Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a4debb-27b7-4140-b27e-ea653824b1f2/1/NO-zkkJbnudxYLv68lSDDMG-exk.roa
File:                     NO-zkkJbnudxYLv68lSDDMG-exk.roa (raw, json)
Hash identifier:          2IbgNUEbrRGoMv3zr4xCoIXeGBP8vbZxoAcjn7SBY8Y=
Subject key identifier:   34:EF:B3:92:42:5B:9E:E7:71:60:BB:FA:F2:54:83:0C:C1:BE:7B:19
Certificate issuer:       /CN=7e1540fdd5add6b775498c1e3f25c90e213a612f
Certificate serial:       01856FF0560A98122ADB3FB7D98E5E8A2509
Authority key identifier: 7E:15:40:FD:D5:AD:D6:B7:75:49:8C:1E:3F:25:C9:0E:21:3A:61:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fhVA_dWt1rd1SYwePyXJDiE6YS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/a4debb-27b7-4140-b27e-ea653824b1f2/1/NO-zkkJbnudxYLv68lSDDMG-exk.roa
Signing time:             Mon 02 Jan 2023 00:44:59 +0000
ROA not before:           Mon 02 Jan 2023 00:44:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44821
IP address blocks:        185.148.252.0/22 maxlen: 22
                          2a07:6380::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:56:0a:98:12:2a:db:3f:b7:d9:8e:5e:8a:25:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e1540fdd5add6b775498c1e3f25c90e213a612f
        Validity
            Not Before: Jan  2 00:44:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34efb392425b9ee77160bbfaf254830cc1be7b19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7a:00:a9:c8:3a:50:d2:4c:4e:69:29:a9:1c:
                    3c:c7:54:7d:1b:1a:45:d0:28:24:3d:2f:19:93:88:
                    44:19:4b:97:89:cd:89:d0:93:85:f9:55:85:c8:e0:
                    9d:00:f2:60:1a:64:d4:e0:6b:98:45:80:9b:6b:2f:
                    04:3d:e6:4c:45:a4:06:4d:ba:3f:84:f2:cd:7a:85:
                    b9:02:43:06:09:48:fa:e7:e2:9a:f9:09:8f:2c:b5:
                    6d:d4:14:b1:88:3b:90:c4:f7:a3:02:33:45:f0:f9:
                    ad:53:14:97:bc:2d:27:53:4d:74:3f:ea:2c:f2:0f:
                    8c:e6:7c:82:8a:ce:6c:d7:83:f6:37:27:90:38:c9:
                    8b:de:27:06:b4:eb:cb:f9:2b:58:5d:9b:64:4a:d3:
                    b6:30:22:9d:5e:76:5a:f1:20:4a:5e:8e:1b:bc:68:
                    b0:5a:af:96:71:56:a0:34:18:f7:c8:b8:d5:c6:35:
                    d0:31:1e:5a:33:2c:5c:88:21:1c:10:e2:b2:51:d6:
                    3e:85:74:c6:b7:07:92:53:9e:a0:f0:14:95:c3:d9:
                    75:b0:bd:5a:d3:c7:9c:fb:ec:a1:81:b5:f7:c2:eb:
                    c5:ab:26:5c:1c:ff:df:11:a2:43:c2:b9:75:4d:89:
                    28:fd:79:93:1d:40:82:ef:38:4c:f0:e3:4b:23:da:
                    e6:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:EF:B3:92:42:5B:9E:E7:71:60:BB:FA:F2:54:83:0C:C1:BE:7B:19
            X509v3 Authority Key Identifier:
                keyid:7E:15:40:FD:D5:AD:D6:B7:75:49:8C:1E:3F:25:C9:0E:21:3A:61:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhVA_dWt1rd1SYwePyXJDiE6YS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a4debb-27b7-4140-b27e-ea653824b1f2/1/NO-zkkJbnudxYLv68lSDDMG-exk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a4debb-27b7-4140-b27e-ea653824b1f2/1/fhVA_dWt1rd1SYwePyXJDiE6YS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.148.252.0/22
                IPv6:
                  2a07:6380::/29

    Signature Algorithm: sha256WithRSAEncryption
         b9:22:4b:ae:73:9b:90:1e:a7:8a:5f:19:91:2e:35:40:a5:fc:
         80:72:c1:02:a8:bd:23:39:31:f8:ee:d8:af:15:d8:a0:88:8d:
         63:40:88:56:ad:6c:1b:51:ba:a1:02:b6:b0:aa:47:da:65:5c:
         8d:ec:4b:9f:49:0c:a2:09:cf:81:8e:96:90:74:81:74:ae:71:
         b0:39:4c:24:15:0f:e7:f5:c0:52:18:3f:7a:77:1d:4e:11:13:
         31:cd:0e:bc:c5:e1:44:2c:55:67:2e:35:fd:7f:2d:89:cb:63:
         a6:ea:4f:d8:e3:ef:ed:bb:64:c4:4d:ed:a2:c0:46:8b:2d:50:
         4f:e5:91:b3:4e:ba:c2:b3:b3:b8:63:c7:54:7a:53:4e:0a:7d:
         f2:dd:93:f5:bd:af:e8:bb:12:a8:c9:64:f5:c3:63:c3:8e:19:
         7d:8c:0a:b4:2b:12:86:cc:bd:72:40:5a:e5:85:62:e9:44:e1:
         de:f1:a1:08:05:62:aa:74:24:73:71:86:d8:38:8a:a5:1f:af:
         20:c4:a1:55:28:51:bb:25:1c:52:1d:c7:f1:2f:eb:2f:72:69:
         1d:5f:b9:a9:8d:91:c4:13:ad:99:1f:79:b6:34:50:23:18:6f:
         42:4b:01:c5:96:4d:80:97:87:9a:50:73:0c:b5:30:c2:55:cf:
         ae:9b:4b:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv8FYKmBIq2z+32Y5eiiUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTU0MGZkZDVhZGQ2Yjc3NTQ5OGMxZTNmMjVjOTBlMjEz
YTYxMmYwHhcNMjMwMTAyMDA0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGVmYjM5MjQyNWI5ZWU3NzE2MGJiZmFmMjU0ODMwY2MxYmU3YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXoAqcg6UNJMTmkpqRw8x1R9GxpF
0CgkPS8Zk4hEGUuXic2J0JOF+VWFyOCdAPJgGmTU4GuYRYCbay8EPeZMRaQGTbo/
hPLNeoW5AkMGCUj65+Ka+QmPLLVt1BSxiDuQxPejAjNF8PmtUxSXvC0nU010P+os
8g+M5nyCis5s14P2NyeQOMmL3icGtOvL+StYXZtkStO2MCKdXnZa8SBKXo4bvGiw
Wq+WcVagNBj3yLjVxjXQMR5aMyxciCEcEOKyUdY+hXTGtweSU56g8BSVw9l1sL1a
08ec++yhgbX3wuvFqyZcHP/fEaJDwrl1TYko/XmTHUCC7zhM8ONLI9rmtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDTvs5JCW57ncWC7+vJUgwzBvnsZMB8GA1UdIwQY
MBaAFH4VQP3Vrda3dUmMHj8lyQ4hOmEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhWQV9kV3QxcmQxU1l3ZVB5WEpEaUU2WVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hNGRlYmItMjdiNy00MTQwLWIyN2Ut
ZWE2NTM4MjRiMWYyLzEvTk8temtrSmJudWR4WUx2NjhsU0RETUctZXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hNGRlYmItMjdiNy00MTQwLWIyN2UtZWE2NTM4MjRiMWYy
LzEvZmhWQV9kV3QxcmQxU1l3ZVB5WEpEaUU2WVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZT8MA0E
AgACMAcDBQMqB2OAMA0GCSqGSIb3DQEBCwUAA4IBAQC5Ikuuc5uQHqeKXxmRLjVA
pfyAcsECqL0jOTH47tivFdigiI1jQIhWrWwbUbqhArawqkfaZVyN7EufSQyiCc+B
jpaQdIF0rnGwOUwkFQ/n9cBSGD96dx1OERMxzQ68xeFELFVnLjX9fy2Jy2Om6k/Y
4+/tu2TETe2iwEaLLVBP5ZGzTrrCs7O4Y8dUelNOCn3y3ZP1va/ouxKoyWT1w2PD
jhl9jAq0KxKGzL1yQFrlhWLpROHe8aEIBWKqdCRzcYbYOIqlH68gxKFVKFG7JRxS
HcfxL+svcmkdX7mpjZHEE62ZH3m2NFAjGG9CSwHFlk2Al4eaUHMMtTDCVc+um0sQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:09 2024 by rpki-client on console-fra.rpki-client.org