Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mbeDbcxUfncpczycJN1yV78dwhY.roa
File:                     mbeDbcxUfncpczycJN1yV78dwhY.roa (raw, json)
Hash identifier:          Ii0vayHvhqsKM9IpMecOxLajr4C+qkoWbGRQv5acgO4=
Subject key identifier:   99:B7:83:6D:CC:54:7E:77:29:73:3C:9C:24:DD:72:57:BF:1D:C2:16
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01856F6711DC9C1B919A20A740D6D2D6A908
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mbeDbcxUfncpczycJN1yV78dwhY.roa
Signing time:             Sun 01 Jan 2023 22:15:03 +0000
ROA not before:           Sun 01 Jan 2023 22:15:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211138
IP address blocks:        195.58.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Apr 2023 16:17:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:67:11:dc:9c:1b:91:9a:20:a7:40:d6:d2:d6:a9:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 22:15:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99b7836dcc547e7729733c9c24dd7257bf1dc216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d9:d7:17:7d:87:d0:54:e3:b2:d1:38:07:72:
                    08:84:e1:cc:af:c3:c8:1a:2a:b1:33:cf:0c:fb:d9:
                    02:63:83:20:aa:e2:7a:3d:75:7b:2e:35:99:aa:0d:
                    d1:31:4c:86:95:22:01:13:c3:08:cc:75:18:56:80:
                    4c:49:7e:4e:91:ce:97:07:d1:d8:aa:60:91:bc:ba:
                    2e:94:7f:df:8b:7e:39:c3:f1:47:55:49:5b:4e:df:
                    eb:95:6c:86:82:e1:01:10:7a:78:5e:2c:39:22:8d:
                    c5:1c:17:d4:c5:54:ee:0f:d5:d3:ac:e0:10:3d:28:
                    4b:de:27:93:25:ba:aa:66:8b:c1:0c:c7:d7:06:90:
                    59:92:ba:aa:4e:db:9b:e4:d7:63:37:a0:6a:f8:5e:
                    55:fa:b5:12:55:37:17:1c:56:2f:2f:ac:74:6a:2e:
                    ac:3a:d2:35:71:7d:80:62:7b:be:6b:6e:6a:05:85:
                    4b:1c:bf:91:78:31:da:b7:25:47:81:ee:be:bd:f0:
                    43:d9:53:81:91:c6:b6:4a:6f:a2:7b:2e:66:4a:70:
                    2a:12:ea:ca:da:f7:e7:b5:8a:d5:52:29:c8:f2:76:
                    ae:6c:bf:2d:19:8e:74:c0:bb:91:e4:01:f1:60:ca:
                    53:e1:6e:e9:45:e7:25:40:58:a4:8b:97:db:b7:f2:
                    bf:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:B7:83:6D:CC:54:7E:77:29:73:3C:9C:24:DD:72:57:BF:1D:C2:16
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mbeDbcxUfncpczycJN1yV78dwhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.58.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:c1:a7:3c:9e:23:0b:24:7c:c9:74:87:c3:05:32:dc:06:37:
         50:41:72:c1:dd:9e:0f:c3:1d:18:08:0a:9b:3c:b0:59:89:e6:
         f3:12:36:f1:cd:1b:8b:72:b4:97:8c:b8:9f:cf:82:7b:58:9c:
         61:10:ef:a5:64:c1:8f:ee:93:5a:cb:d4:2c:f9:29:2d:20:9d:
         47:f4:00:09:fa:97:2e:ba:45:20:fd:5f:0b:04:d1:ec:61:1c:
         b2:ca:54:bf:0e:5d:0e:3f:5b:85:ac:4a:3d:59:83:b0:20:80:
         73:c4:e8:9a:05:e2:74:64:ee:cb:e2:e0:51:b7:06:13:11:77:
         e4:20:7d:1e:6f:61:37:f5:a2:e1:a5:7e:f7:d3:74:30:2b:36:
         58:95:a6:89:41:7f:0b:06:9e:11:77:cc:ff:0c:71:f9:19:01:
         57:bf:a1:13:aa:11:3f:7a:b5:be:a8:a7:6b:2e:67:ed:c0:5e:
         da:96:55:b8:5a:ad:f3:9e:ec:e4:cf:ca:ce:b6:87:a2:69:15:
         93:cd:10:08:a9:21:94:22:68:8b:f7:b0:94:30:df:7f:95:bc:
         27:d9:28:97:15:00:06:d6:f2:91:57:e8:7d:d9:f0:05:ca:64:
         06:4e:b0:c0:5d:5a:0a:9d:be:66:97:34:20:6d:60:f4:ed:63:
         d4:72:1a:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZxHcnBuRmiCnQNbS1qkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWI3ODM2ZGNjNTQ3ZTc3Mjk3MzNjOWMyNGRkNzI1N2JmMWRjMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9nXF32H0FTjstE4B3IIhOHMr8PI
GiqxM88M+9kCY4MgquJ6PXV7LjWZqg3RMUyGlSIBE8MIzHUYVoBMSX5Okc6XB9HY
qmCRvLoulH/fi345w/FHVUlbTt/rlWyGguEBEHp4Xiw5Io3FHBfUxVTuD9XTrOAQ
PShL3ieTJbqqZovBDMfXBpBZkrqqTtub5NdjN6Bq+F5V+rUSVTcXHFYvL6x0ai6s
OtI1cX2AYnu+a25qBYVLHL+ReDHatyVHge6+vfBD2VOBkca2Sm+iey5mSnAqEurK
2vfntYrVUinI8naubL8tGY50wLuR5AHxYMpT4W7pReclQFiki5fbt/K/mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJm3g23MVH53KXM8nCTdcle/HcIWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbWJlRGJjeFVmbmNwY3p5Y0pOMXlWNzhkd2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzonMA0G
CSqGSIb3DQEBCwUAA4IBAQCHwac8niMLJHzJdIfDBTLcBjdQQXLB3Z4Pwx0YCAqb
PLBZiebzEjbxzRuLcrSXjLifz4J7WJxhEO+lZMGP7pNay9Qs+SktIJ1H9AAJ+pcu
ukUg/V8LBNHsYRyyylS/Dl0OP1uFrEo9WYOwIIBzxOiaBeJ0ZO7L4uBRtwYTEXfk
IH0eb2E39aLhpX7303QwKzZYlaaJQX8LBp4Rd8z/DHH5GQFXv6ETqhE/erW+qKdr
LmftwF7allW4Wq3znuzkz8rOtoeiaRWTzRAIqSGUImiL97CUMN9/lbwn2SiXFQAG
1vKRV+h92fAFymQGTrDAXVoKnb5mlzQgbWD07WPUcho2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org