Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/zzVJooQT_ul0h6_YnjwdTCJM7vQ.roa
File:                     zzVJooQT_ul0h6_YnjwdTCJM7vQ.roa (raw, json)
Hash identifier:          h77znyFmXlRynBMIlBF7i2TNUomPKu7Tiw9/Mh0nsv8=
Subject key identifier:   CF:35:49:A2:84:13:FE:E9:74:87:AF:D8:9E:3C:1D:4C:22:4C:EE:F4
Certificate issuer:       /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial:       018993710F0ABAD07C3636626091B9C857D3
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/zzVJooQT_ul0h6_YnjwdTCJM7vQ.roa
Signing time:             Wed 26 Jul 2023 18:23:27 +0000
ROA not before:           Wed 26 Jul 2023 18:23:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60751
IP address blocks:        185.104.216.0/22 maxlen: 24
                          185.24.233.0/24 maxlen: 24
                          185.24.235.0/24 maxlen: 24
                          185.24.234.0/24 maxlen: 24
                          2a04:2e03::/32 maxlen: 32
                          2a04:2e00::/32 maxlen: 36

Validation:               Failed, certificate revoked on Sat 05 Aug 2023 15:36:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:93:71:0f:0a:ba:d0:7c:36:36:62:60:91:b9:c8:57:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
        Validity
            Not Before: Jul 26 18:23:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf3549a28413fee97487afd89e3c1d4c224ceef4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ef:a3:f7:b6:f8:3e:2f:38:6c:e7:85:be:bc:
                    76:3a:92:54:8a:16:40:60:88:cb:be:f1:21:09:0f:
                    d1:21:bd:fd:7f:c0:ed:6f:7c:49:19:92:60:ff:41:
                    47:16:fa:95:7b:50:60:e8:a1:bd:ed:63:34:a1:f9:
                    c1:3d:75:c7:72:ac:a6:de:1c:a5:9d:21:ca:15:8b:
                    a3:8e:7e:d5:b1:ac:d0:ea:c7:83:da:47:df:bf:1a:
                    b1:57:b9:c5:e5:73:4e:46:8e:6b:77:4e:68:82:13:
                    ca:94:0f:1d:9d:22:e0:6a:49:28:01:23:36:72:f2:
                    4d:ef:4a:85:c3:a2:bf:87:ad:c8:ea:88:0d:6d:c0:
                    18:b6:29:9d:d4:59:24:64:c3:ff:de:30:98:ef:3f:
                    f9:47:95:58:e1:de:f3:9b:4b:bc:3c:9c:03:18:5e:
                    5c:bb:1b:bf:5a:90:83:a1:40:47:f2:a4:3d:f8:e0:
                    b5:81:98:33:4f:27:60:75:c9:fa:d2:74:90:88:62:
                    bf:f2:46:49:13:4a:a7:a1:07:9e:33:d6:c4:8d:5f:
                    6b:e7:e9:e1:e0:72:ee:93:2d:ad:3b:5a:dd:d1:bb:
                    5b:7b:15:72:b3:a6:df:e9:aa:0b:56:f9:35:e0:44:
                    19:35:56:ec:35:78:b5:94:13:35:c6:6a:ce:44:ac:
                    fc:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:35:49:A2:84:13:FE:E9:74:87:AF:D8:9E:3C:1D:4C:22:4C:EE:F4
            X509v3 Authority Key Identifier:
                keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/zzVJooQT_ul0h6_YnjwdTCJM7vQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.24.233.0-185.24.235.255
                  185.104.216.0/22
                IPv6:
                  2a04:2e00::/32
                  2a04:2e03::/32

    Signature Algorithm: sha256WithRSAEncryption
         18:55:99:30:83:d2:7c:33:2e:29:c4:94:32:5d:62:85:7e:b2:
         d8:1f:af:a3:e1:72:9c:5c:04:a9:c0:b7:8b:a8:ee:c2:05:33:
         c5:f1:9b:33:aa:0a:37:a5:f4:42:b5:a7:51:dc:ba:ca:c3:fd:
         09:3f:90:2b:0e:f8:8b:08:9b:b6:40:2f:17:d8:d3:e1:32:06:
         45:a9:0a:9a:b7:c0:40:41:3e:49:d0:c6:33:9b:1e:94:50:3f:
         a9:0a:f6:fa:77:1e:50:80:22:7c:f6:02:f9:14:2e:54:d7:8c:
         0e:ea:d5:45:2d:8e:5e:5b:92:e7:ea:22:09:02:25:ef:1b:e8:
         25:df:a6:48:36:d5:cf:28:bb:13:bb:72:1f:85:1c:9b:75:68:
         c9:b7:95:d3:b6:bd:1c:f5:86:15:bb:f7:5f:00:d5:71:62:2b:
         31:6e:4c:cd:20:d4:de:4f:9f:54:d1:77:bf:6b:e7:b2:ec:64:
         f4:35:87:92:83:44:0b:12:8d:bf:18:7d:c3:07:3e:c7:56:0e:
         e6:63:f6:fb:a4:3e:50:e6:9d:3a:6c:5e:28:96:07:18:8f:47:
         a1:22:5b:b2:fc:13:51:46:58:1d:2d:56:77:a6:58:d8:aa:75:
         fe:ab:af:8a:dc:f6:e0:45:b2:ef:be:e9:1b:6d:9b:9b:e8:42:
         97:63:c1:fc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmTcQ8KutB8NjZiYJG5yFfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjMwNzI2MTgyMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM1NDlhMjg0MTNmZWU5NzQ4N2FmZDg5ZTNjMWQ0YzIyNGNlZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi++j97b4Pi84bOeFvrx2OpJUihZA
YIjLvvEhCQ/RIb39f8Dtb3xJGZJg/0FHFvqVe1Bg6KG97WM0ofnBPXXHcqym3hyl
nSHKFYujjn7VsazQ6seD2kffvxqxV7nF5XNORo5rd05oghPKlA8dnSLgakkoASM2
cvJN70qFw6K/h63I6ogNbcAYtimd1FkkZMP/3jCY7z/5R5VY4d7zm0u8PJwDGF5c
uxu/WpCDoUBH8qQ9+OC1gZgzTydgdcn60nSQiGK/8kZJE0qnoQeeM9bEjV9r5+nh
4HLuky2tO1rd0btbexVys6bf6aoLVvk14EQZNVbsNXi1lBM1xmrORKz8XwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM81SaKEE/7pdIev2J48HUwiTO70MB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvenpWSm9vUVRfdWwwaDZfWW5qd2RUQ0pNN3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUMAwDBAC5GOkD
BAK5GOgDBAK5aNgwFAQCAAIwDgMFACoELgADBQAqBC4DMA0GCSqGSIb3DQEBCwUA
A4IBAQAYVZkwg9J8My4pxJQyXWKFfrLYH6+j4XKcXASpwLeLqO7CBTPF8Zszqgo3
pfRCtadR3LrKw/0JP5ArDviLCJu2QC8X2NPhMgZFqQqat8BAQT5J0MYzmx6UUD+p
Cvb6dx5QgCJ89gL5FC5U14wO6tVFLY5eW5Ln6iIJAiXvG+gl36ZINtXPKLsTu3If
hRybdWjJt5XTtr0c9YYVu/dfANVxYisxbkzNINTeT59U0Xe/a+ey7GT0NYeSg0QL
Eo2/GH3DBz7HVg7mY/b7pD5Q5p06bF4olgcYj0ehIluy/BNRRlgdLVZ3pljYqnX+
q6+K3PbgRbLvvukbbZub6EKXY8H8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:13 2024 by rpki-client on console-ams.rpki-client.org