Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ZKw3nFeAXFgtZ15KoOtLDNx-liA.roa
File:                     ZKw3nFeAXFgtZ15KoOtLDNx-liA.roa (raw, json)
Hash identifier:          eO5d32XD9zqwrebmTeS8VkI3w9OHtesExjZmvCuNpIk=
Subject key identifier:   64:AC:37:9C:57:80:5C:58:2D:67:5E:4A:A0:EB:4B:0C:DC:7E:96:20
Certificate issuer:       /CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Certificate serial:       018BF6AF640D15A20A603D7A20147B275415
Authority key identifier: 20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ZKw3nFeAXFgtZ15KoOtLDNx-liA.roa
Signing time:             Wed 22 Nov 2023 10:59:31 +0000
ROA not before:           Wed 22 Nov 2023 10:59:31 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205019
IP address blocks:        185.70.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f6:af:64:0d:15:a2:0a:60:3d:7a:20:14:7b:27:54:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
        Validity
            Not Before: Nov 22 10:59:31 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64ac379c57805c582d675e4aa0eb4b0cdc7e9620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:7c:bd:a2:bd:9d:48:d2:2f:da:81:8a:3d:a8:
                    fb:d5:e4:c5:63:f1:5d:ab:04:bf:9f:b8:86:91:82:
                    0f:e6:8b:86:d3:66:9e:cb:39:39:e8:0f:b2:fb:45:
                    40:76:57:68:99:d5:b3:6a:11:4e:56:61:5a:54:dd:
                    42:78:82:0e:63:73:c0:cf:f6:07:fe:65:ce:56:96:
                    98:4c:65:9b:fb:63:af:b9:ec:50:62:57:df:4b:5d:
                    ca:f9:e0:3d:5d:31:59:67:cf:90:37:59:4f:ff:95:
                    aa:37:36:ca:7b:ce:87:96:97:78:73:e7:40:36:1a:
                    bd:04:5b:7c:5e:03:b0:94:41:31:ff:27:3d:5f:64:
                    eb:fd:1d:da:ca:81:aa:e6:51:7c:44:d5:76:dc:3c:
                    c7:e1:c4:ae:4d:98:f7:af:7d:2a:21:cf:a0:98:07:
                    d5:e3:54:cb:de:9c:98:d1:26:16:ce:97:c2:7c:47:
                    b5:ef:78:da:ca:4f:ff:ee:25:04:74:b1:e4:52:bc:
                    5b:4d:19:ce:9f:39:a9:69:28:78:43:3c:ba:f7:eb:
                    a7:ee:8b:93:10:0d:69:6f:98:9e:c4:a4:82:1a:d5:
                    1b:4e:6e:8a:d3:7a:4a:29:bf:9f:36:07:16:b4:f4:
                    fb:ae:40:5e:72:50:d5:3b:c7:ae:96:ab:49:04:f8:
                    f2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:AC:37:9C:57:80:5C:58:2D:67:5E:4A:A0:EB:4B:0C:DC:7E:96:20
            X509v3 Authority Key Identifier:
                keyid:20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ZKw3nFeAXFgtZ15KoOtLDNx-liA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.70.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:ea:eb:b8:a0:63:1d:80:98:5e:3c:12:f8:24:5c:da:32:9b:
         b8:5d:11:aa:7a:be:4a:6d:02:19:28:cd:b6:cd:5d:5d:c6:41:
         cc:75:f8:9a:18:78:b0:2a:8f:39:3e:4f:c1:8a:5c:2b:fd:22:
         3f:21:19:9e:64:27:20:59:5c:ca:14:0a:37:80:a0:27:70:2c:
         28:63:02:a3:96:07:88:97:24:d3:82:04:8f:54:74:18:fe:6b:
         a4:88:4c:8d:ae:26:62:f0:cc:8d:f0:2e:31:78:cb:59:cd:00:
         1d:a4:2c:62:43:38:58:21:c4:7d:82:d0:8d:64:88:c3:fb:ac:
         f5:b3:7c:61:9c:1f:81:ac:52:df:35:46:98:76:27:74:d7:d5:
         3d:b8:3f:04:e6:7b:ba:2e:7e:14:42:2e:5c:6a:bb:63:47:85:
         eb:a4:9e:a8:22:49:1a:98:58:49:69:a5:f0:1e:9c:95:49:f8:
         a0:63:26:4e:31:57:19:20:71:91:79:2b:b0:0b:46:75:d9:7a:
         bc:01:82:ce:92:f0:b9:f9:d8:cf:48:67:a8:5b:f6:2b:41:e7:
         85:f4:5f:22:8d:d2:b5:30:ca:c1:0f:75:9a:9f:d8:64:18:d2:
         0e:09:59:57:0e:ee:ca:4d:22:26:9d:52:b2:c1:06:7f:9a:f6:
         48:36:85:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv2r2QNFaIKYD16IBR7J1QVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjUxMDBlNzk4ZmFiNzU3N2JmNzI1YWM5NTY5ZWE4MGU2
YzJhMDQwHhcNMjMxMTIyMTA1OTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGFjMzc5YzU3ODA1YzU4MmQ2NzVlNGFhMGViNGIwY2RjN2U5NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3y9or2dSNIv2oGKPaj71eTFY/Fd
qwS/n7iGkYIP5ouG02aeyzk56A+y+0VAdldomdWzahFOVmFaVN1CeIIOY3PAz/YH
/mXOVpaYTGWb+2OvuexQYlffS13K+eA9XTFZZ8+QN1lP/5WqNzbKe86Hlpd4c+dA
Nhq9BFt8XgOwlEEx/yc9X2Tr/R3ayoGq5lF8RNV23DzH4cSuTZj3r30qIc+gmAfV
41TL3pyY0SYWzpfCfEe173jayk//7iUEdLHkUrxbTRnOnzmpaSh4Qzy69+un7ouT
EA1pb5iexKSCGtUbTm6K03pKKb+fNgcWtPT7rkBeclDVO8eulqtJBPjySwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSsN5xXgFxYLWdeSqDrSwzcfpYgMB8GA1UdIwQY
MBaAFCC1EA55j6t1d79yWslWnqgObCoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQt
ODAzNzk2NTY5M2EyLzEvWkt3M25GZUFYRmd0WjE1S29PdExETngtbGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQtODAzNzk2NTY5M2Ey
LzEvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUZkMA0G
CSqGSIb3DQEBCwUAA4IBAQCY6uu4oGMdgJhePBL4JFzaMpu4XRGqer5KbQIZKM22
zV1dxkHMdfiaGHiwKo85Pk/Bilwr/SI/IRmeZCcgWVzKFAo3gKAncCwoYwKjlgeI
lyTTggSPVHQY/mukiEyNriZi8MyN8C4xeMtZzQAdpCxiQzhYIcR9gtCNZIjD+6z1
s3xhnB+BrFLfNUaYdid019U9uD8E5nu6Ln4UQi5cartjR4XrpJ6oIkkamFhJaaXw
HpyVSfigYyZOMVcZIHGReSuwC0Z12Xq8AYLOkvC5+djPSGeoW/YrQeeF9F8ijdK1
MMrBD3Wan9hkGNIOCVlXDu7KTSImnVKywQZ/mvZINoU3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:54 2024 by rpki-client on console-fra.rpki-client.org