Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ZToj966MA04dBTcxH4e7O6ql0t8.roa
File:                     ZToj966MA04dBTcxH4e7O6ql0t8.roa (raw, json)
Hash identifier:          exu1/K2luZywL8TdvlpmdaK95wOwBR3CVV8i/WZZBaw=
Subject key identifier:   65:3A:23:F7:AE:8C:03:4E:1D:05:37:31:1F:87:BB:3B:AA:A5:D2:DF
Certificate issuer:       /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial:       0185703967602D213C61E714AA55F2750A61
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ZToj966MA04dBTcxH4e7O6ql0t8.roa
Signing time:             Mon 02 Jan 2023 02:04:48 +0000
ROA not before:           Mon 02 Jan 2023 02:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24631
IP address blocks:        109.95.64.0/24 maxlen: 24
                          109.95.65.0/24 maxlen: 24
                          109.95.67.0/24 maxlen: 24
                          109.95.66.0/24 maxlen: 24
                          109.95.68.0/24 maxlen: 24
                          109.95.70.0/24 maxlen: 24
                          109.95.69.0/24 maxlen: 24
                          109.95.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:67:60:2d:21:3c:61:e7:14:aa:55:f2:75:0a:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
        Validity
            Not Before: Jan  2 02:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=653a23f7ae8c034e1d0537311f87bb3baaa5d2df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:30:9b:f5:7b:a7:ab:f1:a6:c2:61:0d:1e:82:
                    b2:dc:99:6d:8b:ea:80:02:ac:aa:f8:7e:80:64:41:
                    84:47:2c:12:bf:dc:a1:9f:fb:2d:a8:d7:4c:90:d8:
                    32:31:9d:78:58:3c:30:6e:98:27:e1:86:a1:72:2d:
                    fd:af:63:c5:f6:ea:eb:b0:9e:cb:32:02:f6:93:13:
                    8c:ff:06:02:1e:b7:a0:46:65:90:f5:dc:b5:58:58:
                    1d:c5:f8:c1:cc:6e:1c:73:fa:b9:d7:0c:71:4d:46:
                    46:35:c8:86:5b:3a:fc:39:57:c4:77:29:2d:a4:e8:
                    51:36:dd:dd:e6:67:3a:ad:2f:fc:a9:1c:e0:86:4a:
                    3d:68:26:76:21:e1:7e:0e:f1:71:09:83:dc:11:1f:
                    24:5a:5c:6c:db:7a:c0:fc:ed:ae:d5:e6:29:b8:5d:
                    df:64:76:64:a7:02:e7:11:e2:42:e2:1f:7b:8f:0b:
                    a5:b0:ed:21:d5:84:7e:ed:84:0d:4a:71:28:69:b7:
                    5a:74:c4:df:76:31:a5:3e:ba:61:e9:eb:cb:4e:e8:
                    d8:0a:c3:5c:01:08:b5:d0:3d:fb:29:c9:81:53:34:
                    19:de:e3:0e:5a:72:3c:cc:2c:ab:95:21:27:42:2b:
                    4f:3b:31:33:a0:00:fa:4b:00:23:7a:f3:ef:ae:76:
                    1a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:3A:23:F7:AE:8C:03:4E:1D:05:37:31:1F:87:BB:3B:AA:A5:D2:DF
            X509v3 Authority Key Identifier:
                keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/ZToj966MA04dBTcxH4e7O6ql0t8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.95.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         06:7f:bf:49:7a:02:64:0c:75:68:98:f1:85:c0:c3:58:49:a9:
         99:69:98:d7:c4:fd:03:b8:eb:13:ca:1d:66:53:43:b2:f1:fb:
         2d:da:87:8b:bc:34:81:0c:2a:93:2e:62:56:fb:55:ed:14:93:
         34:78:f6:5d:3f:31:d8:82:7b:f6:98:ac:73:88:a3:bf:d4:9b:
         57:58:e2:44:c1:a8:5d:5d:f1:2c:36:7d:21:cf:6f:fb:94:ea:
         81:33:7e:50:37:de:b9:2a:76:f8:6a:18:36:11:29:c4:ff:ec:
         51:34:b1:e0:c3:42:2a:ab:2c:d0:9c:19:55:10:c5:51:4d:7d:
         fe:c3:26:30:44:59:10:fb:b6:d8:cd:c8:d2:74:16:59:52:a3:
         f3:f7:f8:cc:f6:3a:8f:2c:55:a0:2f:0e:13:2d:9e:45:ab:5f:
         9b:ff:e6:4b:43:29:b4:0d:cf:7e:d7:e8:48:5f:29:03:5f:d4:
         19:72:44:9f:cd:75:de:45:0c:88:45:cd:85:26:dc:92:9d:ba:
         d8:84:df:f5:44:ed:7b:82:c9:1a:a9:fa:79:2c:79:a5:63:2c:
         04:66:02:bd:9c:a4:54:16:e7:1e:74:dc:96:36:71:94:e8:5d:
         cb:37:ba:4b:bf:40:52:4d:73:21:f0:eb:34:9f:ab:93:ba:49:
         e0:26:7f:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOWdgLSE8YecUqlXydQphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjMwMTAyMDIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNhMjNmN2FlOGMwMzRlMWQwNTM3MzExZjg3YmIzYmFhYTVkMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjCb9Xunq/GmwmENHoKy3Jlti+qA
Aqyq+H6AZEGERywSv9yhn/stqNdMkNgyMZ14WDwwbpgn4Yahci39r2PF9urrsJ7L
MgL2kxOM/wYCHregRmWQ9dy1WFgdxfjBzG4cc/q51wxxTUZGNciGWzr8OVfEdykt
pOhRNt3d5mc6rS/8qRzghko9aCZ2IeF+DvFxCYPcER8kWlxs23rA/O2u1eYpuF3f
ZHZkpwLnEeJC4h97jwulsO0h1YR+7YQNSnEoabdadMTfdjGlPrph6evLTujYCsNc
AQi10D37KcmBUzQZ3uMOWnI8zCyrlSEnQitPOzEzoAD6SwAjevPvrnYa7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGU6I/eujANOHQU3MR+HuzuqpdLfMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvWlRvajk2Nk1BMDRkQlRjeEg0ZTdPNnFsMHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbV9AMA0G
CSqGSIb3DQEBCwUAA4IBAQAGf79JegJkDHVomPGFwMNYSamZaZjXxP0DuOsTyh1m
U0Oy8fst2oeLvDSBDCqTLmJW+1XtFJM0ePZdPzHYgnv2mKxziKO/1JtXWOJEwahd
XfEsNn0hz2/7lOqBM35QN965Knb4ahg2ESnE/+xRNLHgw0IqqyzQnBlVEMVRTX3+
wyYwRFkQ+7bYzcjSdBZZUqPz9/jM9jqPLFWgLw4TLZ5Fq1+b/+ZLQym0Dc9+1+hI
XykDX9QZckSfzXXeRQyIRc2FJtySnbrYhN/1RO17gskaqfp5LHmlYywEZgK9nKRU
FucedNyWNnGU6F3LN7pLv0BSTXMh8Os0n6uTukngJn9M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:42 2024 by rpki-client on console-fra.rpki-client.org