Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/NZJpWgq6HZ3IZ_XEQ4QetKVJoPk.roa
File:                     NZJpWgq6HZ3IZ_XEQ4QetKVJoPk.roa (raw, json)
Hash identifier:          8ZjKpGne+0xpALAlfMawgDa9Xx6SyYCK5XFRRC/Df08=
Subject key identifier:   35:92:69:5A:0A:BA:1D:9D:C8:67:F5:C4:43:84:1E:B4:A5:49:A0:F9
Certificate issuer:       /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial:       01856F5DF217DE3C7F84DC4868FE229357D7
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/NZJpWgq6HZ3IZ_XEQ4QetKVJoPk.roa
Signing time:             Sun 01 Jan 2023 22:05:05 +0000
ROA not before:           Sun 01 Jan 2023 22:05:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8896
IP address blocks:        185.41.241.0/24 maxlen: 24
                          185.152.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:f2:17:de:3c:7f:84:dc:48:68:fe:22:93:57:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
        Validity
            Not Before: Jan  1 22:05:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3592695a0aba1d9dc867f5c443841eb4a549a0f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:50:53:10:5e:1b:bb:04:fd:1f:a2:1b:f7:00:
                    83:2d:ad:0d:92:d4:ec:23:32:8b:ad:23:ab:1a:a6:
                    2f:cf:c2:37:02:1a:39:73:dc:b1:2f:40:97:bd:c8:
                    b3:97:40:b9:c8:6a:7f:89:32:c1:6e:8d:0c:f3:95:
                    11:1e:f0:2d:01:1f:24:e0:c8:29:ad:27:08:23:63:
                    e7:eb:c3:5e:99:28:03:05:c4:2b:04:0a:bc:74:2d:
                    80:48:62:24:dc:11:35:cf:1c:20:82:3d:0f:4c:26:
                    bd:ef:78:c7:c7:fe:aa:be:56:a6:80:9e:1d:9a:f3:
                    d9:6b:10:30:a7:a3:15:4e:03:7b:4e:30:d5:a0:1e:
                    aa:e5:3c:28:fc:25:03:a9:68:97:3e:32:f1:89:da:
                    9c:4b:a5:82:3b:80:a5:ea:d2:5b:a7:68:0c:65:7c:
                    d2:03:ee:1e:d8:d6:8a:02:fa:45:5f:fd:d2:9d:fd:
                    6c:93:83:90:05:64:32:50:23:8d:e3:b4:be:b6:2c:
                    56:52:dd:1e:ca:5d:df:88:bb:11:a1:17:81:be:9f:
                    a5:73:03:9c:44:b3:61:39:c0:2d:15:ff:25:df:38:
                    80:33:82:70:19:a6:71:4d:77:6b:d4:d1:98:6e:01:
                    0e:0b:72:5b:a7:cc:fe:77:4a:ae:3a:71:29:a1:b6:
                    fe:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:92:69:5A:0A:BA:1D:9D:C8:67:F5:C4:43:84:1E:B4:A5:49:A0:F9
            X509v3 Authority Key Identifier:
                keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/NZJpWgq6HZ3IZ_XEQ4QetKVJoPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.41.241.0/24
                  185.152.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:b3:8e:61:48:0e:00:0f:7e:96:0f:30:b9:35:4e:5a:52:c4:
         82:9d:3c:99:8c:23:03:88:83:15:41:c5:05:19:f0:99:d6:6e:
         86:07:de:c4:18:4e:a3:ad:af:e3:0d:aa:b7:de:1d:8c:da:20:
         70:3a:2f:d1:6e:11:10:5d:c2:8b:1a:ea:77:28:50:e0:d9:a8:
         1f:64:0f:80:8c:af:82:cd:2a:24:04:76:89:68:56:a8:9d:98:
         e5:80:91:1f:86:25:31:ae:37:f3:65:95:35:c4:ef:de:4d:48:
         52:6a:4b:1b:49:5f:ff:0e:46:72:b2:53:c8:d3:7d:a4:1c:53:
         81:ff:1f:83:c9:fa:85:4d:58:fb:a7:d7:e7:4b:f4:4d:36:7c:
         ec:14:01:a9:c8:86:b7:df:77:73:9f:86:33:3e:71:1f:82:d7:
         f0:11:a7:b0:5b:94:9f:30:65:02:79:5c:a8:82:f4:ee:03:79:
         42:96:ef:f5:6c:10:e7:a9:83:40:76:1f:1c:b3:1d:c6:93:ed:
         65:2d:16:67:94:61:24:81:27:69:5b:2f:a3:2f:c4:43:29:b4:
         e1:4a:9e:ca:67:81:c8:f0:14:7a:2b:2f:52:4a:82:e4:2a:bb:
         72:c9:b4:08:1c:69:1d:a9:a2:3f:2e:b7:eb:e4:19:61:1a:f6:
         60:43:ae:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvXfIX3jx/hNxIaP4ik1fXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjMwMTAxMjIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTkyNjk1YTBhYmExZDlkYzg2N2Y1YzQ0Mzg0MWViNGE1NDlhMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFBTEF4buwT9H6Ib9wCDLa0NktTs
IzKLrSOrGqYvz8I3Aho5c9yxL0CXvcizl0C5yGp/iTLBbo0M85URHvAtAR8k4Mgp
rScII2Pn68NemSgDBcQrBAq8dC2ASGIk3BE1zxwggj0PTCa973jHx/6qvlamgJ4d
mvPZaxAwp6MVTgN7TjDVoB6q5Two/CUDqWiXPjLxidqcS6WCO4Cl6tJbp2gMZXzS
A+4e2NaKAvpFX/3Snf1sk4OQBWQyUCON47S+tixWUt0eyl3fiLsRoReBvp+lcwOc
RLNhOcAtFf8l3ziAM4JwGaZxTXdr1NGYbgEOC3Jbp8z+d0quOnEpobb+5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDWSaVoKuh2dyGf1xEOEHrSlSaD5MB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvTlpKcFdncTZIWjNJWl9YRVE0UWV0S1ZKb1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSnxAwQA
uZghMA0GCSqGSIb3DQEBCwUAA4IBAQCks45hSA4AD36WDzC5NU5aUsSCnTyZjCMD
iIMVQcUFGfCZ1m6GB97EGE6jra/jDaq33h2M2iBwOi/RbhEQXcKLGup3KFDg2agf
ZA+AjK+CzSokBHaJaFaonZjlgJEfhiUxrjfzZZU1xO/eTUhSaksbSV//DkZyslPI
032kHFOB/x+DyfqFTVj7p9fnS/RNNnzsFAGpyIa333dzn4YzPnEfgtfwEaewW5Sf
MGUCeVyogvTuA3lClu/1bBDnqYNAdh8csx3Gk+1lLRZnlGEkgSdpWy+jL8RDKbTh
Sp7KZ4HI8BR6Ky9SSoLkKrtyybQIHGkdqaI/Lrfr5BlhGvZgQ67A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:32 2024 by rpki-client on console-fra.rpki-client.org