Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/Db5rbmLkhbhQJI_OWNnfGxBJISw.roa
File:                     Db5rbmLkhbhQJI_OWNnfGxBJISw.roa (raw, json)
Hash identifier:          wH5jByO+xo/+BKJs/67CUxijogzU9H3Cj/PZHx5mL/4=
Subject key identifier:   0D:BE:6B:6E:62:E4:85:B8:50:24:8F:CE:58:D9:DF:1B:10:49:21:2C
Certificate issuer:       /CN=aa8b798ce7adaeae9e70915ba2cbcf83fe65d9dd
Certificate serial:       01856C6EFB468D70AED04E47B8C8D800EDB7
Authority key identifier: AA:8B:79:8C:E7:AD:AE:AE:9E:70:91:5B:A2:CB:CF:83:FE:65:D9:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qot5jOetrq6ecJFbosvPg_5l2d0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/Db5rbmLkhbhQJI_OWNnfGxBJISw.roa
Signing time:             Sun 01 Jan 2023 08:24:50 +0000
ROA not before:           Sun 01 Jan 2023 08:24:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49063
IP address blocks:        95.181.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:fb:46:8d:70:ae:d0:4e:47:b8:c8:d8:00:ed:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa8b798ce7adaeae9e70915ba2cbcf83fe65d9dd
        Validity
            Not Before: Jan  1 08:24:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0dbe6b6e62e485b850248fce58d9df1b1049212c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:63:21:34:9b:a6:94:72:1c:e5:2f:6b:3d:10:
                    78:74:35:8e:15:73:f4:70:44:22:69:17:10:77:a1:
                    7f:66:3c:59:ee:b7:00:bc:16:6d:76:29:0b:93:0f:
                    88:9e:2d:71:9a:b7:66:22:b7:fa:91:4d:fc:ce:65:
                    24:25:41:fd:32:2f:be:59:48:6a:c3:1a:b0:12:df:
                    9b:1e:82:90:99:b3:06:a4:46:65:b8:f3:13:d9:11:
                    84:00:13:d3:a7:f7:d2:1a:51:35:ae:ce:14:8c:13:
                    ca:fc:b2:b4:18:a4:39:1e:6b:0a:01:f8:f9:3f:a0:
                    f2:0f:56:59:2a:09:fb:48:62:66:52:69:3f:f6:49:
                    4d:7a:bc:7d:d1:01:04:53:b6:5e:f7:38:84:b3:bf:
                    f5:7e:3b:eb:0e:fa:92:4d:51:0a:3c:36:f3:3a:70:
                    02:98:ff:fb:fd:5d:67:55:01:f4:70:b3:e5:ed:7a:
                    57:0d:f3:b1:03:f1:fa:27:e0:00:32:34:c7:3c:e7:
                    d2:1d:bd:85:ee:bb:d5:49:28:84:17:a5:fc:55:ca:
                    a7:b6:99:fd:21:e0:2f:61:c3:e8:0a:92:d6:e4:33:
                    70:da:7d:02:60:4e:21:b4:9e:c9:5d:50:54:5b:d5:
                    09:9d:dd:6e:34:f6:de:f0:f8:34:4e:cd:4f:a9:7b:
                    bb:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:BE:6B:6E:62:E4:85:B8:50:24:8F:CE:58:D9:DF:1B:10:49:21:2C
            X509v3 Authority Key Identifier:
                keyid:AA:8B:79:8C:E7:AD:AE:AE:9E:70:91:5B:A2:CB:CF:83:FE:65:D9:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qot5jOetrq6ecJFbosvPg_5l2d0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/Db5rbmLkhbhQJI_OWNnfGxBJISw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/qot5jOetrq6ecJFbosvPg_5l2d0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:24:56:96:6b:e9:10:78:54:93:75:d1:0d:80:a3:5d:e2:e8:
         6f:a6:91:ae:15:0f:de:df:81:fb:93:89:fb:f9:89:ab:12:9b:
         55:28:60:94:66:22:d8:0b:d9:8e:23:50:64:5c:a9:57:84:e0:
         7d:7f:e1:95:97:6b:b7:eb:44:da:97:d5:c7:64:66:03:d7:b4:
         fb:e4:71:f1:50:4a:53:a5:05:82:26:6d:ee:c1:6c:e3:db:1e:
         6a:95:6f:93:87:10:9a:43:79:3b:27:76:3a:4c:d9:6f:52:8c:
         84:42:9a:65:34:7d:df:3d:a7:03:e9:e1:8a:82:2a:10:37:2d:
         06:fb:56:68:eb:9a:1f:66:23:79:27:95:38:d1:73:e9:6c:8e:
         4b:6d:9c:b6:d7:af:5e:64:9b:a4:73:0f:fc:12:6d:9a:73:b2:
         74:f0:d8:08:88:b0:4b:f5:6f:2b:bf:a6:29:52:4f:52:d3:70:
         7f:78:ac:db:d2:b5:25:ea:5e:f1:a0:b6:3c:f5:cb:3a:58:0c:
         85:97:32:b6:7a:0d:a1:94:31:cb:86:63:1b:ba:82:c0:4f:64:
         4c:cf:b1:ab:d9:3c:49:6f:b5:8e:96:cd:44:2d:43:3e:59:c4:
         66:a2:57:91:e8:2c:e5:e0:e7:f1:06:f6:cc:b5:bc:f6:6f:1c:
         7e:04:be:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvtGjXCu0E5HuMjYAO23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOGI3OThjZTdhZGFlYWU5ZTcwOTE1YmEyY2JjZjgzZmU2
NWQ5ZGQwHhcNMjMwMTAxMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJlNmI2ZTYyZTQ4NWI4NTAyNDhmY2U1OGQ5ZGYxYjEwNDkyMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWMhNJumlHIc5S9rPRB4dDWOFXP0
cEQiaRcQd6F/ZjxZ7rcAvBZtdikLkw+Ini1xmrdmIrf6kU38zmUkJUH9Mi++WUhq
wxqwEt+bHoKQmbMGpEZluPMT2RGEABPTp/fSGlE1rs4UjBPK/LK0GKQ5HmsKAfj5
P6DyD1ZZKgn7SGJmUmk/9klNerx90QEEU7Ze9ziEs7/1fjvrDvqSTVEKPDbzOnAC
mP/7/V1nVQH0cLPl7XpXDfOxA/H6J+AAMjTHPOfSHb2F7rvVSSiEF6X8Vcqntpn9
IeAvYcPoCpLW5DNw2n0CYE4htJ7JXVBUW9UJnd1uNPbe8Pg0Ts1PqXu7kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2+a25i5IW4UCSPzljZ3xsQSSEsMB8GA1UdIwQY
MBaAFKqLeYznra6unnCRW6LLz4P+ZdndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW90NWpPZXRycTZlY0pGYm9zdlBnXzVsMmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hMWY5ZGYtYzQ4ZS00OTdmLWFkMzMt
ODJmYWY4ZjNiMTgwLzEvRGI1cmJtTGtoYmhRSklfT1dObmZHeEJKSVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hMWY5ZGYtYzQ4ZS00OTdmLWFkMzMtODJmYWY4ZjNiMTgw
LzEvcW90NWpPZXRycTZlY0pGYm9zdlBnXzVsMmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7XGMA0G
CSqGSIb3DQEBCwUAA4IBAQBdJFaWa+kQeFSTddENgKNd4uhvppGuFQ/e34H7k4n7
+YmrEptVKGCUZiLYC9mOI1BkXKlXhOB9f+GVl2u360Tal9XHZGYD17T75HHxUEpT
pQWCJm3uwWzj2x5qlW+ThxCaQ3k7J3Y6TNlvUoyEQpplNH3fPacD6eGKgioQNy0G
+1Zo65ofZiN5J5U40XPpbI5LbZy2169eZJukcw/8Em2ac7J08NgIiLBL9W8rv6Yp
Uk9S03B/eKzb0rUl6l7xoLY89cs6WAyFlzK2eg2hlDHLhmMbuoLAT2RMz7Gr2TxJ
b7WOls1ELUM+WcRmoleR6Czl4OfxBvbMtbz2bxx+BL6v
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:21 2024 by rpki-client on console-ams.rpki-client.org