Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/q6JjwkKmcR6RVc4hadeI9i1FUZM.roa
File:                     q6JjwkKmcR6RVc4hadeI9i1FUZM.roa (raw, json)
Hash identifier:          /r3EIY5hNelPkchvvJVj9Gl9ztiXs/rXLs0XvOlqeY4=
Subject key identifier:   AB:A2:63:C2:42:A6:71:1E:91:55:CE:21:69:D7:88:F6:2D:45:51:93
Certificate issuer:       /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial:       0187D8FB095CE9F2C3B4CE1233C04C1490C4
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/q6JjwkKmcR6RVc4hadeI9i1FUZM.roa
Signing time:             Mon 01 May 2023 20:22:23 +0000
ROA not before:           Mon 01 May 2023 20:22:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.95.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 May 2023 18:50:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d8:fb:09:5c:e9:f2:c3:b4:ce:12:33:c0:4c:14:90:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
        Validity
            Not Before: May  1 20:22:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aba263c242a6711e9155ce2169d788f62d455193
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ec:cc:5b:4f:ca:57:3a:dd:91:4c:af:92:5d:
                    e5:71:a5:b2:ee:d5:1e:ed:d5:23:1e:ef:58:b1:c0:
                    6e:98:4e:51:fd:c6:76:24:da:98:23:93:b8:56:dd:
                    31:82:c1:fe:0a:b7:43:b0:9e:48:76:d9:11:aa:a2:
                    c1:d5:04:83:65:95:67:55:78:95:f0:e5:3a:2c:d4:
                    ca:8a:33:d6:51:15:7f:32:79:57:2b:3e:ff:bc:6d:
                    b8:be:b8:5e:90:23:93:aa:4d:91:7f:93:e4:85:ea:
                    53:a0:f4:93:f1:d7:85:f5:08:be:e3:9c:4f:68:67:
                    91:07:58:8a:81:7e:e7:9e:dd:18:da:58:b5:11:5f:
                    18:7f:98:cc:8b:bd:6a:49:7f:db:60:a2:d0:7f:5d:
                    32:07:42:91:5e:b6:7f:35:0e:a9:d8:d7:9d:ca:bb:
                    02:4c:03:15:66:6b:6c:b8:00:71:db:71:05:58:6c:
                    3e:60:0f:1e:1b:1f:d0:03:ee:7d:f7:c4:2d:6e:bc:
                    07:8b:e7:13:6f:4a:d2:e2:31:80:39:d5:ca:b2:1a:
                    c4:5f:a6:9f:72:d1:75:70:ed:34:9c:77:ec:a5:e5:
                    76:75:c9:04:86:fd:9a:c5:2b:48:1d:2d:5a:4b:fc:
                    12:f5:fb:00:64:c2:1c:9c:1f:70:86:a1:c6:d5:dd:
                    cd:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:A2:63:C2:42:A6:71:1E:91:55:CE:21:69:D7:88:F6:2D:45:51:93
            X509v3 Authority Key Identifier:
                keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/q6JjwkKmcR6RVc4hadeI9i1FUZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:3b:f2:28:2b:eb:ea:a6:fb:27:fc:de:3d:f5:ad:f1:f9:dc:
         9e:d5:f9:f4:f9:18:6f:15:a6:85:68:71:29:71:3a:72:c1:8f:
         99:00:9f:d0:6f:cb:c5:a8:7a:d8:49:69:02:e8:04:7c:97:ea:
         75:d0:38:5f:3c:9a:d8:c4:ff:b8:54:78:e1:d5:c4:81:93:17:
         e8:00:5b:d6:fb:dd:9a:27:39:50:ae:6b:f1:c9:ae:56:57:37:
         60:b2:f1:21:34:55:d6:c9:36:1f:b4:00:a0:87:3f:dc:c4:84:
         e0:a8:34:c2:20:5c:a6:54:44:f5:4d:e4:dc:f6:39:6f:0a:e0:
         3d:4c:d9:af:82:8e:63:d5:f2:5a:1c:36:0f:ec:1f:ee:14:68:
         85:1c:f6:3e:5a:2c:d1:0c:02:26:46:ac:b6:0c:6a:f9:fd:ce:
         8f:bd:19:06:30:fb:98:82:2f:a0:42:6d:af:cf:6a:a0:5e:c3:
         c6:e5:b1:ba:cc:2a:51:dd:1f:41:11:52:e2:a4:6e:b9:ea:b5:
         0a:46:bd:69:36:9d:26:b9:f8:b0:39:e9:54:d4:3d:12:27:59:
         5d:3a:a0:32:70:25:82:f2:d1:b0:37:9f:7b:42:89:c7:c7:63:
         e7:79:65:ec:5c:2e:ca:3a:3a:48:52:2b:a0:71:e7:ef:f0:7a:
         d7:a5:b7:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfY+wlc6fLDtM4SM8BMFJDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjMwNTAxMjAyMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmEyNjNjMjQyYTY3MTFlOTE1NWNlMjE2OWQ3ODhmNjJkNDU1MTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuzMW0/KVzrdkUyvkl3lcaWy7tUe
7dUjHu9YscBumE5R/cZ2JNqYI5O4Vt0xgsH+CrdDsJ5IdtkRqqLB1QSDZZVnVXiV
8OU6LNTKijPWURV/MnlXKz7/vG24vrhekCOTqk2Rf5PkhepToPST8deF9Qi+45xP
aGeRB1iKgX7nnt0Y2li1EV8Yf5jMi71qSX/bYKLQf10yB0KRXrZ/NQ6p2NedyrsC
TAMVZmtsuABx23EFWGw+YA8eGx/QA+5998QtbrwHi+cTb0rS4jGAOdXKshrEX6af
ctF1cO00nHfspeV2dckEhv2axStIHS1aS/wS9fsAZMIcnB9whqHG1d3NUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKuiY8JCpnEekVXOIWnXiPYtRVGTMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvcTZKandrS21jUjZSVmM0aGFkZUk5aTFGVVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/OMA0G
CSqGSIb3DQEBCwUAA4IBAQARO/IoK+vqpvsn/N499a3x+dye1fn0+RhvFaaFaHEp
cTpywY+ZAJ/Qb8vFqHrYSWkC6AR8l+p10DhfPJrYxP+4VHjh1cSBkxfoAFvW+92a
JzlQrmvxya5WVzdgsvEhNFXWyTYftACghz/cxITgqDTCIFymVET1TeTc9jlvCuA9
TNmvgo5j1fJaHDYP7B/uFGiFHPY+WizRDAImRqy2DGr5/c6PvRkGMPuYgi+gQm2v
z2qgXsPG5bG6zCpR3R9BEVLipG656rUKRr1pNp0mufiwOelU1D0SJ1ldOqAycCWC
8tGwN597QonHx2PneWXsXC7KOjpIUiugcefv8HrXpbff
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:47 2024 by rpki-client on console-fra.rpki-client.org