Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZIPhmZF_92zDBa30Mz33fAcOdck.roa
File:                     ZIPhmZF_92zDBa30Mz33fAcOdck.roa (raw, json)
Hash identifier:          H/8mN9yK7lgTPKvG/65CsFHAOQz5YFGFPI5BgVQy+ok=
Subject key identifier:   64:83:E1:99:91:7F:F7:6C:C3:05:AD:F4:33:3D:F7:7C:07:0E:75:C9
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018D34DBBA77814DAD25BC3F98779BCAAED3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZIPhmZF_92zDBa30Mz33fAcOdck.roa
Signing time:             Tue 23 Jan 2024 05:47:11 +0000
ROA not before:           Tue 23 Jan 2024 05:47:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     142299
IP address blocks:        45.141.26.0/23 maxlen: 24
                          89.38.101.0/24 maxlen: 24
                          185.241.210.0/24 maxlen: 24
                          188.212.158.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 21 Jun 2024 07:48:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:34:db:ba:77:81:4d:ad:25:bc:3f:98:77:9b:ca:ae:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 23 05:47:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6483e199917ff76cc305adf4333df77c070e75c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:62:e8:69:8a:87:e3:24:01:00:3a:c9:99:74:
                    36:cf:98:55:31:f5:02:7c:1f:7c:ce:f5:19:9d:1a:
                    c3:45:54:37:ab:b6:f2:91:d1:86:0a:05:1c:8f:7e:
                    ad:b9:c5:d7:22:51:8a:ed:a6:93:13:22:f8:35:bd:
                    2f:1c:82:f8:76:8d:64:4c:8b:b6:89:78:c5:42:5c:
                    c5:fb:08:83:07:64:d3:da:66:b3:58:a1:90:4d:ee:
                    9e:c7:a2:a0:39:3c:63:80:01:49:14:03:bc:50:ee:
                    91:8b:3d:1b:a3:f0:0a:cf:fd:40:ae:19:5f:8e:12:
                    7c:db:ca:89:e9:2f:82:f8:c7:bf:27:2a:2d:7c:12:
                    71:6e:c4:e6:72:c9:35:e2:09:4e:d0:0d:25:a0:b1:
                    8c:ca:23:a3:3a:e8:ac:de:2a:07:c5:a2:f6:87:1c:
                    91:93:e6:2c:b6:16:81:e1:3d:61:39:fe:47:a6:33:
                    c6:23:37:c1:cc:c7:6f:5d:f5:04:88:52:cc:91:9f:
                    36:3f:c6:ee:9d:13:b2:dd:c6:27:f8:c3:85:9d:57:
                    32:57:c2:76:7a:5f:44:f8:05:f4:01:60:33:36:4f:
                    5a:06:0e:b1:09:2f:22:1a:ba:e0:cd:7b:83:58:fa:
                    7b:8f:40:30:b6:b4:25:dc:41:ab:e5:97:d1:b8:76:
                    12:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:83:E1:99:91:7F:F7:6C:C3:05:AD:F4:33:3D:F7:7C:07:0E:75:C9
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZIPhmZF_92zDBa30Mz33fAcOdck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.26.0/23
                  89.38.101.0/24
                  185.241.210.0/24
                  188.212.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:9a:a9:cd:7c:38:6c:72:51:30:e8:6e:9f:af:c5:b5:5b:59:
         11:fa:c6:8c:51:15:f6:09:34:be:d3:51:bb:5f:7e:6c:84:c7:
         e6:0a:fd:c8:de:89:5c:25:ec:fc:38:c3:b7:da:98:af:51:1e:
         e6:6d:3b:66:f6:64:b7:69:42:50:65:7f:3e:20:f9:00:db:5a:
         83:73:65:88:7a:94:28:f9:4e:22:36:91:1b:d8:de:5f:42:ca:
         b4:d9:49:fe:ad:86:c8:69:5a:45:90:f8:de:b0:59:63:db:4d:
         7a:18:94:d8:b4:ab:4d:d0:42:c5:3e:f4:5b:4e:48:1d:6e:24:
         5e:9a:8b:d5:ea:cd:20:01:5c:7e:6f:c4:8d:5a:58:05:0c:4e:
         c3:89:83:b1:f2:22:64:cb:84:60:8b:02:d3:8b:e8:fe:21:5e:
         42:c4:aa:45:1c:e3:06:53:f4:f7:0f:ee:62:dd:de:c9:98:83:
         5b:c3:f2:fb:aa:b0:db:a2:bd:18:e0:d8:30:9c:e1:78:ce:32:
         1a:d4:00:a6:6b:a8:91:f1:11:e2:5d:30:3a:a4:0f:a5:e6:c0:
         59:64:32:df:09:6c:93:4e:f7:b6:af:c7:e4:e3:e1:84:2f:bc:
         a3:f5:80:7e:8d:0a:4b:8d:86:77:a9:a6:80:a0:87:45:35:a7:
         fb:ae:b1:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0027p3gU2tJbw/mHebyq7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTIzMDU0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDgzZTE5OTkxN2ZmNzZjYzMwNWFkZjQzMzNkZjc3YzA3MGU3NWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGLoaYqH4yQBADrJmXQ2z5hVMfUC
fB98zvUZnRrDRVQ3q7bykdGGCgUcj36tucXXIlGK7aaTEyL4Nb0vHIL4do1kTIu2
iXjFQlzF+wiDB2TT2mazWKGQTe6ex6KgOTxjgAFJFAO8UO6Riz0bo/AKz/1Arhlf
jhJ828qJ6S+C+Me/JyotfBJxbsTmcsk14glO0A0loLGMyiOjOuis3ioHxaL2hxyR
k+YsthaB4T1hOf5HpjPGIzfBzMdvXfUEiFLMkZ82P8bunROy3cYn+MOFnVcyV8J2
el9E+AX0AWAzNk9aBg6xCS8iGrrgzXuDWPp7j0AwtrQl3EGr5ZfRuHYSBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGSD4ZmRf/dswwWt9DM993wHDnXJMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWklQaG1aRl85MnpEQmEzME16MzNmQWNPZGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLY0aAwQA
WSZlAwQAufHSAwQBvNSeMA0GCSqGSIb3DQEBCwUAA4IBAQCLmqnNfDhsclEw6G6f
r8W1W1kR+saMURX2CTS+01G7X35shMfmCv3I3olcJez8OMO32pivUR7mbTtm9mS3
aUJQZX8+IPkA21qDc2WIepQo+U4iNpEb2N5fQsq02Un+rYbIaVpFkPjesFlj2016
GJTYtKtN0ELFPvRbTkgdbiRemovV6s0gAVx+b8SNWlgFDE7DiYOx8iJky4RgiwLT
i+j+IV5CxKpFHOMGU/T3D+5i3d7JmINbw/L7qrDbor0Y4NgwnOF4zjIa1ACma6iR
8RHiXTA6pA+l5sBZZDLfCWyTTve2r8fk4+GEL7yj9YB+jQpLjYZ3qaaAoIdFNaf7
rrEI
-----END CERTIFICATE-----
Generated at Fri Jun 21 11:03:51 2024 by rpki-client on console-fra.rpki-client.org