Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/JEzsz2WBA_zohV_CP-npJxKMRgs.roa
File:                     JEzsz2WBA_zohV_CP-npJxKMRgs.roa (raw, json)
Hash identifier:          2HkFPc5pSguqA7L74jX2HcOxsFpgYtMqfbAsT0Iig8A=
Subject key identifier:   24:4C:EC:CF:65:81:03:FC:E8:85:5F:C2:3F:E9:E9:27:12:8C:46:0B
Certificate issuer:       /CN=08fe040242651353d556b8c4240082190f271d13
Certificate serial:       018571153FCD8D412C89618ACDA8A97506FE
Authority key identifier: 08:FE:04:02:42:65:13:53:D5:56:B8:C4:24:00:82:19:0F:27:1D:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CP4EAkJlE1PVVrjEJACCGQ8nHRM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/JEzsz2WBA_zohV_CP-npJxKMRgs.roa
Signing time:             Mon 02 Jan 2023 06:04:56 +0000
ROA not before:           Mon 02 Jan 2023 06:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60821
IP address blocks:        185.22.170.0/24 maxlen: 24
                          185.22.169.0/24 maxlen: 24
                          185.22.168.0/22 maxlen: 22
                          185.22.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:3f:cd:8d:41:2c:89:61:8a:cd:a8:a9:75:06:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fe040242651353d556b8c4240082190f271d13
        Validity
            Not Before: Jan  2 06:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=244ceccf658103fce8855fc23fe9e927128c460b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:6b:11:15:b9:cc:8f:09:5b:18:4e:c1:50:59:
                    42:89:a6:f5:92:15:01:97:5e:44:7b:a6:24:9e:2d:
                    5d:e5:fe:ce:47:61:cd:aa:43:d6:5f:71:24:bd:ee:
                    52:cf:14:8e:d7:dc:54:10:d0:24:83:32:6e:b7:42:
                    d6:f2:39:c4:98:41:a0:c8:2f:90:54:a3:a3:ff:44:
                    e8:aa:ad:61:99:2e:9d:d7:0e:12:5d:09:da:2f:69:
                    dc:27:f1:62:90:3c:a2:d2:a4:1b:01:8b:cf:de:df:
                    3e:d2:f3:d8:a7:97:89:0d:fb:cd:36:92:1c:5a:64:
                    16:3a:0a:33:9c:84:6e:86:1a:da:f1:af:41:3c:c5:
                    87:c1:75:0f:30:d4:5a:be:4b:f6:39:d3:ff:68:1c:
                    24:49:5a:b4:11:8e:76:6b:03:dc:ac:6c:0f:f9:c9:
                    7d:41:9a:9a:c5:e2:ba:2b:4a:38:28:1c:b2:cf:37:
                    2a:ec:ff:bd:e5:0b:84:29:62:38:c0:73:2d:fa:9d:
                    dd:94:7b:65:fe:90:4f:1a:c5:a6:aa:02:81:ee:69:
                    2b:ff:91:c3:17:7c:9c:71:ed:cc:f0:15:8a:98:f7:
                    0f:11:6e:3e:f2:b0:51:49:e7:76:7f:57:63:9f:e8:
                    db:3c:20:81:45:fd:7b:99:9d:9c:44:d6:8c:ec:57:
                    1e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:4C:EC:CF:65:81:03:FC:E8:85:5F:C2:3F:E9:E9:27:12:8C:46:0B
            X509v3 Authority Key Identifier:
                keyid:08:FE:04:02:42:65:13:53:D5:56:B8:C4:24:00:82:19:0F:27:1D:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CP4EAkJlE1PVVrjEJACCGQ8nHRM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/JEzsz2WBA_zohV_CP-npJxKMRgs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/CP4EAkJlE1PVVrjEJACCGQ8nHRM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.22.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5f:e9:08:e0:10:16:93:d3:b7:55:2f:5c:8d:04:e2:fb:42:42:
         17:26:a7:e9:90:67:86:e8:94:30:3a:c5:ea:64:b4:66:97:b7:
         fb:62:0a:61:87:df:f6:5e:4f:96:b1:d4:43:05:49:16:b3:15:
         a4:69:e8:59:16:e3:00:f1:9b:03:be:46:97:67:74:95:07:22:
         c8:cc:3e:60:53:4d:5e:1d:ee:33:56:57:8a:06:0f:ad:cb:b0:
         48:75:84:a6:a9:4a:7e:05:96:c9:48:d5:48:a7:36:82:7d:6b:
         f2:29:ba:24:73:02:36:5c:24:4e:da:d6:fb:3d:70:e9:19:63:
         f0:69:6a:90:f8:06:69:77:d1:81:28:0f:ea:91:76:49:82:69:
         14:bf:cb:f6:6b:08:54:60:44:e4:c7:36:b7:d3:1f:d0:67:15:
         c0:fe:53:b9:e9:92:92:99:91:45:27:47:ec:f3:f4:5a:f2:6f:
         3a:4c:5b:b6:7c:60:62:07:5b:51:a1:d8:5d:4b:2e:e3:94:9d:
         67:cd:41:3f:c6:2b:32:10:b7:83:1f:0d:06:08:75:53:46:4c:
         15:4a:d3:3d:62:65:c4:31:3f:13:55:4c:86:d4:f5:fd:61:7d:
         90:62:b0:2f:b7:46:fd:82:46:6f:f4:61:06:0a:2c:e6:46:cc:
         07:3a:8c:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFT/NjUEsiWGKzaipdQb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmUwNDAyNDI2NTEzNTNkNTU2YjhjNDI0MDA4MjE5MGYy
NzFkMTMwHhcNMjMwMTAyMDYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDRjZWNjZjY1ODEwM2ZjZTg4NTVmYzIzZmU5ZTkyNzEyOGM0NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmsRFbnMjwlbGE7BUFlCiab1khUB
l15Ee6Ykni1d5f7OR2HNqkPWX3Ekve5SzxSO19xUENAkgzJut0LW8jnEmEGgyC+Q
VKOj/0Toqq1hmS6d1w4SXQnaL2ncJ/FikDyi0qQbAYvP3t8+0vPYp5eJDfvNNpIc
WmQWOgoznIRuhhra8a9BPMWHwXUPMNRavkv2OdP/aBwkSVq0EY52awPcrGwP+cl9
QZqaxeK6K0o4KByyzzcq7P+95QuEKWI4wHMt+p3dlHtl/pBPGsWmqgKB7mkr/5HD
F3ycce3M8BWKmPcPEW4+8rBRSed2f1djn+jbPCCBRf17mZ2cRNaM7FcejwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRM7M9lgQP86IVfwj/p6ScSjEYLMB8GA1UdIwQY
MBaAFAj+BAJCZRNT1Va4xCQAghkPJx0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1A0RUFrSmxFMVBWVnJqRUpBQ0NHUThuSFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80ZWJjMzMtZWU1NC00MzdjLThhMWIt
ZGVjNDgwN2NkN2U2LzEvSkV6c3oyV0JBX3pvaFZfQ1AtbnBKeEtNUmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80ZWJjMzMtZWU1NC00MzdjLThhMWItZGVjNDgwN2NkN2U2
LzEvQ1A0RUFrSmxFMVBWVnJqRUpBQ0NHUThuSFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRaoMA0G
CSqGSIb3DQEBCwUAA4IBAQBf6QjgEBaT07dVL1yNBOL7QkIXJqfpkGeG6JQwOsXq
ZLRml7f7Ygphh9/2Xk+WsdRDBUkWsxWkaehZFuMA8ZsDvkaXZ3SVByLIzD5gU01e
He4zVleKBg+ty7BIdYSmqUp+BZbJSNVIpzaCfWvyKbokcwI2XCRO2tb7PXDpGWPw
aWqQ+AZpd9GBKA/qkXZJgmkUv8v2awhUYETkxza30x/QZxXA/lO56ZKSmZFFJ0fs
8/Ra8m86TFu2fGBiB1tRodhdSy7jlJ1nzUE/xisyELeDHw0GCHVTRkwVStM9YmXE
MT8TVUyG1PX9YX2QYrAvt0b9gkZv9GEGCizmRswHOowK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:17 2024 by rpki-client on console-fra.rpki-client.org