Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ZWbKoJLJllthP3sToyWoNYiKCM0.roa
File:                     ZWbKoJLJllthP3sToyWoNYiKCM0.roa (raw, json)
Hash identifier:          KDwUhNw7Z3KtiYvCtC5bKBVM+thEKte690fJe5TVBtE=
Subject key identifier:   65:66:CA:A0:92:C9:96:5B:61:3F:7B:13:A3:25:A8:35:88:8A:08:CD
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       018570671C346562EA7291E408F7DF9255F4
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ZWbKoJLJllthP3sToyWoNYiKCM0.roa
Signing time:             Mon 02 Jan 2023 02:54:43 +0000
ROA not before:           Mon 02 Jan 2023 02:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44090
IP address blocks:        185.169.20.0/23 maxlen: 23
                          185.169.22.0/23 maxlen: 23
                          5.202.102.0/24 maxlen: 24
                          185.169.39.0/24 maxlen: 24
                          5.202.72.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:1c:34:65:62:ea:72:91:e4:08:f7:df:92:55:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  2 02:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6566caa092c9965b613f7b13a325a835888a08cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:6f:2c:6b:00:30:74:e8:f9:6b:67:99:7d:66:
                    1f:d5:24:37:cb:7a:b9:28:4e:a2:c1:bc:c3:cb:81:
                    a9:41:bf:4e:eb:8f:25:4a:50:0b:3e:fc:bd:05:1e:
                    5d:af:49:6c:eb:4c:b1:55:25:25:55:07:10:b3:42:
                    3c:6d:5e:50:3e:8f:51:84:f9:21:8a:df:f8:6f:78:
                    3c:6a:44:b9:a4:61:ae:87:de:d4:3c:43:24:e3:ee:
                    27:53:1d:2c:7b:1c:e7:6d:c7:50:e5:5f:33:c7:6e:
                    28:dd:bc:f9:ef:8c:84:ea:b5:13:cf:dc:0f:eb:ea:
                    14:b2:d7:af:7c:72:bb:1f:0b:94:aa:b5:45:89:b1:
                    8d:20:bc:17:5f:93:9e:5e:0f:6d:f4:50:5e:9a:48:
                    f8:3b:be:89:41:96:33:a6:a2:b0:45:a9:5b:d0:74:
                    aa:5b:5a:5f:b2:fa:0e:60:50:1b:b2:44:4f:cb:d5:
                    e7:ee:94:9d:53:0c:c0:c5:3b:cd:7a:f1:00:79:dd:
                    26:77:7d:43:ca:9e:3f:ba:38:5a:6e:88:0e:b7:8e:
                    ab:d9:2e:8d:34:89:51:e6:d5:62:1f:88:34:1d:cf:
                    50:46:80:83:9b:cd:a4:de:28:78:15:86:57:65:11:
                    01:65:59:ed:c1:0d:b4:de:c9:da:93:7c:b0:aa:7d:
                    a7:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:66:CA:A0:92:C9:96:5B:61:3F:7B:13:A3:25:A8:35:88:8A:08:CD
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ZWbKoJLJllthP3sToyWoNYiKCM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.202.72.0/22
                  5.202.102.0/24
                  185.169.20.0/22
                  185.169.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:da:a6:f4:0b:df:e7:3d:21:9e:78:71:92:43:88:d2:d2:66:
         c9:9e:d3:13:79:a0:ba:cd:dc:2c:05:c9:0e:41:8c:81:18:8e:
         66:3b:4a:40:8e:83:4a:5a:d4:75:09:39:95:d0:60:9e:50:da:
         59:c5:34:65:80:3e:bd:27:bd:62:e7:72:fd:18:96:9e:2b:b0:
         25:e7:bb:53:7b:a8:3d:06:e7:d3:5b:50:8c:44:9c:74:b3:ff:
         42:a5:0c:f9:b5:82:d5:a2:ef:b9:d9:75:a6:9e:99:8b:71:f0:
         ef:de:2c:d0:94:05:67:3e:0c:3a:6b:58:79:86:22:23:f4:d7:
         5e:c2:38:a9:a0:0c:17:08:e1:e5:72:31:96:84:a1:f0:e3:e4:
         7e:10:3c:ca:2c:49:4c:a9:b0:1c:7a:c9:0a:c0:ad:97:27:aa:
         ca:b7:d1:46:5d:7e:7a:3a:ed:33:52:c0:d9:33:ad:51:2d:01:
         77:09:8f:7a:51:09:d6:79:4f:54:42:7f:49:0c:43:7f:74:3d:
         ce:3c:27:2f:69:29:6c:af:4f:cd:cb:90:9a:65:2d:4a:72:71:
         81:15:67:8b:5e:30:4a:f3:fd:2e:34:4a:ba:bb:68:9a:17:c0:
         e1:4f:7c:0d:88:c0:1c:b9:f2:e9:15:b2:13:aa:32:eb:b0:a0:
         a0:42:57:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwZxw0ZWLqcpHkCPffklX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTY2Y2FhMDkyYzk5NjViNjEzZjdiMTNhMzI1YTgzNTg4OGEwOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG8sawAwdOj5a2eZfWYf1SQ3y3q5
KE6iwbzDy4GpQb9O648lSlALPvy9BR5dr0ls60yxVSUlVQcQs0I8bV5QPo9RhPkh
it/4b3g8akS5pGGuh97UPEMk4+4nUx0sexznbcdQ5V8zx24o3bz574yE6rUTz9wP
6+oUstevfHK7HwuUqrVFibGNILwXX5OeXg9t9FBemkj4O76JQZYzpqKwRalb0HSq
W1pfsvoOYFAbskRPy9Xn7pSdUwzAxTvNevEAed0md31Dyp4/ujhabogOt46r2S6N
NIlR5tViH4g0Hc9QRoCDm82k3ih4FYZXZREBZVntwQ203snak3ywqn2nXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGVmyqCSyZZbYT97E6MlqDWIigjNMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvWldiS29KTEpsbHRoUDNzVG95V29OWWlLQ00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBcpIAwQA
BcpmAwQCuakUAwQAuaknMA0GCSqGSIb3DQEBCwUAA4IBAQCl2qb0C9/nPSGeeHGS
Q4jS0mbJntMTeaC6zdwsBckOQYyBGI5mO0pAjoNKWtR1CTmV0GCeUNpZxTRlgD69
J71i53L9GJaeK7Al57tTe6g9BufTW1CMRJx0s/9CpQz5tYLVou+52XWmnpmLcfDv
3izQlAVnPgw6a1h5hiIj9NdewjipoAwXCOHlcjGWhKHw4+R+EDzKLElMqbAceskK
wK2XJ6rKt9FGXX56Ou0zUsDZM61RLQF3CY96UQnWeU9UQn9JDEN/dD3OPCcvaSls
r0/Ny5CaZS1KcnGBFWeLXjBK8/0uNEq6u2iaF8DhT3wNiMAcufLpFbITqjLrsKCg
QlfL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org