Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/lZgdDnaL05rsEOhaL2rerKdmFko.roa
File:                     lZgdDnaL05rsEOhaL2rerKdmFko.roa (raw, json)
Hash identifier:          /E8gNidYXFTYBrw9VH0V22/jLCmzc3/sGuU4pWqTpVE=
Subject key identifier:   95:98:1D:0E:76:8B:D3:9A:EC:10:E8:5A:2F:6A:DE:AC:A7:66:16:4A
Certificate issuer:       /CN=63082d6d3a1dc501795737537ca74d27a80265a2
Certificate serial:       018C162E4B3C6515694949AA5F5D36985C10
Authority key identifier: 63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/lZgdDnaL05rsEOhaL2rerKdmFko.roa
Signing time:             Tue 28 Nov 2023 13:46:21 +0000
ROA not before:           Tue 28 Nov 2023 13:46:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62205
IP address blocks:        185.44.164.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Dec 2023 16:14:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:16:2e:4b:3c:65:15:69:49:49:aa:5f:5d:36:98:5c:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63082d6d3a1dc501795737537ca74d27a80265a2
        Validity
            Not Before: Nov 28 13:46:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95981d0e768bd39aec10e85a2f6adeaca766164a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:5a:f2:f4:a4:80:73:35:83:49:b6:20:44:c6:
                    82:a1:05:18:3a:01:45:07:3c:98:22:0b:87:75:01:
                    b4:60:09:45:ad:04:43:94:61:f9:32:c1:40:0d:65:
                    93:21:aa:c2:4f:bb:a8:05:43:ce:e2:ef:79:e5:b6:
                    f0:2d:54:33:1b:92:d3:1d:cf:f4:ba:b5:d9:55:01:
                    27:2f:bb:68:11:ee:d5:f8:33:2f:e1:84:df:f2:30:
                    c6:ad:2a:34:e3:16:82:f7:8d:b5:af:29:f6:be:12:
                    75:38:71:09:a9:e0:1e:22:59:85:21:7e:96:10:78:
                    46:5a:11:56:bb:a0:6e:3f:d9:5c:8e:39:64:08:55:
                    37:02:12:7f:34:cc:bd:46:0e:2e:64:9f:10:5d:b7:
                    2b:57:6b:df:aa:d6:9b:db:18:0f:57:01:71:30:d4:
                    6a:8c:71:a1:9c:23:89:f0:79:f1:6b:f1:6a:01:df:
                    f1:e0:9e:53:de:83:56:ae:ef:2c:1a:07:3c:35:3b:
                    68:f6:82:a0:31:cf:cf:b2:da:85:02:46:66:6d:e1:
                    22:9f:ba:f3:fa:f6:87:87:3c:76:db:70:4a:9c:a2:
                    59:eb:e4:2f:87:22:72:a7:53:a5:e8:91:d2:60:eb:
                    3d:86:8e:c3:86:2a:6f:dc:b8:8e:3a:9a:69:33:65:
                    0a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:98:1D:0E:76:8B:D3:9A:EC:10:E8:5A:2F:6A:DE:AC:A7:66:16:4A
            X509v3 Authority Key Identifier:
                keyid:63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/lZgdDnaL05rsEOhaL2rerKdmFko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/YwgtbTodxQF5VzdTfKdNJ6gCZaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.44.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7b:b9:d4:c6:b0:33:4d:0a:f6:c7:7f:69:78:19:7f:4d:9c:34:
         f9:62:36:f8:49:ed:94:bb:33:3a:f0:8d:e9:57:84:93:fc:2e:
         6b:4a:60:ac:66:1c:db:d0:94:3d:e6:c7:20:fe:e6:15:5f:54:
         07:19:d7:41:32:17:2d:ca:6a:99:21:7e:5e:10:91:f5:2a:fd:
         93:f5:9d:f5:eb:7b:9b:c1:3c:ce:50:7c:56:79:18:55:98:46:
         b7:74:db:25:07:8f:c2:61:a2:2a:20:9e:8d:ce:39:2d:27:30:
         11:b6:6c:d9:e3:91:05:e5:21:3e:99:6c:01:93:3c:ca:50:80:
         52:34:cb:93:18:1c:ac:c9:a5:56:7a:13:19:9f:f6:d8:5a:46:
         4d:3d:a6:18:e1:22:f8:41:78:bd:57:9b:3a:9c:a3:ad:6f:ed:
         29:34:69:40:c9:ea:9f:bd:30:07:f6:71:ca:df:0c:2d:77:a3:
         56:a9:a1:8e:d7:0b:2a:aa:ce:81:fb:3a:00:59:14:1f:76:96:
         4b:c2:22:d1:45:b1:71:c7:78:65:71:1b:e0:31:42:52:d8:45:
         49:a0:3e:bb:56:85:f6:0b:7b:3a:63:d4:85:37:c5:3c:9a:31:
         35:3b:8c:92:bd:dd:6b:81:4e:60:4f:95:b4:ea:53:50:1a:f6:
         ce:f5:2c:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwWLks8ZRVpSUmqX102mFwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDgyZDZkM2ExZGM1MDE3OTU3Mzc1MzdjYTc0ZDI3YTgw
MjY1YTIwHhcNMjMxMTI4MTM0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk4MWQwZTc2OGJkMzlhZWMxMGU4NWEyZjZhZGVhY2E3NjYxNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51ry9KSAczWDSbYgRMaCoQUYOgFF
BzyYIguHdQG0YAlFrQRDlGH5MsFADWWTIarCT7uoBUPO4u955bbwLVQzG5LTHc/0
urXZVQEnL7toEe7V+DMv4YTf8jDGrSo04xaC9421ryn2vhJ1OHEJqeAeIlmFIX6W
EHhGWhFWu6BuP9lcjjlkCFU3AhJ/NMy9Rg4uZJ8QXbcrV2vfqtab2xgPVwFxMNRq
jHGhnCOJ8Hnxa/FqAd/x4J5T3oNWru8sGgc8NTto9oKgMc/PstqFAkZmbeEin7rz
+vaHhzx223BKnKJZ6+QvhyJyp1Ol6JHSYOs9ho7Dhipv3LiOOpppM2UKBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWYHQ52i9Oa7BDoWi9q3qynZhZKMB8GA1UdIwQY
MBaAFGMILW06HcUBeVc3U3ynTSeoAmWiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMt
YzE4YWQzNmE3YjMwLzEvbFpnZERuYUwwNXJzRU9oYUwycmVyS2RtRmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMtYzE4YWQzNmE3YjMw
LzEvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSykMA0G
CSqGSIb3DQEBCwUAA4IBAQB7udTGsDNNCvbHf2l4GX9NnDT5Yjb4Se2UuzM68I3p
V4ST/C5rSmCsZhzb0JQ95scg/uYVX1QHGddBMhctymqZIX5eEJH1Kv2T9Z3163ub
wTzOUHxWeRhVmEa3dNslB4/CYaIqIJ6NzjktJzARtmzZ45EF5SE+mWwBkzzKUIBS
NMuTGBysyaVWehMZn/bYWkZNPaYY4SL4QXi9V5s6nKOtb+0pNGlAyeqfvTAH9nHK
3wwtd6NWqaGO1wsqqs6B+zoAWRQfdpZLwiLRRbFxx3hlcRvgMUJS2EVJoD67VoX2
C3s6Y9SFN8U8mjE1O4ySvd1rgU5gT5W06lNQGvbO9Szo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org