Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/b1UVuF36MjPImau3VtCsQh9TJBY.roa
File:                     b1UVuF36MjPImau3VtCsQh9TJBY.roa (raw, json)
Hash identifier:          AuQRkJExsJIv9lPz53T73RQyeOTD773SUDCaP3NoIkU=
Subject key identifier:   6F:55:15:B8:5D:FA:32:33:C8:99:AB:B7:56:D0:AC:42:1F:53:24:16
Certificate issuer:       /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial:       018CC72752090F81EDCC731EF5F7CA4DC5DE
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/b1UVuF36MjPImau3VtCsQh9TJBY.roa
Signing time:             Mon 01 Jan 2024 22:31:32 +0000
ROA not before:           Mon 01 Jan 2024 22:31:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        45.95.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 21:12:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:52:09:0f:81:ed:cc:73:1e:f5:f7:ca:4d:c5:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
        Validity
            Not Before: Jan  1 22:31:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6f5515b85dfa3233c899abb756d0ac421f532416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:20:ac:23:01:36:01:40:43:5c:6c:e6:09:a3:
                    b4:5d:57:d7:ca:c5:6b:b8:ad:fb:a4:1b:b1:be:55:
                    5d:60:4a:22:46:b4:f8:a9:2c:45:2d:e6:5d:38:3a:
                    92:1a:eb:e4:85:02:d7:30:0a:9c:f1:04:13:65:4c:
                    44:24:34:89:68:e1:62:3b:7c:24:7b:20:b7:21:39:
                    39:af:7a:6c:72:66:37:6f:ac:3d:2e:a9:d6:b6:4e:
                    7b:9a:ec:c4:d8:fc:0f:c2:0b:58:ab:36:1d:fe:25:
                    67:7b:9f:0c:90:4e:c6:bc:d5:ad:c9:a8:36:d2:da:
                    d3:1e:f0:94:f5:7e:ff:b3:c2:18:ba:72:85:2a:91:
                    51:c2:6b:d6:39:46:9c:65:01:23:9d:62:9e:3d:d8:
                    af:03:06:77:d8:1a:1a:bf:c6:80:e7:bd:6f:2e:0b:
                    ac:9e:5f:84:51:31:a3:30:7d:2b:b4:3f:89:01:d4:
                    c0:61:e5:a8:ec:8f:19:2a:db:2a:bb:91:ac:74:44:
                    57:8d:44:cf:88:4b:93:48:bb:e8:71:25:19:23:59:
                    cd:09:36:00:de:c9:6a:4e:97:f0:f5:65:e8:d0:ac:
                    5a:60:6c:f4:b5:5d:0d:61:31:54:0e:fe:0a:fa:9e:
                    43:21:69:10:fe:cb:17:a5:50:6d:c3:83:8e:8d:49:
                    99:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:55:15:B8:5D:FA:32:33:C8:99:AB:B7:56:D0:AC:42:1F:53:24:16
            X509v3 Authority Key Identifier:
                keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/b1UVuF36MjPImau3VtCsQh9TJBY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:51:ae:6c:d3:e5:ee:5a:57:48:76:f4:ca:21:79:23:b8:3f:
         04:0a:eb:2e:e3:16:b8:a2:13:65:ec:6a:10:0e:e0:a8:f2:39:
         b4:8a:b1:73:09:f1:90:fb:89:61:24:7f:42:e6:24:97:1e:41:
         a1:11:ec:2a:0e:2d:71:58:e1:55:44:4b:63:5b:72:63:25:92:
         0b:55:08:8d:17:f9:0f:a2:92:5e:c6:db:23:69:53:a7:b1:c2:
         26:db:eb:5b:51:b9:82:22:04:a4:6b:86:29:f5:cc:71:5a:6c:
         a8:77:6d:78:23:b2:68:89:f9:06:ab:1b:70:a9:79:80:c3:ab:
         58:3d:ce:96:39:49:c0:e0:94:6d:a7:0e:a6:07:1e:2b:5e:80:
         75:71:59:ff:f7:9c:99:1a:37:36:3f:8c:09:47:ee:99:d0:d9:
         36:6e:ca:32:1f:6b:d7:92:91:29:91:e1:75:dc:fe:9d:55:ca:
         fe:49:ad:94:ad:1a:24:2f:f3:8f:84:72:d1:12:03:0b:a9:f5:
         61:92:c4:45:5a:79:32:e9:d1:0c:0d:17:69:65:00:61:c8:1a:
         61:51:41:45:ee:14:b7:96:fe:88:fc:8c:52:c8:35:fd:47:ae:
         da:98:5f:65:d8:cc:a0:35:59:4c:46:12:5d:93:6f:ff:fc:d9:
         90:ce:1d:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ1IJD4HtzHMe9ffKTcXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjU1MTViODVkZmEzMjMzYzg5OWFiYjc1NmQwYWM0MjFmNTMyNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yCsIwE2AUBDXGzmCaO0XVfXysVr
uK37pBuxvlVdYEoiRrT4qSxFLeZdODqSGuvkhQLXMAqc8QQTZUxEJDSJaOFiO3wk
eyC3ITk5r3pscmY3b6w9LqnWtk57muzE2PwPwgtYqzYd/iVne58MkE7GvNWtyag2
0trTHvCU9X7/s8IYunKFKpFRwmvWOUacZQEjnWKePdivAwZ32Boav8aA571vLgus
nl+EUTGjMH0rtD+JAdTAYeWo7I8ZKtsqu5GsdERXjUTPiEuTSLvocSUZI1nNCTYA
3slqTpfw9WXo0KxaYGz0tV0NYTFUDv4K+p5DIWkQ/ssXpVBtw4OOjUmZGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG9VFbhd+jIzyJmrt1bQrEIfUyQWMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvYjFVVnVGMzZNalBJbWF1M1Z0Q3NRaDlUSkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/PMA0G
CSqGSIb3DQEBCwUAA4IBAQBqUa5s0+XuWldIdvTKIXkjuD8ECusu4xa4ohNl7GoQ
DuCo8jm0irFzCfGQ+4lhJH9C5iSXHkGhEewqDi1xWOFVREtjW3JjJZILVQiNF/kP
opJextsjaVOnscIm2+tbUbmCIgSka4Yp9cxxWmyod214I7JoifkGqxtwqXmAw6tY
Pc6WOUnA4JRtpw6mBx4rXoB1cVn/95yZGjc2P4wJR+6Z0Nk2bsoyH2vXkpEpkeF1
3P6dVcr+Sa2UrRokL/OPhHLREgMLqfVhksRFWnky6dEMDRdpZQBhyBphUUFF7hS3
lv6I/IxSyDX9R67amF9l2MygNVlMRhJdk2///NmQzh2h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:47 2024 by rpki-client on console-fra.rpki-client.org