Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/z2G6M8IiyrjBAVvei1q7cR7l4T8.roa
File:                     z2G6M8IiyrjBAVvei1q7cR7l4T8.roa (raw, json)
Hash identifier:          DIOPPglqXx87CrdAXljkBhDkeAQy3X+8I9G5rW9sVq8=
Subject key identifier:   CF:61:BA:33:C2:22:CA:B8:C1:01:5B:DE:8B:5A:BB:71:1E:E5:E1:3F
Certificate issuer:       /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial:       01856C6EF7C0D339EC9202DFE5AD2A28456F
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/z2G6M8IiyrjBAVvei1q7cR7l4T8.roa
Signing time:             Sun 01 Jan 2023 08:24:49 +0000
ROA not before:           Sun 01 Jan 2023 08:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12732
IP address blocks:        212.21.71.0/24 maxlen: 24
                          212.21.92.0/22 maxlen: 22
                          212.42.236.0/23 maxlen: 24
                          212.42.242.0/23 maxlen: 24
                          2001:bf1::/32 maxlen: 32
                          2001:bf0::/29 maxlen: 32
                          2001:bf0::/32 maxlen: 32
                          2001:bf0:40::/48 maxlen: 48
                          2001:bf0:69::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 05 Mar 2023 15:34:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:f7:c0:d3:39:ec:92:02:df:e5:ad:2a:28:45:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
        Validity
            Not Before: Jan  1 08:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf61ba33c222cab8c1015bde8b5abb711ee5e13f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:26:9c:13:ee:11:55:c6:49:92:43:4e:de:31:
                    91:50:51:b3:cf:d0:db:58:8a:09:29:3b:2c:bb:c2:
                    7f:e6:a7:66:a8:ec:93:f9:8a:39:eb:75:c8:96:6a:
                    87:78:7e:ca:82:c3:22:d3:04:89:d0:62:13:04:03:
                    36:ff:a5:b9:d5:a8:39:5f:9e:92:23:1d:91:62:15:
                    52:88:5e:e5:79:cb:65:50:ff:c2:87:8c:bf:3d:cd:
                    ea:b0:d3:cb:c9:99:8a:20:bd:86:21:ee:dd:83:85:
                    3a:b2:74:79:d8:1e:fa:f2:d9:2b:99:8b:b7:08:60:
                    00:74:5d:84:4b:0e:c7:09:96:80:b9:a3:d1:fb:1d:
                    b0:e9:bd:4d:f4:66:e5:fa:85:f0:09:66:74:83:0b:
                    06:af:57:7b:51:0f:b0:c2:fd:bc:53:67:32:a2:07:
                    5d:b9:dd:4b:fe:58:ad:0d:a5:2b:1c:09:75:84:80:
                    49:4f:ea:4c:a7:5a:73:ef:19:c3:98:9c:e6:46:6e:
                    df:67:5f:4e:7f:b3:15:79:b0:35:cc:67:e9:c8:ae:
                    2d:c9:e6:79:4b:19:56:81:a1:c6:a6:5a:a3:3d:ed:
                    05:26:00:34:6c:48:e6:d3:40:06:89:5c:c8:ed:e8:
                    9c:e0:cc:01:48:96:46:4e:6e:ce:f2:3f:67:03:5e:
                    8b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:61:BA:33:C2:22:CA:B8:C1:01:5B:DE:8B:5A:BB:71:1E:E5:E1:3F
            X509v3 Authority Key Identifier:
                keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/z2G6M8IiyrjBAVvei1q7cR7l4T8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.21.71.0/24
                  212.21.92.0/22
                  212.42.236.0/23
                  212.42.242.0/23
                IPv6:
                  2001:bf0::/29

    Signature Algorithm: sha256WithRSAEncryption
         74:07:14:4b:e1:ce:2c:34:4f:18:aa:cc:86:ae:78:18:f9:86:
         e9:8d:39:ea:b3:2f:fe:fd:67:27:cf:ff:72:70:01:cd:9a:c9:
         59:12:4b:dc:c0:cb:7c:9e:77:ab:74:95:1b:c5:b7:8e:80:f7:
         58:d3:15:70:1a:41:a4:92:30:73:80:b2:25:8f:9b:3c:c2:52:
         b2:9e:09:ce:51:b6:23:96:03:98:19:de:83:df:20:65:48:cc:
         f4:fa:0f:18:d0:c5:6c:c1:cb:b5:ee:1f:9e:90:f9:ab:aa:e8:
         30:24:5e:92:25:c8:85:f5:41:e6:4b:dd:81:4f:c5:c6:a5:10:
         5d:c1:c1:23:2e:21:88:e4:7c:c4:d5:c1:eb:d5:3e:54:4c:f9:
         dd:fe:56:76:4c:4f:09:27:29:91:83:a7:42:01:be:36:62:13:
         b4:eb:da:4b:28:e6:df:ed:da:73:f5:b2:75:f3:a9:b4:e9:65:
         97:07:62:92:e4:48:28:d2:2c:ff:69:6d:38:98:5a:86:ec:c8:
         13:50:6f:4d:b2:42:4d:fe:d2:fd:18:a4:d0:d8:37:f1:24:72:
         a9:05:28:45:72:c5:9c:5f:ab:42:b8:40:2a:a0:52:62:e4:42:
         ce:5c:bb:c9:1e:c7:f6:0f:68:3f:59:c2:15:c5:f7:08:6d:5c:
         f6:66:6b:c2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsbvfA0znskgLf5a0qKEVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjYxYmEzM2MyMjJjYWI4YzEwMTViZGU4YjVhYmI3MTFlZTVlMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiacE+4RVcZJkkNO3jGRUFGzz9Db
WIoJKTssu8J/5qdmqOyT+Yo563XIlmqHeH7KgsMi0wSJ0GITBAM2/6W51ag5X56S
Ix2RYhVSiF7lectlUP/Ch4y/Pc3qsNPLyZmKIL2GIe7dg4U6snR52B768tkrmYu3
CGAAdF2ESw7HCZaAuaPR+x2w6b1N9Gbl+oXwCWZ0gwsGr1d7UQ+wwv28U2cyogdd
ud1L/litDaUrHAl1hIBJT+pMp1pz7xnDmJzmRm7fZ19Of7MVebA1zGfpyK4tyeZ5
SxlWgaHGplqjPe0FJgA0bEjm00AGiVzI7eic4MwBSJZGTm7O8j9nA16LlQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM9hujPCIsq4wQFb3otau3Ee5eE/MB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvejJHNk04SWl5cmpCQVZ2ZWkxcTdjUjdsNFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQA1BVHAwQC
1BVcAwQB1CrsAwQB1CryMA0EAgACMAcDBQMgAQvwMA0GCSqGSIb3DQEBCwUAA4IB
AQB0BxRL4c4sNE8YqsyGrngY+YbpjTnqsy/+/Wcnz/9ycAHNmslZEkvcwMt8nner
dJUbxbeOgPdY0xVwGkGkkjBzgLIlj5s8wlKyngnOUbYjlgOYGd6D3yBlSMz0+g8Y
0MVswcu17h+ekPmrqugwJF6SJciF9UHmS92BT8XGpRBdwcEjLiGI5HzE1cHr1T5U
TPnd/lZ2TE8JJymRg6dCAb42YhO069pLKObf7dpz9bJ186m06WWXB2KS5Ego0iz/
aW04mFqG7MgTUG9NskJN/tL9GKTQ2DfxJHKpBShFcsWcX6tCuEAqoFJi5ELOXLvJ
Hsf2D2g/WcIVxfcIbVz2ZmvC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:46 2024 by rpki-client on console-fra.rpki-client.org