Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/zSi0D2EV8A6mPXa8vG0tTSfQCpQ.roa
File:                     zSi0D2EV8A6mPXa8vG0tTSfQCpQ.roa (raw, json)
Hash identifier:          2KwzWNFOvzSf5XY+AT2M+f5y6e83zfgeVuWpu1tBLso=
Subject key identifier:   CD:28:B4:0F:61:15:F0:0E:A6:3D:76:BC:BC:6D:2D:4D:27:D0:0A:94
Certificate issuer:       /CN=739f3ebcd26792b913c1dcb9941996e998f16078
Certificate serial:       01856F79A7116D38A3FEBEDBC5AF71838599
Authority key identifier: 73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/zSi0D2EV8A6mPXa8vG0tTSfQCpQ.roa
Signing time:             Sun 01 Jan 2023 22:35:21 +0000
ROA not before:           Sun 01 Jan 2023 22:35:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35063
IP address blocks:        217.171.48.0/20 maxlen: 24
                          46.29.144.0/21 maxlen: 24
                          85.237.160.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:a7:11:6d:38:a3:fe:be:db:c5:af:71:83:85:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=739f3ebcd26792b913c1dcb9941996e998f16078
        Validity
            Not Before: Jan  1 22:35:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cd28b40f6115f00ea63d76bcbc6d2d4d27d00a94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:56:a5:5e:c8:3f:e0:5b:37:08:8e:4b:52:59:
                    fc:40:48:73:2a:5b:96:74:ec:2f:eb:fc:4f:52:a8:
                    4b:cf:6f:e4:9f:6a:a5:0b:f8:6b:01:92:16:31:81:
                    7a:e5:fc:94:34:b8:cf:bd:d9:0c:f7:17:13:80:ee:
                    4d:68:ac:67:81:e0:c9:2d:34:e1:dc:17:3a:27:6c:
                    52:d8:8c:67:8c:31:bd:e4:2e:31:82:46:7f:61:64:
                    65:60:93:d8:a7:6c:9a:43:77:71:ac:7a:0a:8b:0c:
                    b9:b2:bc:cc:71:69:eb:11:0a:31:e6:ee:cd:05:d6:
                    cd:64:91:23:c2:18:49:53:c5:fc:34:88:28:39:cd:
                    b1:93:37:10:59:b7:6e:32:de:b4:0e:85:04:48:2c:
                    e6:1e:3f:07:84:a5:3b:f9:7a:30:a9:c9:04:64:7e:
                    f2:e8:4c:ad:b1:4e:20:38:9e:e3:a9:27:a3:3e:77:
                    79:e3:30:29:bf:c8:ed:b4:c4:c8:62:a3:38:ab:bb:
                    02:ee:e1:f2:3c:48:ac:90:aa:5b:da:eb:00:d4:42:
                    13:a6:98:26:73:4d:82:f8:a6:48:1a:18:33:74:bf:
                    2c:1d:15:c4:e8:c2:21:0d:b5:cf:f7:a8:26:88:e3:
                    f0:72:f0:75:5c:11:2d:96:be:dd:33:23:a3:3f:d8:
                    a2:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:28:B4:0F:61:15:F0:0E:A6:3D:76:BC:BC:6D:2D:4D:27:D0:0A:94
            X509v3 Authority Key Identifier:
                keyid:73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/zSi0D2EV8A6mPXa8vG0tTSfQCpQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/c58-vNJnkrkTwdy5lBmW6ZjxYHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.29.144.0/21
                  85.237.160.0/19
                  217.171.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         33:49:9a:df:b5:22:63:cd:87:03:c4:fd:50:0c:35:80:97:a6:
         12:14:ef:b5:26:ee:69:e7:40:09:af:27:4f:79:7d:fa:46:0c:
         ab:ea:c6:b8:76:ba:b1:ab:bc:82:67:91:d8:67:71:2f:3f:97:
         26:9c:f4:1a:85:e2:11:52:37:8d:4a:02:93:80:4e:73:9c:03:
         80:8a:27:0f:12:a8:16:44:68:ec:75:b0:71:ef:5b:4f:db:3d:
         0d:96:0c:47:c7:5a:85:d2:56:d7:fb:2c:9a:1d:a6:24:b6:cd:
         02:b2:cc:c9:64:d1:e6:06:70:ae:7c:58:21:8d:35:9b:23:d9:
         a2:5e:8f:92:cb:c2:32:36:64:86:8a:61:86:db:49:ce:4b:68:
         2a:bf:d2:41:0a:8f:8d:6d:91:85:41:41:4a:75:09:66:5a:4c:
         1b:66:7e:59:61:65:a5:ac:ba:ab:30:18:d5:6c:5b:70:37:16:
         2c:4c:f2:43:ab:53:c5:6b:df:aa:2b:47:47:00:ac:25:cc:18:
         e2:a2:99:b1:c4:f8:06:84:20:8e:dc:6b:a8:e5:99:01:d1:b3:
         ea:7d:8d:47:ca:32:00:08:de:68:89:26:33:ba:9c:1e:0d:82:
         17:e9:7a:e5:a8:2e:77:ed:35:1c:d4:f7:46:b4:f2:ba:b2:65:
         a8:22:dd:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVveacRbTij/r7bxa9xg4WZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOWYzZWJjZDI2NzkyYjkxM2MxZGNiOTk0MTk5NmU5OThm
MTYwNzgwHhcNMjMwMTAxMjIzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI4YjQwZjYxMTVmMDBlYTYzZDc2YmNiYzZkMmQ0ZDI3ZDAwYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1alXsg/4Fs3CI5LUln8QEhzKluW
dOwv6/xPUqhLz2/kn2qlC/hrAZIWMYF65fyUNLjPvdkM9xcTgO5NaKxngeDJLTTh
3Bc6J2xS2IxnjDG95C4xgkZ/YWRlYJPYp2yaQ3dxrHoKiwy5srzMcWnrEQox5u7N
BdbNZJEjwhhJU8X8NIgoOc2xkzcQWbduMt60DoUESCzmHj8HhKU7+XowqckEZH7y
6EytsU4gOJ7jqSejPnd54zApv8jttMTIYqM4q7sC7uHyPEiskKpb2usA1EITppgm
c02C+KZIGhgzdL8sHRXE6MIhDbXP96gmiOPwcvB1XBEtlr7dMyOjP9iiswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM0otA9hFfAOpj12vLxtLU0n0AqUMB8GA1UdIwQY
MBaAFHOfPrzSZ5K5E8HcuZQZlumY8WB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzU4LXZOSm5rcmtUd2R5NWxCbVc2Wmp4WUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMmQ5OWUtYTdjMS00M2U4LTkzZjUt
YTExYTk2ZDIxODYxLzEvelNpMEQyRVY4QTZtUFhhOHZHMHRUU2ZRQ3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMmQ5OWUtYTdjMS00M2U4LTkzZjUtYTExYTk2ZDIxODYx
LzEvYzU4LXZOSm5rcmtUd2R5NWxCbVc2Wmp4WUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLh2QAwQF
Ve2gAwQE2aswMA0GCSqGSIb3DQEBCwUAA4IBAQAzSZrftSJjzYcDxP1QDDWAl6YS
FO+1Ju5p50AJrydPeX36Rgyr6sa4drqxq7yCZ5HYZ3EvP5cmnPQaheIRUjeNSgKT
gE5znAOAiicPEqgWRGjsdbBx71tP2z0NlgxHx1qF0lbX+yyaHaYkts0CsszJZNHm
BnCufFghjTWbI9miXo+Sy8IyNmSGimGG20nOS2gqv9JBCo+NbZGFQUFKdQlmWkwb
Zn5ZYWWlrLqrMBjVbFtwNxYsTPJDq1PFa9+qK0dHAKwlzBjiopmxxPgGhCCO3Guo
5ZkB0bPqfY1HyjIACN5oiSYzupweDYIX6XrlqC537TUc1PdGtPK6smWoIt1k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:33 2024 by rpki-client on console-fra.rpki-client.org