Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/rhzv2zF3oZ5Zx4zpLhfRAvcqaGY.roa
File:                     rhzv2zF3oZ5Zx4zpLhfRAvcqaGY.roa (raw, json)
Hash identifier:          bDOe4jqrJTFVUFoPUIjQAXVNLXW2uX3pKd4s+2Zblrk=
Subject key identifier:   AE:1C:EF:DB:31:77:A1:9E:59:C7:8C:E9:2E:17:D1:02:F7:2A:68:66
Certificate issuer:       /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial:       018F1B6B4925F63EE5AD60FA61C1AF6BEF3D
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/rhzv2zF3oZ5Zx4zpLhfRAvcqaGY.roa
Signing time:             Fri 26 Apr 2024 17:19:26 +0000
ROA not before:           Fri 26 Apr 2024 17:19:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     400866
IP address blocks:        92.114.110.0/24 maxlen: 24
                          94.176.150.0/24 maxlen: 24
                          188.208.108.0/24 maxlen: 24
                          188.208.116.0/24 maxlen: 24
                          188.211.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 26 May 2024 13:19:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:1b:6b:49:25:f6:3e:e5:ad:60:fa:61:c1:af:6b:ef:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
        Validity
            Not Before: Apr 26 17:19:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ae1cefdb3177a19e59c78ce92e17d102f72a6866
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:28:3e:80:fa:07:b0:db:39:44:18:d1:26:77:
                    cb:b6:6c:28:95:00:37:b6:38:12:c4:58:34:14:45:
                    36:10:d7:90:16:05:04:d9:64:70:64:e5:e7:af:e5:
                    98:0d:22:17:6f:44:33:d6:93:b0:db:e6:ab:84:cc:
                    6f:20:f1:2d:72:13:e6:57:46:b9:71:6a:02:13:b9:
                    01:2b:7c:15:bf:33:8d:be:8d:37:33:6c:71:7d:17:
                    ce:50:e1:79:00:f8:3d:e0:37:35:2f:c4:c3:62:a8:
                    80:05:ee:84:47:36:c7:24:f9:e4:49:3f:f6:76:6f:
                    5f:aa:0f:e9:55:71:71:0e:d3:16:5d:74:bf:0e:1a:
                    e0:ca:19:e9:64:0e:82:a3:16:bf:cf:f5:f0:93:fa:
                    58:9d:09:95:47:9f:a0:a0:83:26:b0:b6:d1:e2:7f:
                    97:4e:43:ab:28:06:6e:1b:f2:53:76:90:e4:11:36:
                    99:25:0d:c7:0a:c6:30:75:ea:42:09:cf:e9:64:b9:
                    e3:78:b8:c6:f7:aa:59:44:12:17:da:e3:03:e9:87:
                    3b:c2:6a:21:a6:cc:90:b5:0b:be:4c:83:28:18:f9:
                    fa:81:96:2b:9c:c0:98:9a:f3:5f:6f:b8:f3:ee:c2:
                    04:e5:52:1b:9a:c2:0d:30:63:d9:27:a4:9d:f7:41:
                    bb:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:1C:EF:DB:31:77:A1:9E:59:C7:8C:E9:2E:17:D1:02:F7:2A:68:66
            X509v3 Authority Key Identifier:
                keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/rhzv2zF3oZ5Zx4zpLhfRAvcqaGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.114.110.0/24
                  94.176.150.0/24
                  188.208.108.0/24
                  188.208.116.0/24
                  188.211.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:d9:dd:24:a1:12:f2:cc:9d:6e:a8:68:c1:0f:45:d4:d3:8d:
         55:4d:72:d4:51:88:a3:5b:95:46:0d:ce:35:bb:d8:ed:90:86:
         be:6b:b1:6b:53:e7:3c:27:8a:94:82:47:8e:92:ca:2d:42:80:
         79:d8:d4:4f:b3:6d:b7:1d:28:b2:d9:7d:e4:e9:b2:53:e1:be:
         aa:2e:e7:a6:12:8e:ed:dc:03:2d:61:a4:d6:77:6a:90:ab:ad:
         56:d4:36:a2:a6:35:ac:2b:25:17:57:1c:b5:09:12:54:b6:69:
         32:e1:48:4b:8c:d7:e1:00:d6:3d:60:c3:a4:b0:17:37:80:80:
         d2:2b:92:c5:7a:d3:79:64:aa:97:9e:6a:e5:45:c6:52:1f:9f:
         24:49:6c:51:5c:0a:8a:30:41:83:74:33:65:4f:34:d9:4c:13:
         1a:98:37:fd:29:94:20:5a:55:d4:34:e7:a5:99:8e:08:ed:a3:
         ae:91:70:a0:da:15:11:3c:02:e3:d1:20:6b:6d:07:a7:24:13:
         5e:1f:f2:f2:d5:f0:d8:f9:a8:08:21:15:5e:69:bc:82:21:ae:
         b6:c1:ea:c7:4f:b2:13:84:2e:5c:09:13:8e:b4:c0:68:4a:27:
         d6:fc:8d:ca:00:97:52:9f:f5:46:75:64:32:2a:ad:8d:0c:51:
         a6:46:66:56
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8ba0kl9j7lrWD6YcGva+89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNDI2MTcxOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFjZWZkYjMxNzdhMTllNTljNzhjZTkyZTE3ZDEwMmY3MmE2ODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxig+gPoHsNs5RBjRJnfLtmwolQA3
tjgSxFg0FEU2ENeQFgUE2WRwZOXnr+WYDSIXb0Qz1pOw2+arhMxvIPEtchPmV0a5
cWoCE7kBK3wVvzONvo03M2xxfRfOUOF5APg94Dc1L8TDYqiABe6ERzbHJPnkST/2
dm9fqg/pVXFxDtMWXXS/DhrgyhnpZA6Coxa/z/Xwk/pYnQmVR5+goIMmsLbR4n+X
TkOrKAZuG/JTdpDkETaZJQ3HCsYwdepCCc/pZLnjeLjG96pZRBIX2uMD6Yc7wmoh
psyQtQu+TIMoGPn6gZYrnMCYmvNfb7jz7sIE5VIbmsINMGPZJ6Sd90G7tQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK4c79sxd6GeWceM6S4X0QL3KmhmMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvcmh6djJ6RjNvWjVaeDR6cExoZlJBdmNxYUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXHJuAwQA
XrCWAwQAvNBsAwQAvNB0AwQAvNPqMA0GCSqGSIb3DQEBCwUAA4IBAQCC2d0koRLy
zJ1uqGjBD0XU041VTXLUUYijW5VGDc41u9jtkIa+a7FrU+c8J4qUgkeOksotQoB5
2NRPs223HSiy2X3k6bJT4b6qLuemEo7t3AMtYaTWd2qQq61W1DaipjWsKyUXVxy1
CRJUtmky4UhLjNfhANY9YMOksBc3gIDSK5LFetN5ZKqXnmrlRcZSH58kSWxRXAqK
MEGDdDNlTzTZTBMamDf9KZQgWlXUNOelmY4I7aOukXCg2hURPALj0SBrbQenJBNe
H/Ly1fDY+agIIRVeabyCIa62werHT7IThC5cCROOtMBoSifW/I3KAJdSn/VGdWQy
Kq2NDFGmRmZW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:34 2024 by rpki-client on console-fra.rpki-client.org