Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/DZzP1TnfLTV4C8dUG8fnec6u9_c.roa
File:                     DZzP1TnfLTV4C8dUG8fnec6u9_c.roa (raw, json)
Hash identifier:          AnbCGszPe3QzfHzy1F8+s/bAWjbqNr3YNDsfEs/icu4=
Subject key identifier:   0D:9C:CF:D5:39:DF:2D:35:78:0B:C7:54:1B:C7:E7:79:CE:AE:F7:F7
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       018CD01DE0F3AF271025A42B4FD1F8C44BCC
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/DZzP1TnfLTV4C8dUG8fnec6u9_c.roa
Signing time:             Wed 03 Jan 2024 16:17:48 +0000
ROA not before:           Wed 03 Jan 2024 16:17:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        217.25.12.0/24 maxlen: 24
                          87.254.31.0/24 maxlen: 24
                          185.210.168.0/23 maxlen: 24
                          185.210.170.0/23 maxlen: 24
                          87.254.17.0/24 maxlen: 24
                          87.254.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jan 2024 09:31:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d0:1d:e0:f3:af:27:10:25:a4:2b:4f:d1:f8:c4:4b:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: Jan  3 16:17:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d9ccfd539df2d35780bc7541bc7e779ceaef7f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:35:0c:f4:01:3c:ad:4e:d8:00:f8:5a:c8:1e:
                    87:91:a6:2c:d2:08:62:44:88:83:42:39:e8:7a:ed:
                    73:dc:2d:9e:21:31:15:b0:4c:df:e2:45:7d:fb:3d:
                    75:41:2d:9f:cb:a5:5d:e8:20:d8:e2:30:45:8c:47:
                    15:30:d8:50:01:a1:3b:7b:b7:70:25:1d:ee:43:a7:
                    85:f1:a5:55:18:33:f6:6a:1c:3d:0f:b0:0d:13:33:
                    62:8e:58:75:04:9c:82:a6:8f:38:58:cd:39:1b:ed:
                    ec:c0:a8:97:18:ae:44:af:9b:4e:e3:8d:85:8e:cb:
                    40:a1:9e:bb:4c:6e:cf:81:68:41:d4:6c:4e:9d:4f:
                    fd:d7:b6:7f:5f:c1:c0:33:03:b6:9c:82:92:37:1b:
                    31:0d:94:d3:a4:0d:79:89:d6:8e:3c:ad:7c:84:ae:
                    2b:0e:d8:3c:0f:1b:e7:35:a7:b4:3f:6d:a5:a0:1e:
                    bf:52:69:94:86:68:4f:0e:fc:90:48:00:1c:51:31:
                    f8:2d:0a:7d:8a:1e:56:fc:4e:dd:aa:c0:d9:9e:1e:
                    d8:fb:93:8d:cd:4d:bf:12:53:f6:af:15:3b:7e:f0:
                    15:9a:3d:15:52:e3:3f:55:f5:bd:a4:3b:a7:cd:9e:
                    de:07:ef:87:e6:11:78:53:29:ab:56:7f:16:59:ad:
                    d3:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:9C:CF:D5:39:DF:2D:35:78:0B:C7:54:1B:C7:E7:79:CE:AE:F7:F7
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/DZzP1TnfLTV4C8dUG8fnec6u9_c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.254.17.0/24
                  87.254.23.0/24
                  87.254.31.0/24
                  185.210.168.0/22
                  217.25.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:d1:cb:fa:de:3b:96:81:16:35:5d:5b:b5:2e:13:9e:34:46:
         b3:14:b2:1b:bf:72:7e:54:06:bf:aa:75:9d:8f:56:8e:20:da:
         2c:06:ec:cc:d2:74:eb:ab:a4:78:77:d1:d1:da:da:24:fe:14:
         d6:b9:25:a6:b0:6b:45:16:bc:21:46:a3:7a:98:12:a6:5c:ab:
         be:99:30:af:cc:18:07:26:97:58:86:1d:8a:b2:ae:e7:5a:35:
         05:99:d0:f6:23:a4:1b:17:d2:7e:ed:c5:99:87:3c:7e:7c:3b:
         4c:60:de:2e:b0:ae:e4:39:1d:7b:da:cb:3d:f2:5c:5b:d7:d2:
         76:77:e6:18:33:fa:50:5e:e8:83:a2:cf:f4:fe:bd:60:a1:22:
         e6:25:09:08:76:7a:d1:c5:4d:09:0d:8a:57:37:39:1f:c2:b7:
         b0:a9:31:39:d6:8d:ab:d8:82:f1:a2:d4:56:af:01:bd:b0:3f:
         c4:4b:22:3f:00:8b:8f:5e:ad:48:d4:08:02:e4:99:8b:d2:14:
         e3:28:6e:98:2b:f9:0a:ee:df:a6:cf:be:c8:52:ff:16:18:9c:
         dd:1a:5d:16:0b:a3:7e:cf:99:b0:44:22:47:55:f6:61:08:2f:
         0e:9d:1b:5d:7c:f1:59:e3:96:a5:e0:33:b6:e2:60:dd:b4:3f:
         b4:49:4b:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzQHeDzrycQJaQrT9H4xEvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwMTAzMTYxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDljY2ZkNTM5ZGYyZDM1NzgwYmM3NTQxYmM3ZTc3OWNlYWVmN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTUM9AE8rU7YAPhayB6HkaYs0ghi
RIiDQjnoeu1z3C2eITEVsEzf4kV9+z11QS2fy6Vd6CDY4jBFjEcVMNhQAaE7e7dw
JR3uQ6eF8aVVGDP2ahw9D7ANEzNijlh1BJyCpo84WM05G+3swKiXGK5Er5tO442F
jstAoZ67TG7PgWhB1GxOnU/917Z/X8HAMwO2nIKSNxsxDZTTpA15idaOPK18hK4r
Dtg8DxvnNae0P22loB6/UmmUhmhPDvyQSAAcUTH4LQp9ih5W/E7dqsDZnh7Y+5ON
zU2/ElP2rxU7fvAVmj0VUuM/VfW9pDunzZ7eB++H5hF4UymrVn8WWa3T2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA2cz9U53y01eAvHVBvH53nOrvf3MB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvRFp6UDFUbmZMVFY0QzhkVUc4Zm5lYzZ1OV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAV/4RAwQA
V/4XAwQAV/4fAwQCudKoAwQA2RkMMA0GCSqGSIb3DQEBCwUAA4IBAQB50cv63juW
gRY1XVu1LhOeNEazFLIbv3J+VAa/qnWdj1aOINosBuzM0nTrq6R4d9HR2tok/hTW
uSWmsGtFFrwhRqN6mBKmXKu+mTCvzBgHJpdYhh2Ksq7nWjUFmdD2I6QbF9J+7cWZ
hzx+fDtMYN4usK7kOR172ss98lxb19J2d+YYM/pQXuiDos/0/r1goSLmJQkIdnrR
xU0JDYpXNzkfwrewqTE51o2r2ILxotRWrwG9sD/ESyI/AIuPXq1I1AgC5JmL0hTj
KG6YK/kK7t+mz77IUv8WGJzdGl0WC6N+z5mwRCJHVfZhCC8OnRtdfPFZ45al4DO2
4mDdtD+0SUs8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:21 2024 by rpki-client on console-ams.rpki-client.org