Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/ZutlVo81CLXJmb-7k9xzbb7yma0.roa
File:                     ZutlVo81CLXJmb-7k9xzbb7yma0.roa (raw, json)
Hash identifier:          ITTSnC6WpmUYxoRgc1DRonBQIN+WdbSM3KcKbRiTH9Q=
Subject key identifier:   66:EB:65:56:8F:35:08:B5:C9:99:BF:BB:93:DC:73:6D:BE:F2:99:AD
Certificate issuer:       /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial:       018570796DFD243F3474B44688708B95B9A1
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/ZutlVo81CLXJmb-7k9xzbb7yma0.roa
Signing time:             Mon 02 Jan 2023 03:14:44 +0000
ROA not before:           Mon 02 Jan 2023 03:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42898
IP address blocks:        185.73.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:6d:fd:24:3f:34:74:b4:46:88:70:8b:95:b9:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
        Validity
            Not Before: Jan  2 03:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=66eb65568f3508b5c999bfbb93dc736dbef299ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:63:07:58:1c:01:ac:f7:60:5b:1b:39:a0:e4:
                    40:0c:50:3e:79:29:a8:5c:dd:b6:b5:f6:40:de:d1:
                    49:0a:c7:9a:72:eb:c7:c9:af:71:ed:1c:61:b5:88:
                    06:9f:bc:10:41:ed:3b:08:6d:08:f1:c9:89:07:96:
                    4e:86:1b:8f:13:ca:69:ef:54:6c:fb:d2:67:75:ae:
                    ba:67:0d:fa:02:76:85:63:c1:3c:1d:1f:c3:24:ed:
                    88:e6:d5:6d:20:0a:3c:84:78:b8:57:ec:ef:ed:3e:
                    17:bf:5d:24:64:17:3b:2c:e4:24:c1:3f:2d:22:c7:
                    2d:7b:32:db:a3:a0:34:01:98:94:eb:6e:3c:d7:58:
                    bb:9d:fe:bc:c8:57:5d:3f:87:f2:a0:ca:8c:a0:c3:
                    4c:2f:03:9a:e7:e2:69:9b:b0:e1:1c:10:91:09:17:
                    8c:72:2f:a2:02:b6:98:ad:0b:20:d0:66:ae:bc:72:
                    5c:8c:23:d1:1d:fd:31:fb:5e:3f:fc:2d:10:cf:ad:
                    bb:35:28:ea:53:75:33:8c:42:d2:9f:e8:70:15:4e:
                    ed:94:5c:98:2c:c3:a7:3e:8c:84:55:af:d4:d9:53:
                    68:82:bc:7d:06:4d:9c:31:50:b9:cc:75:d4:fc:cd:
                    f2:a6:6c:28:66:b0:af:5d:2c:f3:9e:44:cc:61:94:
                    6e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:EB:65:56:8F:35:08:B5:C9:99:BF:BB:93:DC:73:6D:BE:F2:99:AD
            X509v3 Authority Key Identifier:
                keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/ZutlVo81CLXJmb-7k9xzbb7yma0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:ef:0a:b0:c7:76:c0:45:06:bc:35:90:3c:c4:4a:b2:76:28:
         fd:c4:ec:d1:ee:60:16:ce:47:4e:29:38:38:2b:b3:50:d5:30:
         cd:26:ba:55:ec:17:18:a2:41:5d:bf:b0:22:71:4c:f7:94:da:
         1c:ba:1b:d5:e6:fe:93:d4:69:ba:e5:14:f9:d4:9d:20:c9:ca:
         f9:f0:3f:fb:26:c4:09:19:5c:1e:bb:71:32:cb:0b:68:41:cc:
         d1:16:6f:2e:3e:f7:43:65:16:33:3c:37:6c:ca:2d:e7:bc:98:
         87:f7:72:4f:07:f1:71:89:cb:ee:4e:5d:5d:ee:d8:f8:12:82:
         e8:9e:e5:10:b1:9b:53:f1:f2:d2:58:40:97:bb:f6:b2:0e:d9:
         e7:ab:ab:f4:0d:2a:cb:d6:6b:c1:64:1a:c8:04:a8:7e:66:f5:
         ab:3e:56:29:74:f9:c2:dd:10:05:61:de:fe:b3:f8:f3:2c:0b:
         29:9a:4c:bc:e6:67:c5:1b:43:c8:4b:ab:f6:eb:4d:fd:81:be:
         c2:fa:bb:7a:f3:6c:86:25:3c:c8:f7:6e:f1:40:89:3d:1d:de:
         d6:cf:ae:71:6d:06:62:cd:ad:4e:53:48:8b:b3:b3:8c:9c:2f:
         54:d9:c6:fd:61:7c:f8:9a:8c:6b:10:f1:8c:16:5f:35:3b:ce:
         47:9d:27:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweW39JD80dLRGiHCLlbmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmViNjU1NjhmMzUwOGI1Yzk5OWJmYmI5M2RjNzM2ZGJlZjI5OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGMHWBwBrPdgWxs5oORADFA+eSmo
XN22tfZA3tFJCseacuvHya9x7RxhtYgGn7wQQe07CG0I8cmJB5ZOhhuPE8pp71Rs
+9Jnda66Zw36AnaFY8E8HR/DJO2I5tVtIAo8hHi4V+zv7T4Xv10kZBc7LOQkwT8t
IsctezLbo6A0AZiU624811i7nf68yFddP4fyoMqMoMNMLwOa5+Jpm7DhHBCRCReM
ci+iAraYrQsg0GauvHJcjCPRHf0x+14//C0Qz627NSjqU3UzjELSn+hwFU7tlFyY
LMOnPoyEVa/U2VNogrx9Bk2cMVC5zHXU/M3ypmwoZrCvXSzznkTMYZRuRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbrZVaPNQi1yZm/u5Pcc22+8pmtMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvWnV0bFZvODFDTFhKbWItN2s5eHpiYjd5bWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUnzMA0G
CSqGSIb3DQEBCwUAA4IBAQAV7wqwx3bARQa8NZA8xEqydij9xOzR7mAWzkdOKTg4
K7NQ1TDNJrpV7BcYokFdv7AicUz3lNocuhvV5v6T1Gm65RT51J0gycr58D/7JsQJ
GVweu3EyywtoQczRFm8uPvdDZRYzPDdsyi3nvJiH93JPB/FxicvuTl1d7tj4EoLo
nuUQsZtT8fLSWECXu/ayDtnnq6v0DSrL1mvBZBrIBKh+ZvWrPlYpdPnC3RAFYd7+
s/jzLAspmky85mfFG0PIS6v26039gb7C+rt682yGJTzI927xQIk9Hd7Wz65xbQZi
za1OU0iLs7OMnC9U2cb9YXz4moxrEPGMFl81O85HnSf5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:20 2024 by rpki-client on console-ams.rpki-client.org