Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/ZzqXvAsovEylujP5CX6Agy2b5fE.roa
File:                     ZzqXvAsovEylujP5CX6Agy2b5fE.roa (raw, json)
Hash identifier:          Ooh6FGY3uCH7hbGiH5YgJmzzFiX5K9WqzjbR+d4zqKg=
Subject key identifier:   67:3A:97:BC:0B:28:BC:4C:A5:BA:33:F9:09:7E:80:83:2D:9B:E5:F1
Certificate issuer:       /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial:       01856F9E09AEDAFB007BE527E52569612267
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/ZzqXvAsovEylujP5CX6Agy2b5fE.roa
Signing time:             Sun 01 Jan 2023 23:15:06 +0000
ROA not before:           Sun 01 Jan 2023 23:15:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        185.152.95.0/24 maxlen: 24
                          185.152.93.0/24 maxlen: 24
                          85.239.37.0/24 maxlen: 24
                          85.239.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9e:09:ae:da:fb:00:7b:e5:27:e5:25:69:61:22:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
        Validity
            Not Before: Jan  1 23:15:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=673a97bc0b28bc4ca5ba33f9097e80832d9be5f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a3:9c:dc:c2:fb:5b:7d:db:22:ef:02:a1:36:
                    9e:fc:2e:ef:bd:fb:f5:45:40:87:d2:3e:b6:df:a1:
                    c1:21:e6:bc:96:91:fd:45:d4:02:5c:e7:ce:12:e4:
                    52:f0:9a:db:5a:9d:15:23:c9:71:7a:a5:76:c6:49:
                    e0:56:1a:e1:00:e6:f8:59:89:11:be:74:f1:a6:62:
                    a8:a1:ce:91:cd:59:3f:c4:b1:8f:16:4d:b2:ea:99:
                    7c:8a:e9:f6:76:25:df:82:f6:75:87:cf:81:bf:20:
                    41:83:ce:f1:c9:ec:5c:3a:22:7d:77:3e:0f:6a:b6:
                    92:48:79:16:c0:83:66:86:5b:3e:10:99:0a:2b:71:
                    f6:2e:21:03:d1:74:2a:60:73:8b:26:8a:79:7e:01:
                    0f:ba:a6:08:8c:e5:24:dc:25:80:f6:a3:c5:a5:ca:
                    c9:40:7b:e9:de:b3:65:80:37:e5:b6:77:2b:42:71:
                    ba:0b:bc:b0:94:82:2e:da:c6:31:e4:3f:63:1a:27:
                    3c:2a:73:b7:ae:bc:6a:33:c5:2e:70:04:f2:b6:86:
                    f7:55:6b:75:49:11:8d:ab:4f:db:c3:5b:21:73:40:
                    2d:83:d2:51:ac:dd:b6:31:33:31:76:ef:43:00:d6:
                    a2:73:3a:09:a2:f6:1d:1d:10:3b:01:ae:99:b2:41:
                    0f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:3A:97:BC:0B:28:BC:4C:A5:BA:33:F9:09:7E:80:83:2D:9B:E5:F1
            X509v3 Authority Key Identifier:
                keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/ZzqXvAsovEylujP5CX6Agy2b5fE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.239.37.0/24
                  85.239.39.0/24
                  185.152.93.0/24
                  185.152.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:a9:9c:b0:c3:56:cd:53:e8:72:9f:33:68:65:dc:16:78:84:
         b4:e5:29:ff:d5:b1:b4:47:cb:2c:cb:4a:35:81:b7:4b:7a:00:
         e0:a2:16:73:49:37:92:b5:c6:60:3f:62:21:a9:66:3c:69:b6:
         d9:19:36:51:44:77:d3:92:7d:8d:a6:e1:43:8a:1e:5f:2f:25:
         52:ca:e4:11:74:d8:ce:ef:d4:a4:3c:fe:b4:54:68:f3:dd:85:
         1e:af:08:2b:ee:2f:ef:bd:83:fb:98:22:ff:7a:77:eb:df:07:
         71:7e:4e:65:0a:ec:ec:b2:70:bd:80:7e:30:25:15:28:1e:74:
         d5:bb:31:b3:f8:77:50:00:4e:bf:6e:e0:43:e8:26:de:ac:60:
         33:31:32:7f:19:2a:71:e9:ab:0a:20:c5:c9:37:34:c9:7d:cf:
         7c:25:47:e3:22:62:b8:4d:12:72:5f:87:bc:c0:08:61:5c:ad:
         e1:12:05:e0:2d:7a:d4:21:b9:73:ec:7e:63:fe:4c:09:6e:cb:
         39:1c:f4:26:b4:d3:6c:ec:2a:d7:7d:ca:25:3d:e6:c6:2e:13:
         a9:2a:cc:27:87:05:c4:3e:ae:e2:5b:6c:cc:23:95:6d:4b:b5:
         ff:32:e8:d2:13:30:d0:1c:dd:0d:0f:55:dd:7a:77:f0:da:fd:
         1e:34:88:fc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvngmu2vsAe+Un5SVpYSJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjMwMTAxMjMxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzNhOTdiYzBiMjhiYzRjYTViYTMzZjkwOTdlODA4MzJkOWJlNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKOc3ML7W33bIu8CoTae/C7vvfv1
RUCH0j6236HBIea8lpH9RdQCXOfOEuRS8JrbWp0VI8lxeqV2xkngVhrhAOb4WYkR
vnTxpmKooc6RzVk/xLGPFk2y6pl8iun2diXfgvZ1h8+BvyBBg87xyexcOiJ9dz4P
araSSHkWwINmhls+EJkKK3H2LiED0XQqYHOLJop5fgEPuqYIjOUk3CWA9qPFpcrJ
QHvp3rNlgDfltncrQnG6C7ywlIIu2sYx5D9jGic8KnO3rrxqM8UucATytob3VWt1
SRGNq0/bw1shc0Atg9JRrN22MTMxdu9DANaiczoJovYdHRA7Aa6ZskEPqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGc6l7wLKLxMpboz+Ql+gIMtm+XxMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvWnpxWHZBc292RXlsdWpQNUNYNkFneTJiNWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVe8lAwQA
Ve8nAwQAuZhdAwQAuZhfMA0GCSqGSIb3DQEBCwUAA4IBAQBqqZyww1bNU+hynzNo
ZdwWeIS05Sn/1bG0R8ssy0o1gbdLegDgohZzSTeStcZgP2IhqWY8abbZGTZRRHfT
kn2NpuFDih5fLyVSyuQRdNjO79SkPP60VGjz3YUerwgr7i/vvYP7mCL/enfr3wdx
fk5lCuzssnC9gH4wJRUoHnTVuzGz+HdQAE6/buBD6CberGAzMTJ/GSpx6asKIMXJ
NzTJfc98JUfjImK4TRJyX4e8wAhhXK3hEgXgLXrUIblz7H5j/kwJbss5HPQmtNNs
7CrXfcolPebGLhOpKswnhwXEPq7iW2zMI5VtS7X/MujSEzDQHN0ND1Xdenfw2v0e
NIj8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org