cb:2c:4f:e2:64:f4:a0:4b:76:c7:e2:61:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30706b2b95588d780e36ef82a8f54a317d5869e2
        Validity
            Not Before: Jan  1 22:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=66664b7a6a5a6b94b5c0bcd0a636cb559d2dfeb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:7b:ac:f7:75:53:a4:b3:94:cf:f1:ee:fe:f8:
                    11:8a:20:91:1f:68:a3:df:e0:73:5c:b0:5b:33:6f:
                    e5:3f:64:e1:63:a2:74:a3:51:66:47:a1:e7:7e:41:
                    a7:3e:85:df:6b:16:a3:28:fe:8d:7d:4c:17:31:0a:
                    51:46:1a:31:c9:22:96:8f:27:d3:28:2c:bf:b6:d9:
                    60:e3:60:d0:11:fb:c9:ee:4b:f6:69:cc:c5:21:15:
                    e1:f5:52:64:8e:31:2b:df:2f:46:fc:7b:c1:6a:3a:
                    c2:63:2a:9a:0d:2f:0f:a2:85:88:8a:ea:2e:a4:b6:
                    4c:e3:16:ec:17:c2:0d:78:47:09:77:eb:50:52:f2:
                    a4:e5:f1:1f:a4:e5:53:e2:2c:f0:e5:72:6b:95:bb:
                    76:47:cb:36:e8:86:05:e4:0c:3c:0c:00:8c:58:3d:
                    27:81:d1:44:3d:b9:b6:ff:f9:d9:2f:eb:85:3f:67:
                    e7:c7:cc:03:66:13:f4:8d:fc:c7:bf:17:86:21:bf:
                    82:e4:5e:09:d9:41:50:05:2b:ad:e3:71:ca:94:0b:
                    6e:64:83:55:f4:16:64:e4:75:c0:11:5e:55:b6:5a:
                    d3:a6:98:a2:9d:68:39:70:5f:e0:d4:1c:d5:43:fd:
                    d4:bd:0f:c2:11:d5:fa:77:96:f7:f5:55:ec:42:cd:
                    6e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:66:4B:7A:6A:5A:6B:94:B5:C0:BC:D0:A6:36:CB:55:9D:2D:FE:B9
            X509v3 Authority Key Identifier:
                keyid:30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/ZmZLempaa5S1wLzQpjbLVZ0t_rk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.64.6.0/24
                IPv6:
                  2a10:2307:fffd::-2a10:2307:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         25:4d:2f:3a:87:3d:83:f2:20:57:09:95:a0:fc:66:36:d3:70:
         10:80:22:d7:0c:2a:89:38:df:30:a8:f5:d8:4e:6b:70:64:31:
         30:60:ab:38:d5:48:97:56:6c:67:10:ea:50:f0:01:f3:e0:ed:
         8b:74:8e:55:ee:91:1b:0f:a6:27:12:2d:f4:f7:da:a4:1a:7d:
         b2:e2:90:a4:17:3c:01:46:55:66:ed:d3:f2:28:e8:2b:c1:91:
         87:a4:e7:b9:6f:b1:41:30:29:86:a5:39:50:03:e6:73:93:c2:
         b5:1c:ac:f1:ee:fe:16:7a:df:cb:ab:ac:64:3e:92:a5:5f:92:
         c1:9e:9d:13:b8:39:63:73:b9:13:72:c7:21:82:14:8f:2d:b8:
         d9:51:b6:3e:b5:a0:aa:7f:9d:f4:2e:e4:28:d4:52:6b:c9:87:
         9f:44:7b:b8:ea:4b:8d:3c:6a:f9:3e:4a:54:17:58:69:6f:69:
         08:ff:08:6f:e1:80:c8:79:d6:5e:40:7e:64:93:f7:21:ce:e9:
         ac:62:fc:3b:2b:ac:94:c4:c3:b4:05:6c:2c:97:e1:e6:72:db:
         11:e3:0a:71:1e:b3:98:3d:a5:14:dd:de:2d:a1:85:93:84:15:
         16:1d:74:72:fd:f3:58:c6:8f:d9:f9:b8:f9:5e:85:9a:89:e5:
         13:65:3b:02
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvi4rLLE/iZPSgS3bH4mFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzA2YjJiOTU1ODhkNzgwZTM2ZWY4MmE4ZjU0YTMxN2Q1
ODY5ZTIwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjY2NGI3YTZhNWE2Yjk0YjVjMGJjZDBhNjM2Y2I1NTlkMmRmZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Xus93VTpLOUz/Hu/vgRiiCRH2ij
3+BzXLBbM2/lP2ThY6J0o1FmR6HnfkGnPoXfaxajKP6NfUwXMQpRRhoxySKWjyfT
KCy/ttlg42DQEfvJ7kv2aczFIRXh9VJkjjEr3y9G/HvBajrCYyqaDS8PooWIiuou
pLZM4xbsF8INeEcJd+tQUvKk5fEfpOVT4izw5XJrlbt2R8s26IYF5Aw8DACMWD0n
gdFEPbm2//nZL+uFP2fnx8wDZhP0jfzHvxeGIb+C5F4J2UFQBSut43HKlAtuZINV
9BZk5HXAEV5VtlrTppiinWg5cF/g1BzVQ/3UvQ/CEdX6d5b39VXsQs1u9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGZmS3pqWmuUtcC80KY2y1WdLf65MB8GA1UdIwQY
MBaAFDBwayuVWI14Djbvgqj1SjF9WGniMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzct
ODRlZDkxZWMxYzY1LzEvWm1aTGVtcGFhNVMxd0x6UXBqYkxWWjB0X3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzctODRlZDkxZWMxYzY1
LzEvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuUAGMBgE
AgACMBIwEAMHACoQIwf//QMFAyoQIwAwDQYJKoZIhvcNAQELBQADggEBACVNLzqH
PYPyIFcJlaD8ZjbTcBCAItcMKok43zCo9dhOa3BkMTBgqzjVSJdWbGcQ6lDwAfPg
7Yt0jlXukRsPpicSLfT32qQafbLikKQXPAFGVWbt0/Io6CvBkYek57lvsUEwKYal
OVAD5nOTwrUcrPHu/hZ638urrGQ+kqVfksGenRO4OWNzuRNyxyGCFI8tuNlRtj61
oKp/nfQu5CjUUmvJh59Ee7jqS408avk+SlQXWGlvaQj/CG/hgMh51l5AfmST9yHO
6axi/DsrrJTEw7QFbCyX4eZy2xHjCnEes5g9pRTd3i2hhZOEFRYddHL981jGj9n5
uPlehZqJ5RNlOwI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:16 2024 by rpki-client on console-fra.rpki-client.org