Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/ZecHxsRR4zBXOkSqbH51mg-ZezI.roa
File:                     ZecHxsRR4zBXOkSqbH51mg-ZezI.roa (raw, json)
Hash identifier:          2aKaiTyAxvCbCcuWMnA070wugCYtzrP02IFdXX0vtNg=
Subject key identifier:   65:E7:07:C6:C4:51:E3:30:57:3A:44:AA:6C:7E:75:9A:0F:99:7B:32
Certificate issuer:       /CN=0e2e4fd219f5b77ce80cdfaf9e3a6441dec50042
Certificate serial:       018B30F701025221B887F960FE067C31AD83
Authority key identifier: 0E:2E:4F:D2:19:F5:B7:7C:E8:0C:DF:AF:9E:3A:64:41:DE:C5:00:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Di5P0hn1t3zoDN-vnjpkQd7FAEI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/ZecHxsRR4zBXOkSqbH51mg-ZezI.roa
Signing time:             Sun 15 Oct 2023 01:32:55 +0000
ROA not before:           Sun 15 Oct 2023 01:32:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44574
IP address blocks:        193.150.34.0/24 maxlen: 24
                          91.230.181.0/24 maxlen: 24
                          193.238.80.0/22 maxlen: 22
                          193.104.113.0/24 maxlen: 24
                          95.215.174.0/24 maxlen: 24
                          2001:678:498::/48 maxlen: 48
                          2001:678:4a0::/48 maxlen: 48
                          2001:67c:16d1::/48 maxlen: 48
                          2001:67c:1954::/48 maxlen: 48
                          2001:678:4a4::/48 maxlen: 48
                          2001:678:49c::/48 maxlen: 48
                          2001:67c:16d0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:30:f7:01:02:52:21:b8:87:f9:60:fe:06:7c:31:ad:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e2e4fd219f5b77ce80cdfaf9e3a6441dec50042
        Validity
            Not Before: Oct 15 01:32:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=65e707c6c451e330573a44aa6c7e759a0f997b32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7b:71:79:3c:3b:0a:a2:5f:72:cb:bf:a6:57:
                    e0:55:34:21:29:46:65:42:c9:ce:df:15:c9:1d:6c:
                    15:c7:e1:ea:41:83:9b:37:ac:d4:42:56:91:a4:e5:
                    c9:22:0e:93:4c:a4:9f:5d:98:a2:ba:4a:5e:1b:c9:
                    89:ed:7e:ac:01:57:78:15:60:33:ac:63:9d:96:d8:
                    8c:cf:d6:7a:aa:69:23:2d:34:0f:92:1e:06:c9:cb:
                    ca:01:66:b7:ef:a4:b8:1f:a0:11:c2:e1:28:ca:00:
                    68:fa:6c:8b:d5:ef:88:b1:57:9a:16:de:d5:f3:6a:
                    a9:de:41:82:23:7a:39:ae:b4:79:e4:d1:d8:92:3a:
                    a2:c1:11:d8:eb:a8:a7:74:8a:62:6a:eb:6f:db:d6:
                    29:87:d8:10:c3:4d:21:00:25:1c:ff:3b:02:d9:8e:
                    35:f2:38:8a:cc:a1:b5:ea:56:c4:68:db:fc:c4:d5:
                    03:fa:32:73:a1:11:52:01:d8:93:6a:7d:99:78:9d:
                    5b:64:f6:bd:1d:55:56:93:8b:5d:91:23:4e:7a:e3:
                    4a:ec:5e:98:f3:a6:1e:5d:04:20:a6:9a:2f:cf:44:
                    98:cf:0c:57:61:26:da:a1:78:bc:bb:63:0f:32:04:
                    98:59:3c:78:55:ae:f0:97:a2:27:66:bc:f9:c1:15:
                    9c:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:E7:07:C6:C4:51:E3:30:57:3A:44:AA:6C:7E:75:9A:0F:99:7B:32
            X509v3 Authority Key Identifier:
                keyid:0E:2E:4F:D2:19:F5:B7:7C:E8:0C:DF:AF:9E:3A:64:41:DE:C5:00:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Di5P0hn1t3zoDN-vnjpkQd7FAEI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/ZecHxsRR4zBXOkSqbH51mg-ZezI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/e11224-61c7-4786-86e9-238fee692430/1/Di5P0hn1t3zoDN-vnjpkQd7FAEI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.230.181.0/24
                  95.215.174.0/24
                  193.104.113.0/24
                  193.150.34.0/24
                  193.238.80.0/22
                IPv6:
                  2001:678:498::/48
                  2001:678:49c::/48
                  2001:678:4a0::/48
                  2001:678:4a4::/48
                  2001:67c:16d0::/47
                  2001:67c:1954::/48

    Signature Algorithm: sha256WithRSAEncryption
         c6:6b:f7:e2:85:57:1c:b0:dc:ad:22:ea:37:42:97:fe:8b:f7:
         38:83:bf:c0:ef:0d:5d:7d:dc:9d:48:89:37:01:68:f0:e2:60:
         bc:c8:6b:ce:ac:3a:27:14:fb:7b:4b:d8:c4:85:f9:bd:60:0d:
         4d:31:e7:7d:b1:ee:5b:34:1b:12:cf:64:6f:59:27:fb:29:5c:
         7d:87:86:98:c9:57:05:f8:b3:88:d2:80:6d:4b:54:91:2a:ba:
         1b:08:da:23:72:8c:39:33:f0:d6:89:7e:2a:7d:a8:9b:c9:b2:
         50:10:0c:16:d7:03:16:25:ff:77:0a:cb:db:13:6a:a3:bc:1a:
         91:b1:a7:2f:5a:c4:fc:61:51:b5:23:eb:e8:fd:00:bb:0b:45:
         1e:66:0a:09:09:61:11:43:23:b9:b5:f8:e4:e3:10:17:50:23:
         7b:11:8d:02:f6:d2:d3:64:64:c4:fe:2d:e0:64:ac:b7:46:45:
         f1:bf:3c:04:d0:eb:0e:b0:97:3f:b6:37:c0:8c:f4:0d:fb:6e:
         b6:41:d2:19:7e:f1:8a:e8:96:c2:d7:b3:51:52:b4:42:90:01:
         65:89:42:d6:b3:c0:c1:89:50:03:b0:4d:62:88:d1:49:05:ee:
         26:56:b7:68:f8:f9:ee:b0:ed:2c:76:45:41:8c:32:ec:44:8d:
         f5:bb:31:bc
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYsw9wECUiG4h/lg/gZ8Ma2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMmU0ZmQyMTlmNWI3N2NlODBjZGZhZjllM2E2NDQxZGVj
NTAwNDIwHhcNMjMxMDE1MDEzMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWU3MDdjNmM0NTFlMzMwNTczYTQ0YWE2YzdlNzU5YTBmOTk3YjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArntxeTw7CqJfcsu/plfgVTQhKUZl
QsnO3xXJHWwVx+HqQYObN6zUQlaRpOXJIg6TTKSfXZiiukpeG8mJ7X6sAVd4FWAz
rGOdltiMz9Z6qmkjLTQPkh4GycvKAWa376S4H6ARwuEoygBo+myL1e+IsVeaFt7V
82qp3kGCI3o5rrR55NHYkjqiwRHY66indIpiautv29Yph9gQw00hACUc/zsC2Y41
8jiKzKG16lbEaNv8xNUD+jJzoRFSAdiTan2ZeJ1bZPa9HVVWk4tdkSNOeuNK7F6Y
86YeXQQgppovz0SYzwxXYSbaoXi8u2MPMgSYWTx4Va7wl6InZrz5wRWcuwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFGXnB8bEUeMwVzpEqmx+dZoPmXsyMB8GA1UdIwQY
MBaAFA4uT9IZ9bd86Azfr546ZEHexQBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGk1UDBobjF0M3pvRE4tdm5qcGtRZDdGQUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lMTEyMjQtNjFjNy00Nzg2LTg2ZTkt
MjM4ZmVlNjkyNDMwLzEvWmVjSHhzUlI0ekJYT2tTcWJINTFtZy1aZXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lMTEyMjQtNjFjNy00Nzg2LTg2ZTktMjM4ZmVlNjkyNDMw
LzEvRGk1UDBobjF0M3pvRE4tdm5qcGtRZDdGQUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAkBAIAATAeAwQAW+a1AwQA
X9euAwQAwWhxAwQAwZYiAwQCwe5QMDwEAgACMDYDBwAgAQZ4BJgDBwAgAQZ4BJwD
BwAgAQZ4BKADBwAgAQZ4BKQDBwEgAQZ8FtADBwAgAQZ8GVQwDQYJKoZIhvcNAQEL
BQADggEBAMZr9+KFVxyw3K0i6jdCl/6L9ziDv8DvDV193J1IiTcBaPDiYLzIa86s
OicU+3tL2MSF+b1gDU0x532x7ls0GxLPZG9ZJ/spXH2HhpjJVwX4s4jSgG1LVJEq
uhsI2iNyjDkz8NaJfip9qJvJslAQDBbXAxYl/3cKy9sTaqO8GpGxpy9axPxhUbUj
6+j9ALsLRR5mCgkJYRFDI7m1+OTjEBdQI3sRjQL20tNkZMT+LeBkrLdGRfG/PATQ
6w6wlz+2N8CM9A37brZB0hl+8YrolsLXs1FStEKQAWWJQtazwMGJUAOwTWKI0UkF
7iZWt2j4+e6w7Sx2RUGMMuxEjfW7Mbw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:23 2024 by rpki-client on console-fra.rpki-client.org