Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Z2bp-vYYU8qVjCglpmqV-Kq-zRg.roa
File:                     Z2bp-vYYU8qVjCglpmqV-Kq-zRg.roa (raw, json)
Hash identifier:          zNaaHJEqSLxQxadgD8YRNpREAKzY9R13AWlQT2ZGWeM=
Subject key identifier:   67:66:E9:FA:F6:18:53:CA:95:8C:28:25:A6:6A:95:F8:AA:BE:CD:18
Certificate issuer:       /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial:       018571FA2E9D806EA764DF58D58521065502
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Z2bp-vYYU8qVjCglpmqV-Kq-zRg.roa
Signing time:             Mon 02 Jan 2023 10:14:59 +0000
ROA not before:           Mon 02 Jan 2023 10:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33915
IP address blocks:        145.46.255.0/24 maxlen: 24
                          145.46.191.0/24 maxlen: 24
                          145.46.192.0/18 maxlen: 18
                          145.46.128.0/18 maxlen: 18

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:2e:9d:80:6e:a7:64:df:58:d5:85:21:06:55:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
        Validity
            Not Before: Jan  2 10:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6766e9faf61853ca958c2825a66a95f8aabecd18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:01:fb:89:c0:31:8c:21:7a:24:ae:18:11:35:
                    1f:88:af:5b:ce:7d:33:92:0d:ea:df:f6:04:ab:ef:
                    a7:38:58:01:85:56:24:ed:76:27:cf:82:87:4d:2a:
                    84:12:6f:d3:e4:3b:42:42:4b:d8:f0:78:80:f4:c7:
                    2c:e4:ad:d3:d8:5a:a7:ea:2a:32:d1:ba:c4:be:8d:
                    69:c4:b2:60:13:e0:cc:fb:7e:99:77:09:8b:92:c4:
                    23:20:fa:af:75:86:d6:8a:b1:d7:26:b8:99:38:ea:
                    6c:b1:78:ca:eb:5a:d6:44:ef:2b:44:68:53:d8:ea:
                    06:59:2a:0e:aa:bb:91:2d:6d:ec:2a:32:17:e4:bf:
                    c9:02:a5:fd:af:37:ee:dc:24:a8:0a:77:8f:f5:d6:
                    c8:d4:de:95:33:4e:77:86:ed:41:5b:70:6e:c8:bb:
                    11:96:97:f5:84:f2:68:7d:83:cc:d6:0a:f3:e2:cd:
                    e5:d3:fe:62:42:8d:67:62:11:da:1d:26:20:35:a2:
                    5c:2d:7c:ca:cc:d1:c8:70:31:cf:ec:22:ca:a0:02:
                    d7:0a:68:1e:a6:0a:b2:b2:c4:28:c7:47:87:9c:d0:
                    a6:7a:fc:f0:95:9d:3b:9b:e7:09:93:69:70:22:51:
                    99:35:5a:30:69:d6:b7:65:b6:4d:b2:65:99:4d:98:
                    2b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:66:E9:FA:F6:18:53:CA:95:8C:28:25:A6:6A:95:F8:AA:BE:CD:18
            X509v3 Authority Key Identifier:
                keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Z2bp-vYYU8qVjCglpmqV-Kq-zRg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.46.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         58:16:de:7b:c8:81:db:1d:7c:53:35:79:e7:b0:1d:6b:0c:9e:
         da:ff:2e:7c:b3:9f:9f:84:88:1d:d0:c5:a3:79:39:13:c6:92:
         ee:cd:5e:ed:df:6a:0b:cd:9a:dc:09:ff:78:da:62:09:32:9c:
         ca:39:13:e2:e2:f5:67:06:cc:e3:6a:d8:33:23:5b:07:a0:8b:
         77:be:c3:a3:87:d5:bf:47:97:60:e6:85:59:fc:ef:81:fe:0d:
         35:ea:d8:62:81:63:01:a0:95:04:69:aa:4f:84:dd:49:c3:e8:
         1e:06:9c:3c:9c:e7:16:a1:b2:46:05:2c:48:2c:10:c2:48:77:
         56:08:f7:30:81:d7:0d:c3:d7:32:84:4c:4b:f0:b1:69:62:11:
         ba:ce:c1:13:0f:a4:d3:88:d0:c2:50:a5:41:dc:d0:54:8e:f8:
         2e:2e:b7:be:c4:33:ba:3d:8d:6b:16:3b:07:dc:49:e3:93:e0:
         9b:c1:b4:ba:6d:25:24:e6:9f:80:e1:a6:57:d3:b0:d5:ee:1e:
         eb:d9:19:b4:79:5e:5b:47:7a:b7:6e:63:24:3e:dd:9a:f6:e4:
         c3:01:26:b4:68:4b:a7:7b:fb:69:14:1c:09:d2:69:67:c8:41:
         d7:a4:5b:a2:e4:d5:d8:17:17:36:c7:f1:ec:b5:1c:f0:4e:60:
         56:96:25:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+i6dgG6nZN9Y1YUhBlUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjMwMTAyMTAxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzY2ZTlmYWY2MTg1M2NhOTU4YzI4MjVhNjZhOTVmOGFhYmVjZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAH7icAxjCF6JK4YETUfiK9bzn0z
kg3q3/YEq++nOFgBhVYk7XYnz4KHTSqEEm/T5DtCQkvY8HiA9Mcs5K3T2Fqn6ioy
0brEvo1pxLJgE+DM+36ZdwmLksQjIPqvdYbWirHXJriZOOpssXjK61rWRO8rRGhT
2OoGWSoOqruRLW3sKjIX5L/JAqX9rzfu3CSoCneP9dbI1N6VM053hu1BW3BuyLsR
lpf1hPJofYPM1grz4s3l0/5iQo1nYhHaHSYgNaJcLXzKzNHIcDHP7CLKoALXCmge
pgqyssQox0eHnNCmevzwlZ07m+cJk2lwIlGZNVowada3ZbZNsmWZTZgrEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdm6fr2GFPKlYwoJaZqlfiqvs0YMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvWjJicC12WVlVOHFWakNnbHBtcVYtS3EtelJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHkS6AMA0G
CSqGSIb3DQEBCwUAA4IBAQBYFt57yIHbHXxTNXnnsB1rDJ7a/y58s5+fhIgd0MWj
eTkTxpLuzV7t32oLzZrcCf942mIJMpzKORPi4vVnBszjatgzI1sHoIt3vsOjh9W/
R5dg5oVZ/O+B/g016thigWMBoJUEaapPhN1Jw+geBpw8nOcWobJGBSxILBDCSHdW
CPcwgdcNw9cyhExL8LFpYhG6zsETD6TTiNDCUKVB3NBUjvguLre+xDO6PY1rFjsH
3Enjk+CbwbS6bSUk5p+A4aZX07DV7h7r2Rm0eV5bR3q3bmMkPt2a9uTDASa0aEun
e/tpFBwJ0mlnyEHXpFui5NXYFxc2x/HstRzwTmBWliVM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:20 2024 by rpki-client on console-ams.rpki-client.org