Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/oZyPmrnbTkzg5vr3mGZOtM35vEw.roa
File:                     oZyPmrnbTkzg5vr3mGZOtM35vEw.roa (raw, json)
Hash identifier:          9sNwNVI2f0d6BGFmfRJ/FfIKgXq496XePk79/cJ2Q+Q=
Subject key identifier:   A1:9C:8F:9A:B9:DB:4E:4C:E0:E6:FA:F7:98:66:4E:B4:CD:F9:BC:4C
Certificate issuer:       /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial:       0189E4041566CCBEB6C18411695173B2A32B
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/oZyPmrnbTkzg5vr3mGZOtM35vEw.roa
Signing time:             Fri 11 Aug 2023 09:53:40 +0000
ROA not before:           Fri 11 Aug 2023 09:53:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.95.206.0/24 maxlen: 24
                          45.95.205.0/24 maxlen: 24
                          45.95.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 22:15:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e4:04:15:66:cc:be:b6:c1:84:11:69:51:73:b2:a3:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
        Validity
            Not Before: Aug 11 09:53:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a19c8f9ab9db4e4ce0e6faf798664eb4cdf9bc4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:06:a3:9f:62:8e:98:ac:30:52:38:49:15:3c:
                    f3:38:f5:91:b5:da:79:1a:b9:d4:e2:d7:ec:c4:5e:
                    b2:c4:66:b2:9c:d0:ae:0c:cd:67:e6:20:43:c0:89:
                    97:2f:e9:63:81:16:68:66:3f:9c:bb:29:c2:fe:43:
                    c6:4e:31:cd:16:2c:11:4e:d0:40:e8:73:be:3f:ff:
                    69:a6:09:4c:7c:45:dc:55:6e:a0:fe:25:f0:8b:b3:
                    61:d2:b5:46:97:7c:03:97:50:0d:39:e3:a6:f1:e7:
                    b3:8b:ce:af:db:7a:45:f9:7c:ab:3f:63:60:b8:03:
                    57:44:65:35:d1:81:9e:1b:72:8b:92:91:71:43:47:
                    c5:51:0d:1b:ac:10:85:9f:f1:17:3b:84:45:bb:4a:
                    ad:62:4b:b4:78:0e:e4:9a:7e:0a:1d:4b:cd:4f:63:
                    10:f7:4e:c9:91:d8:ca:17:1d:fe:aa:a6:ac:6c:46:
                    ec:a8:52:f1:4d:81:9c:28:f8:59:95:29:ec:fb:0d:
                    87:92:d5:4b:f9:b8:c8:1d:c5:03:22:ee:81:4c:54:
                    6a:3b:5c:91:82:41:36:f7:29:6a:f1:23:ea:f0:9a:
                    58:45:91:84:29:9c:50:89:73:2b:d2:47:36:1b:96:
                    79:17:73:c3:5d:bb:66:85:5c:20:ee:f6:f6:d0:68:
                    4d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:9C:8F:9A:B9:DB:4E:4C:E0:E6:FA:F7:98:66:4E:B4:CD:F9:BC:4C
            X509v3 Authority Key Identifier:
                keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/oZyPmrnbTkzg5vr3mGZOtM35vEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.205.0-45.95.207.255

    Signature Algorithm: sha256WithRSAEncryption
         9a:63:1d:f1:8c:fd:5a:32:54:93:38:1a:ba:2c:c4:47:c7:40:
         03:ce:de:ac:28:89:cb:89:ce:fc:62:18:70:84:dd:50:ea:14:
         8e:b7:d2:e2:0c:ff:e4:e8:5b:27:88:35:f3:70:57:be:bb:cc:
         00:a2:f0:0a:57:25:16:4c:e7:88:74:9d:b5:05:5f:51:fd:22:
         a7:63:c3:5f:af:34:49:a1:8d:83:ac:ec:c4:98:b6:82:6f:71:
         ef:8f:b4:a9:ac:84:98:ac:73:8f:58:15:2e:ca:cd:b1:25:4a:
         26:eb:e3:db:da:1c:ff:68:d8:3d:a3:20:26:e2:73:84:5f:3f:
         f7:8e:e0:7b:ad:78:0b:12:67:55:72:07:f8:b1:ba:d1:b0:6d:
         49:73:5b:5a:4d:db:ee:7e:7e:72:e2:cd:48:9d:41:c5:2e:e5:
         c8:66:2f:ef:7c:8c:11:b4:9e:27:01:64:35:11:ab:81:86:58:
         20:f9:3a:05:7c:05:36:77:5f:e9:18:62:16:55:cb:23:09:7d:
         d0:1d:62:a9:3e:8b:d8:e7:19:bf:83:07:90:4b:0f:cc:55:1a:
         c3:93:66:c8:c8:2e:de:5f:4e:b1:7a:b3:ee:2e:8a:91:e1:ed:
         be:c3:d9:62:18:5b:9c:29:78:0e:41:0d:54:90:5d:73:6f:72:
         bc:93:8a:a8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYnkBBVmzL62wYQRaVFzsqMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjMwODExMDk1MzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTljOGY5YWI5ZGI0ZTRjZTBlNmZhZjc5ODY2NGViNGNkZjliYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAajn2KOmKwwUjhJFTzzOPWRtdp5
GrnU4tfsxF6yxGaynNCuDM1n5iBDwImXL+ljgRZoZj+cuynC/kPGTjHNFiwRTtBA
6HO+P/9ppglMfEXcVW6g/iXwi7Nh0rVGl3wDl1ANOeOm8eezi86v23pF+XyrP2Ng
uANXRGU10YGeG3KLkpFxQ0fFUQ0brBCFn/EXO4RFu0qtYku0eA7kmn4KHUvNT2MQ
907JkdjKFx3+qqasbEbsqFLxTYGcKPhZlSns+w2HktVL+bjIHcUDIu6BTFRqO1yR
gkE29ylq8SPq8JpYRZGEKZxQiXMr0kc2G5Z5F3PDXbtmhVwg7vb20GhNwwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKGcj5q5205M4Ob695hmTrTN+bxMMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvb1p5UG1ybmJUa3pnNXZyM21HWk90TTM1dkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtX80D
BAQtX8AwDQYJKoZIhvcNAQELBQADggEBAJpjHfGM/VoyVJM4GrosxEfHQAPO3qwo
icuJzvxiGHCE3VDqFI630uIM/+ToWyeINfNwV767zACi8ApXJRZM54h0nbUFX1H9
Iqdjw1+vNEmhjYOs7MSYtoJvce+PtKmshJisc49YFS7KzbElSibr49vaHP9o2D2j
ICbic4RfP/eO4HuteAsSZ1VyB/ixutGwbUlzW1pN2+5+fnLizUidQcUu5chmL+98
jBG0nicBZDURq4GGWCD5OgV8BTZ3X+kYYhZVyyMJfdAdYqk+i9jnGb+DB5BLD8xV
GsOTZsjILt5fTrF6s+4uipHh7b7D2WIYW5wpeA5BDVSQXXNvcryTiqg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:47 2024 by rpki-client on console-fra.rpki-client.org