Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/AZVFwv05imKM5fa1G57jIPGOPCA.roa
File:                     AZVFwv05imKM5fa1G57jIPGOPCA.roa (raw, json)
Hash identifier:          idREq4pUlwpNOiKYgOIuLQY20qEbxoOQyTuj23inRCM=
Subject key identifier:   01:95:45:C2:FD:39:8A:62:8C:E5:F6:B5:1B:9E:E3:20:F1:8E:3C:20
Certificate issuer:       /CN=65295913c07c226100bd39f1ee2c52ea98aaee14
Certificate serial:       018573683132AF5A1799FC39DDBFAE6637A3
Authority key identifier: 65:29:59:13:C0:7C:22:61:00:BD:39:F1:EE:2C:52:EA:98:AA:EE:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/AZVFwv05imKM5fa1G57jIPGOPCA.roa
Signing time:             Mon 02 Jan 2023 16:54:46 +0000
ROA not before:           Mon 02 Jan 2023 16:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50012
IP address blocks:        193.104.85.0/24 maxlen: 24
                          185.157.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:68:31:32:af:5a:17:99:fc:39:dd:bf:ae:66:37:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65295913c07c226100bd39f1ee2c52ea98aaee14
        Validity
            Not Before: Jan  2 16:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=019545c2fd398a628ce5f6b51b9ee320f18e3c20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a0:69:8b:3d:d9:f8:aa:da:b1:a9:ba:78:03:
                    00:8f:80:72:5b:a7:16:aa:26:71:d6:1d:a5:b8:04:
                    76:ab:b5:64:ea:8b:ba:9c:7b:fa:a2:ea:63:80:1b:
                    d8:8f:6c:95:ec:2c:9d:6e:d7:26:00:b5:b1:7a:4a:
                    73:72:ae:0d:3b:64:a4:4f:29:55:8f:b3:f9:6c:1d:
                    47:94:c1:bf:67:15:85:c4:a3:d5:a1:ac:95:cc:6c:
                    e1:80:22:86:14:31:3d:57:87:71:74:f7:93:c5:2f:
                    c9:ed:29:ea:25:27:67:61:4d:df:ff:51:9e:54:55:
                    61:cc:33:4b:86:c8:c0:32:5c:a7:bc:d4:38:70:b7:
                    e3:3c:7a:4e:94:3e:7c:f2:fb:ec:32:02:10:f3:24:
                    4f:b4:85:8e:4d:a1:83:e3:ed:96:50:55:1c:74:1c:
                    69:d9:22:e1:72:ee:f5:67:68:f2:d6:b0:17:ac:0e:
                    dd:df:ad:e6:88:2e:8d:1b:5c:76:af:78:38:1a:c4:
                    00:dd:f5:eb:ca:81:85:60:cd:af:89:d0:77:4f:18:
                    dd:3e:c8:b3:86:16:af:22:51:4f:0d:34:04:bc:c2:
                    a1:6d:6a:cf:69:a2:73:25:62:dd:42:59:68:22:73:
                    4b:5d:6a:12:51:19:30:12:be:6b:26:50:36:1f:2c:
                    3a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:95:45:C2:FD:39:8A:62:8C:E5:F6:B5:1B:9E:E3:20:F1:8E:3C:20
            X509v3 Authority Key Identifier:
                keyid:65:29:59:13:C0:7C:22:61:00:BD:39:F1:EE:2C:52:EA:98:AA:EE:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/AZVFwv05imKM5fa1G57jIPGOPCA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/50d476-d722-40f2-980f-64236fc36d1d/1/ZSlZE8B8ImEAvTnx7ixS6piq7hQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.121.0/24
                  193.104.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:6c:ef:b4:a3:77:56:d8:d6:3b:53:68:85:b2:31:1f:d5:56:
         e3:79:f6:8f:35:d0:a9:8a:cc:3c:27:32:05:c2:09:3e:e7:da:
         4a:18:1f:ff:a7:d7:6e:ad:7e:97:ac:21:61:b1:8e:48:88:9b:
         20:9c:30:a4:51:2d:a9:ca:59:ae:d5:ae:8e:fe:73:cf:2d:91:
         c6:72:4e:c5:71:51:57:e4:84:26:80:29:d1:7e:07:dd:85:ed:
         c1:a6:a9:f1:ba:f3:43:d7:aa:5c:3b:d0:ac:2f:31:f8:ac:8e:
         73:cb:58:08:4a:4d:1e:67:15:b9:1b:4d:12:95:0d:4f:ee:5f:
         f4:de:6e:fc:5b:cc:54:35:17:b8:9a:08:a7:5f:26:0a:96:d0:
         80:c6:29:73:7c:8f:a2:f3:0c:b9:3e:19:56:d9:77:69:c2:14:
         a5:31:58:92:b3:0c:48:d3:88:f3:b4:56:cd:c9:f6:31:e6:da:
         f0:dc:9e:57:a4:ac:34:89:c6:75:aa:67:43:5f:e3:39:76:fc:
         c3:f9:ee:0c:d6:dd:7c:e5:36:50:52:cf:8e:36:d7:87:e3:09:
         ed:dd:2b:86:25:56:a0:f9:69:55:cc:6e:01:9e:f0:9e:ba:cf:
         b6:10:f9:bd:58:f1:38:68:e2:44:22:3b:d5:2a:68:ca:70:9b:
         d6:29:29:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzaDEyr1oXmfw53b+uZjejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1Mjk1OTEzYzA3YzIyNjEwMGJkMzlmMWVlMmM1MmVhOThh
YWVlMTQwHhcNMjMwMTAyMTY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTk1NDVjMmZkMzk4YTYyOGNlNWY2YjUxYjllZTMyMGYxOGUzYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKBpiz3Z+Krasam6eAMAj4ByW6cW
qiZx1h2luAR2q7Vk6ou6nHv6oupjgBvYj2yV7CydbtcmALWxekpzcq4NO2SkTylV
j7P5bB1HlMG/ZxWFxKPVoayVzGzhgCKGFDE9V4dxdPeTxS/J7SnqJSdnYU3f/1Ge
VFVhzDNLhsjAMlynvNQ4cLfjPHpOlD588vvsMgIQ8yRPtIWOTaGD4+2WUFUcdBxp
2SLhcu71Z2jy1rAXrA7d363miC6NG1x2r3g4GsQA3fXryoGFYM2vidB3TxjdPsiz
hhavIlFPDTQEvMKhbWrPaaJzJWLdQlloInNLXWoSURkwEr5rJlA2Hyw6fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAGVRcL9OYpijOX2tRue4yDxjjwgMB8GA1UdIwQY
MBaAFGUpWRPAfCJhAL058e4sUuqYqu4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNsWkU4QjhJbUVBdlRueDdpeFM2cGlxN2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81MGQ0NzYtZDcyMi00MGYyLTk4MGYt
NjQyMzZmYzM2ZDFkLzEvQVpWRnd2MDVpbUtNNWZhMUc1N2pJUEdPUENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81MGQ0NzYtZDcyMi00MGYyLTk4MGYtNjQyMzZmYzM2ZDFk
LzEvWlNsWkU4QjhJbUVBdlRueDdpeFM2cGlxN2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZ15AwQA
wWhVMA0GCSqGSIb3DQEBCwUAA4IBAQBbbO+0o3dW2NY7U2iFsjEf1VbjefaPNdCp
isw8JzIFwgk+59pKGB//p9durX6XrCFhsY5IiJsgnDCkUS2pylmu1a6O/nPPLZHG
ck7FcVFX5IQmgCnRfgfdhe3BpqnxuvND16pcO9CsLzH4rI5zy1gISk0eZxW5G00S
lQ1P7l/03m78W8xUNRe4mginXyYKltCAxilzfI+i8wy5PhlW2XdpwhSlMViSswxI
04jztFbNyfYx5trw3J5XpKw0icZ1qmdDX+M5dvzD+e4M1t185TZQUs+ONteH4wnt
3SuGJVag+WlVzG4BnvCeus+2EPm9WPE4aOJEIjvVKmjKcJvWKSkK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:06 2024 by rpki-client on console-ams.rpki-client.org