Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/lZJOToKFlFIN67QX4FLWII0RHPU.roa
File:                     lZJOToKFlFIN67QX4FLWII0RHPU.roa (raw, json)
Hash identifier:          hUsuKgULV9d2KL9pmBF8uteodEZTal5op1wJHsA89zM=
Subject key identifier:   95:92:4E:4E:82:85:94:52:0D:EB:B4:17:E0:52:D6:20:8D:11:1C:F5
Certificate issuer:       /CN=cccd583c8d71a2427e0060e3cc924f32dc1a820b
Certificate serial:       018CDF70E9B5F6297F0C4AEBF104A13CDEF1
Authority key identifier: CC:CD:58:3C:8D:71:A2:42:7E:00:60:E3:CC:92:4F:32:DC:1A:82:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/lZJOToKFlFIN67QX4FLWII0RHPU.roa
Signing time:             Sat 06 Jan 2024 15:42:48 +0000
ROA not before:           Sat 06 Jan 2024 15:42:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212165
IP address blocks:        176.124.192.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 27 May 2024 15:05:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:df:70:e9:b5:f6:29:7f:0c:4a:eb:f1:04:a1:3c:de:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cccd583c8d71a2427e0060e3cc924f32dc1a820b
        Validity
            Not Before: Jan  6 15:42:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=95924e4e828594520debb417e052d6208d111cf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:29:71:ca:a9:4d:df:b4:ed:66:51:c8:45:a0:
                    94:aa:45:52:3f:71:90:8e:26:1a:0a:1d:1d:fb:28:
                    b1:8a:85:72:2a:c9:dd:29:d5:64:9a:96:99:28:3d:
                    c9:1b:1e:bf:df:d4:08:e8:42:f0:35:e2:26:50:0d:
                    9d:37:37:45:92:63:ca:74:d3:f5:d3:cd:74:f2:1d:
                    91:b9:89:af:35:0c:3e:e8:e6:8b:12:26:e8:ea:17:
                    c2:bd:4a:1b:1a:93:91:5d:5e:35:1f:f5:4e:39:c2:
                    6f:cc:61:18:a6:48:cc:a3:33:9e:66:3e:bb:0e:92:
                    b0:c8:0c:a0:3b:96:49:4b:d8:52:d8:62:fd:84:f2:
                    cb:91:51:cc:08:80:f0:9c:e5:84:ca:81:08:3f:b4:
                    d3:6d:42:a9:58:66:ac:3c:14:7b:92:a0:87:84:4a:
                    e1:69:ad:71:6e:5c:f6:1d:fe:0f:54:06:c0:c7:b3:
                    1c:76:f4:e0:22:7a:5b:12:e2:39:b5:83:d1:32:b7:
                    19:3d:f6:f8:f4:39:1c:37:09:eb:fa:79:84:b1:35:
                    af:8f:04:e1:76:bd:9d:ff:55:9d:c6:59:33:67:63:
                    44:54:b3:5d:b6:c3:5b:48:7d:22:de:34:46:f5:41:
                    28:3a:58:61:39:8a:5f:6e:f4:3b:1d:66:0d:f1:8f:
                    f2:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:92:4E:4E:82:85:94:52:0D:EB:B4:17:E0:52:D6:20:8D:11:1C:F5
            X509v3 Authority Key Identifier:
                keyid:CC:CD:58:3C:8D:71:A2:42:7E:00:60:E3:CC:92:4F:32:DC:1A:82:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/lZJOToKFlFIN67QX4FLWII0RHPU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/zM1YPI1xokJ-AGDjzJJPMtwaggs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.124.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:b4:df:f8:4a:a3:96:2a:ff:16:8f:15:2c:de:f5:34:22:ac:
         77:cd:bf:63:87:ef:23:ae:d7:fd:ea:37:fb:38:a6:3e:e7:b0:
         74:e0:5d:63:8b:28:c8:8f:ab:1f:f3:29:56:c6:41:d1:8a:af:
         69:7a:24:73:80:19:94:cf:9b:1b:68:40:f7:8f:89:ce:e4:bf:
         4a:da:b3:4d:53:b4:21:3a:9d:91:43:53:a4:e8:e0:63:e2:b3:
         30:1a:8e:57:75:27:60:05:48:90:aa:b5:dc:96:8e:ef:18:d8:
         6c:e1:f8:a8:7d:33:78:c7:36:77:4d:af:c4:7a:12:7f:84:24:
         88:e9:b2:fb:13:f6:a6:f1:55:0d:aa:1e:a8:ca:41:7a:d9:05:
         bb:28:a2:3e:5a:0a:f6:0d:18:82:4a:b5:f0:2f:4e:fa:55:b4:
         3c:a7:fe:1c:3f:02:90:a6:4c:96:d6:ff:c1:fe:50:67:67:0e:
         6c:92:54:b6:81:17:bc:cb:69:0c:ce:86:91:7d:26:d0:96:73:
         3f:30:0e:96:c9:fd:92:8d:3b:f6:75:7c:0e:c7:3e:0c:fd:dd:
         50:5f:3a:2c:0a:fc:b7:d9:23:90:31:d3:ea:1c:35:f0:bd:15:
         dd:72:2c:e6:dd:40:b1:8d:30:6e:f1:cb:34:1d:19:5c:8c:bd:
         d0:7c:41:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzfcOm19il/DErr8QShPN7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2Q1ODNjOGQ3MWEyNDI3ZTAwNjBlM2NjOTI0ZjMyZGMx
YTgyMGIwHhcNMjQwMTA2MTU0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkyNGU0ZTgyODU5NDUyMGRlYmI0MTdlMDUyZDYyMDhkMTExY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqilxyqlN37TtZlHIRaCUqkVSP3GQ
jiYaCh0d+yixioVyKsndKdVkmpaZKD3JGx6/39QI6ELwNeImUA2dNzdFkmPKdNP1
08108h2RuYmvNQw+6OaLEibo6hfCvUobGpORXV41H/VOOcJvzGEYpkjMozOeZj67
DpKwyAygO5ZJS9hS2GL9hPLLkVHMCIDwnOWEyoEIP7TTbUKpWGasPBR7kqCHhErh
aa1xblz2Hf4PVAbAx7McdvTgInpbEuI5tYPRMrcZPfb49DkcNwnr+nmEsTWvjwTh
dr2d/1WdxlkzZ2NEVLNdtsNbSH0i3jRG9UEoOlhhOYpfbvQ7HWYN8Y/yUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWSTk6ChZRSDeu0F+BS1iCNERz1MB8GA1UdIwQY
MBaAFMzNWDyNcaJCfgBg48ySTzLcGoILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek0xWVBJMXhva0otQUdEanpKSlBNdHdhZ2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81NmEwMmEtYzVmZC00MTE5LThjNWYt
ZjQ4NTAyZDEzOTQ4LzEvbFpKT1RvS0ZsRklONjdRWDRGTFdJSTBSSFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81NmEwMmEtYzVmZC00MTE5LThjNWYtZjQ4NTAyZDEzOTQ4
LzEvek0xWVBJMXhva0otQUdEanpKSlBNdHdhZ2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHzAMA0G
CSqGSIb3DQEBCwUAA4IBAQAktN/4SqOWKv8WjxUs3vU0Iqx3zb9jh+8jrtf96jf7
OKY+57B04F1jiyjIj6sf8ylWxkHRiq9peiRzgBmUz5sbaED3j4nO5L9K2rNNU7Qh
Op2RQ1Ok6OBj4rMwGo5XdSdgBUiQqrXclo7vGNhs4fiofTN4xzZ3Ta/EehJ/hCSI
6bL7E/am8VUNqh6oykF62QW7KKI+Wgr2DRiCSrXwL076VbQ8p/4cPwKQpkyW1v/B
/lBnZw5sklS2gRe8y2kMzoaRfSbQlnM/MA6Wyf2SjTv2dXwOxz4M/d1QXzosCvy3
2SOQMdPqHDXwvRXdcizm3UCxjTBu8cs0HRlcjL3QfEEq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:49 2024 by rpki-client on console-ams.rpki-client.org