Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/zHJ1egD7Fo_dKFD62Ie4LR-ccz0.roa
File:                     zHJ1egD7Fo_dKFD62Ie4LR-ccz0.roa (raw, json)
Hash identifier:          mqIWq7tdFo6PjDfr439pEn82urhhU4wymaUx2m6ls+k=
Subject key identifier:   CC:72:75:7A:00:FB:16:8F:DD:28:50:FA:D8:87:B8:2D:1F:9C:73:3D
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       01856D5D2039CE0BF28E3C30A5FD53EE5721
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/zHJ1egD7Fo_dKFD62Ie4LR-ccz0.roa
Signing time:             Sun 01 Jan 2023 12:44:57 +0000
ROA not before:           Sun 01 Jan 2023 12:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64267
IP address blocks:        188.214.232.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 May 2023 15:34:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:5d:20:39:ce:0b:f2:8e:3c:30:a5:fd:53:ee:57:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Jan  1 12:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cc72757a00fb168fdd2850fad887b82d1f9c733d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c1:89:09:dd:72:c9:cc:c6:5b:a0:7c:9c:22:
                    69:10:a5:0d:5f:48:0d:bd:54:4e:e4:24:b5:89:47:
                    db:ee:7f:14:82:7a:ba:2f:2f:7f:c4:92:c8:2a:e1:
                    10:24:b2:96:5c:42:4d:3c:a5:ab:6e:5a:53:47:6d:
                    23:d6:15:d1:aa:dd:fd:4c:4f:d5:ff:f2:10:b5:14:
                    9b:b7:9c:1f:b7:49:4b:eb:99:42:5c:58:14:a5:99:
                    ac:fc:08:e9:3c:9f:6e:da:39:9a:81:d1:85:6f:73:
                    75:60:13:78:55:9b:a9:e6:cb:d2:a9:86:01:0c:03:
                    a6:ad:a2:5c:24:70:ce:25:d9:61:12:d0:86:61:09:
                    cd:16:41:3f:26:b1:b6:2c:9e:d0:7d:66:2d:9e:b6:
                    94:4e:dd:30:7d:a0:e3:6b:03:cb:90:70:f7:ee:a9:
                    8a:e5:f4:21:f0:d5:a1:e8:a9:78:85:a6:fd:36:1e:
                    ac:dc:ff:b5:d4:ab:07:59:62:1c:3d:e6:96:77:eb:
                    ca:81:eb:04:78:8a:81:17:b6:74:ce:ba:98:e0:2f:
                    89:4e:b3:17:c6:c6:10:20:58:55:4a:03:f9:01:00:
                    57:60:fa:2e:c1:bd:1e:58:64:a7:ab:dd:3f:22:92:
                    1a:fe:22:71:a7:d2:d5:84:d4:67:7f:3d:5f:a6:fe:
                    d4:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:72:75:7A:00:FB:16:8F:DD:28:50:FA:D8:87:B8:2D:1F:9C:73:3D
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/zHJ1egD7Fo_dKFD62Ie4LR-ccz0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         56:ae:a1:a0:a9:cc:32:dc:21:8d:76:a4:f9:f5:37:ab:c6:bc:
         2e:6c:21:69:7f:82:cf:68:f1:bf:00:2f:52:33:24:8e:17:b7:
         a6:84:bc:60:09:da:fc:b8:e0:40:db:ce:da:4b:73:3e:50:66:
         69:b9:d1:70:12:24:49:76:2d:0a:da:d0:fa:f8:fe:b5:f8:29:
         9d:6a:9e:a5:a8:5b:32:1a:d4:db:57:c6:01:ce:10:2d:e3:bb:
         c5:a7:ec:02:c4:6e:50:b6:b5:7b:c9:22:66:ae:3b:d2:6c:8a:
         6f:f7:1e:4b:3b:ce:1e:a2:82:7c:8c:bb:13:f0:d7:55:a9:22:
         84:be:70:a9:53:aa:8b:29:91:77:7c:e2:f1:c1:27:05:5f:56:
         be:84:26:15:9c:3d:97:f2:f1:56:97:8f:28:9b:fc:15:5b:cd:
         6d:57:8e:99:a6:8a:73:47:0d:95:3b:c1:1d:a8:4b:3c:78:86:
         f8:2c:cb:98:33:b5:8c:bd:1c:83:a9:f4:6a:e4:c6:80:0c:1e:
         32:8a:7e:a2:30:6b:7b:e3:9f:83:72:2e:bb:a6:40:cd:de:bf:
         11:e0:eb:7e:3d:5c:2c:58:2b:da:f6:17:d9:f6:fa:b3:b8:78:
         10:99:aa:5d:d6:8a:be:45:13:3d:1e:32:05:31:5e:30:84:05:
         92:a5:5a:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXSA5zgvyjjwwpf1T7lchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMwMTAxMTI0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzcyNzU3YTAwZmIxNjhmZGQyODUwZmFkODg3YjgyZDFmOWM3MzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicGJCd1yyczGW6B8nCJpEKUNX0gN
vVRO5CS1iUfb7n8Ugnq6Ly9/xJLIKuEQJLKWXEJNPKWrblpTR20j1hXRqt39TE/V
//IQtRSbt5wft0lL65lCXFgUpZms/AjpPJ9u2jmagdGFb3N1YBN4VZup5svSqYYB
DAOmraJcJHDOJdlhEtCGYQnNFkE/JrG2LJ7QfWYtnraUTt0wfaDjawPLkHD37qmK
5fQh8NWh6Kl4hab9Nh6s3P+11KsHWWIcPeaWd+vKgesEeIqBF7Z0zrqY4C+JTrMX
xsYQIFhVSgP5AQBXYPouwb0eWGSnq90/IpIa/iJxp9LVhNRnfz1fpv7ULwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxydXoA+xaP3ShQ+tiHuC0fnHM9MB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvekhKMWVnRDdGb19kS0ZENjJJZTRMUi1jY3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNboMA0G
CSqGSIb3DQEBCwUAA4IBAQBWrqGgqcwy3CGNdqT59TerxrwubCFpf4LPaPG/AC9S
MySOF7emhLxgCdr8uOBA287aS3M+UGZpudFwEiRJdi0K2tD6+P61+Cmdap6lqFsy
GtTbV8YBzhAt47vFp+wCxG5QtrV7ySJmrjvSbIpv9x5LO84eooJ8jLsT8NdVqSKE
vnCpU6qLKZF3fOLxwScFX1a+hCYVnD2X8vFWl48om/wVW81tV46ZpopzRw2VO8Ed
qEs8eIb4LMuYM7WMvRyDqfRq5MaADB4yin6iMGt745+Dci67pkDN3r8R4Ot+PVws
WCva9hfZ9vqzuHgQmapd1oq+RRM9HjIFMV4whAWSpVrn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org