Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EM1S6iVqfYdZMQCGzwgpF8gn5sk.roa
File:                     EM1S6iVqfYdZMQCGzwgpF8gn5sk.roa (raw, json)
Hash identifier:          3BK8j2tXO6IT/ZAg3H9u4D3OksvEqe1ZHopUhirWhj8=
Subject key identifier:   10:CD:52:EA:25:6A:7D:87:59:31:00:86:CF:08:29:17:C8:27:E6:C9
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018DD1840C5E7C0A7A92C044D70072124754
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EM1S6iVqfYdZMQCGzwgpF8gn5sk.roa
Signing time:             Thu 22 Feb 2024 15:51:48 +0000
ROA not before:           Thu 22 Feb 2024 15:51:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5511
IP address blocks:        195.133.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 13:14:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d1:84:0c:5e:7c:0a:7a:92:c0:44:d7:00:72:12:47:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Feb 22 15:51:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=10cd52ea256a7d8759310086cf082917c827e6c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:de:05:1f:08:b2:11:13:72:64:62:16:36:45:
                    0e:2d:fb:74:87:6b:b9:9b:f8:70:1e:ca:43:61:c3:
                    0a:62:3f:27:a4:54:24:0a:fe:42:97:47:39:83:cb:
                    2f:7c:04:bc:80:62:fc:18:ef:a1:ec:85:77:c0:d9:
                    c1:39:ce:8e:6d:7f:ec:4f:c4:b8:3b:89:fa:e7:f9:
                    a3:26:59:d4:5b:7f:ee:10:36:91:51:1d:ec:2d:89:
                    bc:90:79:91:92:03:14:80:a8:80:5e:a7:92:b8:64:
                    62:77:51:26:c3:e5:56:73:a4:1c:3b:07:01:ec:50:
                    89:b3:09:ea:b0:74:17:96:10:36:0e:1d:c5:89:c1:
                    74:1d:e7:f4:df:1e:54:2e:d3:58:06:da:19:a7:60:
                    4f:cf:a3:6a:7f:bf:9d:69:32:7e:52:68:26:22:9a:
                    7d:3d:a7:33:f2:92:ca:8f:e1:79:1c:92:4d:cd:6e:
                    6a:a8:3d:85:14:d2:fc:99:49:7d:f8:6a:9d:69:7a:
                    9a:f7:88:b3:50:c5:0e:4d:fa:1a:b2:1b:c4:54:25:
                    3b:b3:9e:d4:ed:46:a8:b9:d2:65:a9:af:8e:24:72:
                    5b:1e:21:6e:0a:ba:f3:ab:ec:20:4b:74:d6:ee:6c:
                    8b:e8:6f:4e:1f:53:27:20:ee:eb:61:35:be:f1:36:
                    f4:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:CD:52:EA:25:6A:7D:87:59:31:00:86:CF:08:29:17:C8:27:E6:C9
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EM1S6iVqfYdZMQCGzwgpF8gn5sk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:14:55:91:08:ad:c0:c7:01:8e:bb:3e:2a:0f:8f:5d:ca:2f:
         aa:cf:a9:59:48:18:30:04:49:21:cc:bd:42:f8:1b:1f:ca:71:
         6d:dd:df:c6:c0:8c:33:70:03:6c:af:59:35:23:1d:f9:92:50:
         a6:1e:1c:bd:3a:e6:33:69:c6:82:3e:27:a9:ad:2b:e3:16:91:
         27:90:99:50:73:68:91:0e:9a:24:a5:c7:b8:16:a9:2a:1a:7b:
         e3:d2:5a:8a:2c:2e:57:38:6e:b9:bc:ed:b9:31:a1:5b:6d:36:
         25:25:6d:6c:69:3b:e3:b6:15:22:65:ca:99:d3:44:74:b2:55:
         50:ac:e9:12:93:e4:1e:34:5c:c2:57:fa:9b:0f:96:41:bc:93:
         8e:65:35:a5:5d:9e:13:c8:5f:db:0b:11:c8:d1:69:e7:5c:43:
         50:85:25:7c:08:7e:6b:c3:86:1b:e1:60:94:83:09:98:2c:91:
         d5:b3:c0:2a:33:21:a8:73:37:78:46:06:00:b3:a6:65:ca:da:
         22:1e:f8:fd:7a:f6:2b:8a:7a:7c:6b:34:91:5d:0c:b9:8c:c2:
         31:8a:9f:ac:ea:31:ff:f6:06:91:c6:f0:d2:29:54:44:63:b2:
         76:55:dd:77:6b:b0:69:cf:ba:6e:52:13:95:eb:ed:c7:2d:19:
         a1:03:39:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3RhAxefAp6ksBE1wByEkdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjIyMTU1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNkNTJlYTI1NmE3ZDg3NTkzMTAwODZjZjA4MjkxN2M4MjdlNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN4FHwiyERNyZGIWNkUOLft0h2u5
m/hwHspDYcMKYj8npFQkCv5Cl0c5g8svfAS8gGL8GO+h7IV3wNnBOc6ObX/sT8S4
O4n65/mjJlnUW3/uEDaRUR3sLYm8kHmRkgMUgKiAXqeSuGRid1Emw+VWc6QcOwcB
7FCJswnqsHQXlhA2Dh3FicF0Hef03x5ULtNYBtoZp2BPz6Nqf7+daTJ+UmgmIpp9
Pacz8pLKj+F5HJJNzW5qqD2FFNL8mUl9+GqdaXqa94izUMUOTfoashvEVCU7s57U
7UaoudJlqa+OJHJbHiFuCrrzq+wgS3TW7myL6G9OH1MnIO7rYTW+8Tb0twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDNUuolan2HWTEAhs8IKRfIJ+bJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRU0xUzZpVnFmWWRaTVFDR3p3Z3BGOGduNXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UcMA0G
CSqGSIb3DQEBCwUAA4IBAQA8FFWRCK3AxwGOuz4qD49dyi+qz6lZSBgwBEkhzL1C
+BsfynFt3d/GwIwzcANsr1k1Ix35klCmHhy9OuYzacaCPieprSvjFpEnkJlQc2iR
Dpokpce4FqkqGnvj0lqKLC5XOG65vO25MaFbbTYlJW1saTvjthUiZcqZ00R0slVQ
rOkSk+QeNFzCV/qbD5ZBvJOOZTWlXZ4TyF/bCxHI0WnnXENQhSV8CH5rw4Yb4WCU
gwmYLJHVs8AqMyGoczd4RgYAs6ZlytoiHvj9evYrinp8azSRXQy5jMIxip+s6jH/
9gaRxvDSKVREY7J2Vd13a7Bpz7puUhOV6+3HLRmhAznS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org