Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/zusl5kx5siSMXaPGT_nX3jNEZKw.roa
File:                     zusl5kx5siSMXaPGT_nX3jNEZKw.roa (raw, json)
Hash identifier:          wf6cO6vckxIQXFYuRJAVxwWvuClVEXfJm1T4Kd7pCRo=
Subject key identifier:   CE:EB:25:E6:4C:79:B2:24:8C:5D:A3:C6:4F:F9:D7:DE:33:44:64:AC
Certificate issuer:       /CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Certificate serial:       018CC8DF0DBBA60A25A7B45B9886324BC960
Authority key identifier: 79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/zusl5kx5siSMXaPGT_nX3jNEZKw.roa
Signing time:             Tue 02 Jan 2024 06:31:50 +0000
ROA not before:           Tue 02 Jan 2024 06:31:50 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16032
IP address blocks:        194.46.136.0/21 maxlen: 21
                          194.46.144.0/22 maxlen: 22
                          194.46.148.0/22 maxlen: 22
                          194.46.156.0/22 maxlen: 22
                          194.46.126.0/23 maxlen: 23
                          194.46.132.0/22 maxlen: 22
                          194.46.128.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 20 Jun 2024 10:12:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:0d:bb:a6:0a:25:a7:b4:5b:98:86:32:4b:c9:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
        Validity
            Not Before: Jan  2 06:31:50 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ceeb25e64c79b2248c5da3c64ff9d7de334464ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4f:1d:0e:c9:79:51:af:6d:b9:92:90:09:91:
                    03:2a:82:47:8b:88:ec:f3:1f:98:2a:b6:0a:04:7a:
                    e2:c8:15:92:0a:5e:79:e9:de:47:bd:81:c8:60:3a:
                    28:e0:e3:22:81:05:4b:a3:5a:c4:72:4d:fb:20:4a:
                    ca:5d:e3:bb:49:f5:6a:bf:36:75:82:fd:ee:ba:44:
                    ec:85:dd:da:c2:e4:73:d8:8f:d4:c7:dd:d1:c3:4b:
                    58:36:f7:53:4d:3e:b1:d7:5f:79:1a:1f:46:9c:43:
                    88:e0:84:56:47:9a:6e:fd:2e:24:df:35:eb:f1:40:
                    7f:15:28:e8:0f:96:d8:e2:f9:44:12:f3:fd:f4:f0:
                    dd:84:92:ef:f1:91:82:2e:5c:f0:83:79:a5:59:be:
                    8d:c5:8f:fa:63:33:91:7d:f5:d3:5e:b2:eb:01:6f:
                    10:42:80:18:35:d7:25:11:4b:8c:dd:62:00:7c:78:
                    91:48:5c:ae:ab:71:f9:ac:eb:30:70:62:eb:9d:76:
                    0f:df:ae:ae:a4:41:ae:60:42:0f:d6:7e:bf:f1:04:
                    b0:ec:c6:31:40:c1:fe:fa:33:da:5b:50:01:b8:e2:
                    70:01:78:a8:ed:f7:ec:a1:2f:17:77:8e:7f:0c:b2:
                    44:14:f6:44:77:38:0e:0a:ff:ae:9a:d4:be:d8:fb:
                    b6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:EB:25:E6:4C:79:B2:24:8C:5D:A3:C6:4F:F9:D7:DE:33:44:64:AC
            X509v3 Authority Key Identifier:
                keyid:79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/zusl5kx5siSMXaPGT_nX3jNEZKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.46.126.0-194.46.151.255
                  194.46.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:ce:d5:50:0c:69:34:7b:1f:1e:ea:44:3a:a1:6c:a0:90:d9:
         6e:48:4e:bf:67:a3:73:fc:d8:5c:99:0e:04:52:1c:2c:aa:ae:
         a7:a8:96:a4:bf:59:b2:3c:2a:0d:2b:77:3b:60:bc:6e:9b:07:
         d1:21:ba:22:bb:47:ad:98:0b:45:e2:11:21:2b:65:fa:75:48:
         1b:4a:5c:7d:8d:10:bb:f9:b1:fe:ad:fe:c8:32:f7:4e:77:94:
         e8:84:96:6c:1e:10:bc:1f:01:c0:69:59:e3:84:6d:5a:55:0b:
         54:6a:a7:2d:6d:6e:88:6c:c6:7f:38:24:ce:6f:a4:28:4c:4c:
         b0:bd:30:c6:06:9c:d7:db:32:58:0d:27:4a:0c:e8:f1:a9:25:
         26:8c:f1:32:cd:3b:8a:27:16:c8:75:c7:87:80:4b:76:40:6d:
         c6:30:d9:72:75:63:d6:81:cc:51:6f:11:13:4b:64:a1:48:4d:
         ee:dc:79:05:e4:90:71:73:29:38:c4:14:09:c6:ab:0d:9d:dd:
         65:c5:07:2a:2f:86:cf:1f:83:eb:90:47:f7:52:2e:0b:ae:fd:
         e4:50:af:49:22:a8:f5:a9:9c:6c:0f:82:40:ec:b5:1a:e0:5d:
         ce:af:3c:36:41:3b:74:4e:83:bc:af:15:29:6e:b2:af:ef:0c:
         8c:b0:24:3e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzI3w27pgolp7RbmIYyS8lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5N2E0OGNjMTNlMjAwZTJkM2YzOGFmODMzMThkMWJjYWY2
ZjYzMzEwHhcNMjQwMTAyMDYzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWViMjVlNjRjNzliMjI0OGM1ZGEzYzY0ZmY5ZDdkZTMzNDQ2NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA108dDsl5Ua9tuZKQCZEDKoJHi4js
8x+YKrYKBHriyBWSCl556d5HvYHIYDoo4OMigQVLo1rEck37IErKXeO7SfVqvzZ1
gv3uukTshd3awuRz2I/Ux93Rw0tYNvdTTT6x1195Gh9GnEOI4IRWR5pu/S4k3zXr
8UB/FSjoD5bY4vlEEvP99PDdhJLv8ZGCLlzwg3mlWb6NxY/6YzORffXTXrLrAW8Q
QoAYNdclEUuM3WIAfHiRSFyuq3H5rOswcGLrnXYP366upEGuYEIP1n6/8QSw7MYx
QMH++jPaW1ABuOJwAXio7ffsoS8Xd45/DLJEFPZEdzgOCv+umtS+2Pu23wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFM7rJeZMebIkjF2jxk/5194zRGSsMB8GA1UdIwQY
MBaAFHl6SMwT4gDi0/OK+DMY0byvb2MxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEt
N2Q3ZjRiNjM0ODQ5LzEvenVzbDVreDVzaVNNWGFQR1Rfblgzak5FWkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEtN2Q3ZjRiNjM0ODQ5
LzEvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAHCLn4D
BAPCLpADBALCLpwwDQYJKoZIhvcNAQELBQADggEBAIPO1VAMaTR7Hx7qRDqhbKCQ
2W5ITr9no3P82FyZDgRSHCyqrqeolqS/WbI8Kg0rdztgvG6bB9EhuiK7R62YC0Xi
ESErZfp1SBtKXH2NELv5sf6t/sgy9053lOiElmweELwfAcBpWeOEbVpVC1Rqpy1t
bohsxn84JM5vpChMTLC9MMYGnNfbMlgNJ0oM6PGpJSaM8TLNO4onFsh1x4eAS3ZA
bcYw2XJ1Y9aBzFFvERNLZKFITe7ceQXkkHFzKTjEFAnGqw2d3WXFByovhs8fg+uQ
R/dSLguu/eRQr0kiqPWpnGwPgkDstRrgXc6vPDZBO3ROg7yvFSlusq/vDIywJD4=
-----END CERTIFICATE-----
Generated at Thu Jun 20 12:35:50 2024 by rpki-client on console-fra.rpki-client.org