Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/ZhbrRec4GF_ZkDNWzk6KrW7M3wg.roa
File:                     ZhbrRec4GF_ZkDNWzk6KrW7M3wg.roa (raw, json)
Hash identifier:          kY9G2rMZXQirwzuUPHSywnTEGYP29QLntBsJhCs0ixE=
Subject key identifier:   66:16:EB:45:E7:38:18:5F:D9:90:33:56:CE:4E:8A:AD:6E:CC:DF:08
Certificate issuer:       /CN=a5c6373eab19cf43dd2f43111398383ee2bad030
Certificate serial:       018C6D440FFA3105D4BE7A2251F4F1F0BA2A
Authority key identifier: A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/ZhbrRec4GF_ZkDNWzk6KrW7M3wg.roa
Signing time:             Fri 15 Dec 2023 11:37:06 +0000
ROA not before:           Fri 15 Dec 2023 11:37:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24768
IP address blocks:        185.228.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6d:44:0f:fa:31:05:d4:be:7a:22:51:f4:f1:f0:ba:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c6373eab19cf43dd2f43111398383ee2bad030
        Validity
            Not Before: Dec 15 11:37:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6616eb45e738185fd9903356ce4e8aad6eccdf08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:d9:17:68:07:2d:12:64:7d:78:8d:70:d1:b1:
                    4c:59:b5:65:d3:80:d8:76:e2:cb:8e:09:65:6f:60:
                    c2:64:38:81:b1:b4:52:fa:93:bd:36:27:a2:ff:12:
                    7b:b3:9b:8e:62:29:bc:b0:7c:43:56:74:a5:c1:51:
                    8a:e8:4f:0c:2e:6b:b0:b4:42:5d:ca:27:0e:8b:0a:
                    be:77:09:6e:9b:e6:c7:c0:f1:eb:95:60:42:ad:ee:
                    9c:7d:29:b7:8d:5e:df:df:be:7e:6b:b4:d2:60:3a:
                    8f:1b:f5:6d:5c:63:26:fc:a6:7b:b3:65:7f:16:ef:
                    6d:cc:a3:29:07:ce:7d:ad:7c:0e:e2:0e:ef:66:de:
                    c8:99:f5:e8:a2:78:34:84:6b:30:ce:db:3c:2f:d5:
                    56:64:c8:e7:a8:6d:87:aa:17:04:e1:be:2c:97:7d:
                    aa:d7:a3:4e:ab:09:45:02:50:a3:1e:36:94:0d:f9:
                    dc:b9:ca:78:1e:3c:b7:54:21:cb:a5:3c:56:df:30:
                    97:72:ed:ad:2a:21:7a:48:07:11:66:ed:0f:6c:6a:
                    b2:28:7b:8c:ce:34:59:37:93:ef:49:3e:fa:cf:30:
                    5d:c1:4b:70:13:9c:b5:f5:d2:17:e6:16:15:1d:17:
                    97:c2:43:16:e3:0e:a4:34:e4:69:44:23:88:37:b8:
                    ea:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:16:EB:45:E7:38:18:5F:D9:90:33:56:CE:4E:8A:AD:6E:CC:DF:08
            X509v3 Authority Key Identifier:
                keyid:A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/ZhbrRec4GF_ZkDNWzk6KrW7M3wg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/pcY3PqsZz0PdL0MRE5g4PuK60DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:df:5a:0a:be:d3:77:9b:ce:92:34:69:3f:aa:d4:47:6d:5c:
         dd:80:ea:22:16:09:32:ca:69:07:8b:48:09:3c:73:0f:69:cc:
         4c:ec:0d:f9:35:07:e8:2a:4b:64:6c:fa:7b:dd:82:b6:3d:7d:
         f9:62:69:d5:f8:86:45:85:30:66:e1:41:ec:47:f6:55:4a:74:
         49:ef:8a:45:0c:34:b5:dd:65:af:5e:ae:36:17:fb:43:bb:07:
         9b:59:bd:fe:6f:69:3d:16:db:e2:9d:b3:39:8f:21:84:6e:38:
         51:d2:73:5a:87:47:54:88:06:5e:d6:7d:37:60:39:e1:29:c2:
         96:ea:59:7e:0d:f1:7c:f1:7b:c2:9c:a3:79:ec:79:8f:00:8d:
         38:8e:f7:31:6b:cd:98:a3:f3:b4:f7:bf:68:cb:c8:87:e3:1f:
         e8:93:cd:9f:b5:8c:29:dc:83:97:a8:73:ff:fa:54:01:4d:52:
         9b:14:82:82:bb:57:92:a8:9e:ff:0a:45:e6:0e:8b:cd:2b:79:
         a4:0b:0a:20:9a:7e:55:79:27:44:82:20:e8:f7:b4:69:00:9d:
         09:5d:ca:34:59:84:3e:1e:b9:78:e7:67:60:ce:a1:f3:dc:d9:
         a8:b9:9c:ad:91:ad:0a:bd:91:6b:66:ec:1b:56:cd:64:31:ae:
         3b:52:25:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxtRA/6MQXUvnoiUfTx8LoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YzYzNzNlYWIxOWNmNDNkZDJmNDMxMTEzOTgzODNlZTJi
YWQwMzAwHhcNMjMxMjE1MTEzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjE2ZWI0NWU3MzgxODVmZDk5MDMzNTZjZTRlOGFhZDZlY2NkZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtkXaActEmR9eI1w0bFMWbVl04DY
duLLjgllb2DCZDiBsbRS+pO9Niei/xJ7s5uOYim8sHxDVnSlwVGK6E8MLmuwtEJd
yicOiwq+dwlum+bHwPHrlWBCre6cfSm3jV7f375+a7TSYDqPG/VtXGMm/KZ7s2V/
Fu9tzKMpB859rXwO4g7vZt7ImfXoong0hGswzts8L9VWZMjnqG2HqhcE4b4sl32q
16NOqwlFAlCjHjaUDfncucp4Hjy3VCHLpTxW3zCXcu2tKiF6SAcRZu0PbGqyKHuM
zjRZN5PvST76zzBdwUtwE5y19dIX5hYVHReXwkMW4w6kNORpRCOIN7jqcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGYW60XnOBhf2ZAzVs5Oiq1uzN8IMB8GA1UdIwQY
MBaAFKXGNz6rGc9D3S9DEROYOD7iutAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGNZM1Bxc1p6MFBkTDBNUkU1ZzRQdUs2MERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mMGY1ZTMtNjA1MC00ZTJkLWE0ZWEt
YTRlYTBhNjNmNzY2LzEvWmhiclJlYzRHRl9aa0ROV3prNktyVzdNM3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mMGY1ZTMtNjA1MC00ZTJkLWE0ZWEtYTRlYTBhNjNmNzY2
LzEvcGNZM1Bxc1p6MFBkTDBNUkU1ZzRQdUs2MERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueQDMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ31oKvtN3m86SNGk/qtRHbVzdgOoiFgkyymkHi0gJ
PHMPacxM7A35NQfoKktkbPp73YK2PX35YmnV+IZFhTBm4UHsR/ZVSnRJ74pFDDS1
3WWvXq42F/tDuwebWb3+b2k9FtvinbM5jyGEbjhR0nNah0dUiAZe1n03YDnhKcKW
6ll+DfF88XvCnKN57HmPAI04jvcxa82Yo/O0979oy8iH4x/ok82ftYwp3IOXqHP/
+lQBTVKbFIKCu1eSqJ7/CkXmDovNK3mkCwogmn5VeSdEgiDo97RpAJ0JXco0WYQ+
Hrl452dgzqHz3NmouZytka0KvZFrZuwbVs1kMa47UiUY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:14 2024 by rpki-client on console-fra.rpki-client.org