Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zeFnB9ByVEeGNo_Gkq2jTV8Ge7Y.roa
File:                     zeFnB9ByVEeGNo_Gkq2jTV8Ge7Y.roa (raw, json)
Hash identifier:          1RnA1q2gEhHn3zUfyHpfqESMg0pnQe43UNdZ0oKFDUY=
Subject key identifier:   CD:E1:67:07:D0:72:54:47:86:36:8F:C6:92:AD:A3:4D:5F:06:7B:B6
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01857102F8F5947EC5B8BFD473FFB67707DD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zeFnB9ByVEeGNo_Gkq2jTV8Ge7Y.roa
Signing time:             Mon 02 Jan 2023 05:44:58 +0000
ROA not before:           Mon 02 Jan 2023 05:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4785
IP address blocks:        194.242.2.0/24 maxlen: 24
                          193.19.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:02:f8:f5:94:7e:c5:b8:bf:d4:73:ff:b6:77:07:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cde16707d072544786368fc692ada34d5f067bb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:8a:0d:c8:48:64:4b:da:7c:ea:76:b2:d4:3f:
                    50:10:54:49:11:09:83:3a:4d:12:fe:b4:9a:f4:40:
                    f6:69:7e:d7:db:f2:87:71:6e:36:87:cb:2c:3b:9b:
                    6a:20:a3:99:ae:ba:b4:f3:bb:24:10:74:7b:1f:1e:
                    18:e5:73:cf:96:9e:1b:89:22:dc:4b:ac:22:42:48:
                    1c:b5:c2:62:75:cc:7e:22:b6:96:d7:5a:9f:04:0b:
                    15:17:c3:3c:8d:1a:73:82:5f:cd:b1:cf:ce:ae:42:
                    60:b8:51:e8:3a:e2:62:c1:4c:b0:16:99:bc:4e:2c:
                    83:66:23:7a:a2:d2:ae:d3:fb:70:b7:e2:24:22:2f:
                    92:6d:53:37:db:30:40:37:45:9c:e2:ec:d5:a4:26:
                    24:07:d9:bf:e7:cc:b1:cd:c7:28:9b:c2:a3:48:d5:
                    7c:d1:01:0d:ec:dd:50:4a:b9:f2:32:6d:46:bf:91:
                    b7:d0:82:5c:60:16:d6:df:11:52:68:f9:58:1b:50:
                    a5:14:66:e6:e4:9f:57:55:ee:d0:93:8d:a8:92:87:
                    eb:35:c0:94:33:04:4c:cf:00:04:01:23:eb:8e:84:
                    51:42:9d:25:91:00:06:ac:6c:2d:53:fb:9f:2d:71:
                    f1:72:f7:27:ae:85:b1:f0:8f:cd:79:68:82:81:6d:
                    82:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:E1:67:07:D0:72:54:47:86:36:8F:C6:92:AD:A3:4D:5F:06:7B:B6
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zeFnB9ByVEeGNo_Gkq2jTV8Ge7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.19.108.0/24
                  194.242.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:76:00:9d:58:c8:20:5b:e6:de:7c:f9:e9:2e:cd:64:81:c7:
         ef:13:9e:a9:60:23:68:07:fb:bc:fb:94:86:4f:81:a3:12:38:
         31:5f:0b:f5:01:5c:95:5f:13:bb:3c:e6:a8:f3:32:ac:b6:b7:
         f4:ea:c6:dc:6f:ea:26:f2:a9:a8:24:87:85:4d:08:42:dc:6f:
         11:21:af:00:6d:ef:23:4e:7b:52:57:05:3a:ab:d7:8e:25:1f:
         c6:e6:a0:75:b6:fa:57:73:b4:03:2e:06:53:7f:e9:92:5c:8b:
         60:a2:fe:18:fb:1b:9d:66:cf:3a:84:96:cf:99:9e:64:15:f4:
         4c:8c:fe:59:83:6d:73:32:40:3f:c4:02:33:7d:02:3d:7c:42:
         c1:29:ce:c7:23:51:d9:23:f0:c7:a8:c4:87:b6:95:81:6b:76:
         cc:3c:1a:4b:77:ab:f1:d2:62:f3:ee:eb:2e:a5:16:ad:22:8b:
         74:9d:6f:23:3c:02:03:c8:c5:7a:be:d5:6b:bd:ff:87:3b:a0:
         cc:e0:57:f0:ed:7b:ef:ce:be:31:ca:d0:5c:0c:9e:ba:4b:0d:
         bf:64:86:bf:ec:21:87:4a:f5:f3:c7:65:30:ac:df:89:8b:78:
         4e:14:d4:66:ef:ab:35:f1:6c:27:6b:e0:b4:b6:19:91:a4:cc:
         14:6d:5b:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxAvj1lH7FuL/Uc/+2dwfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGUxNjcwN2QwNzI1NDQ3ODYzNjhmYzY5MmFkYTM0ZDVmMDY3YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4oNyEhkS9p86nay1D9QEFRJEQmD
Ok0S/rSa9ED2aX7X2/KHcW42h8ssO5tqIKOZrrq087skEHR7Hx4Y5XPPlp4biSLc
S6wiQkgctcJidcx+IraW11qfBAsVF8M8jRpzgl/Nsc/OrkJguFHoOuJiwUywFpm8
TiyDZiN6otKu0/twt+IkIi+SbVM32zBAN0Wc4uzVpCYkB9m/58yxzccom8KjSNV8
0QEN7N1QSrnyMm1Gv5G30IJcYBbW3xFSaPlYG1ClFGbm5J9XVe7Qk42okofrNcCU
MwRMzwAEASPrjoRRQp0lkQAGrGwtU/ufLXHxcvcnroWx8I/NeWiCgW2C/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM3hZwfQclRHhjaPxpKto01fBnu2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvemVGbkI5QnlWRWVHTm9fR2txMmpUVjhHZTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA
wvICMA0GCSqGSIb3DQEBCwUAA4IBAQCIdgCdWMggW+befPnpLs1kgcfvE56pYCNo
B/u8+5SGT4GjEjgxXwv1AVyVXxO7POao8zKstrf06sbcb+om8qmoJIeFTQhC3G8R
Ia8Abe8jTntSVwU6q9eOJR/G5qB1tvpXc7QDLgZTf+mSXItgov4Y+xudZs86hJbP
mZ5kFfRMjP5Zg21zMkA/xAIzfQI9fELBKc7HI1HZI/DHqMSHtpWBa3bMPBpLd6vx
0mLz7usupRatIot0nW8jPAIDyMV6vtVrvf+HO6DM4Ffw7Xvvzr4xytBcDJ66Sw2/
ZIa/7CGHSvXzx2UwrN+Ji3hOFNRm76s18Wwna+C0thmRpMwUbVuc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org