Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/FNjLmda-IJCwlEH8rxDZMlcrht8.roa
File:                     FNjLmda-IJCwlEH8rxDZMlcrht8.roa (raw, json)
Hash identifier:          0HzjYWaeZr8yCbqM7Japl20ZqjJS/0FMJZ3UiDoz+oQ=
Subject key identifier:   14:D8:CB:99:D6:BE:20:90:B0:94:41:FC:AF:10:D9:32:57:2B:86:DF
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       018BDBC151915B36915330FADDE6DB299481
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/FNjLmda-IJCwlEH8rxDZMlcrht8.roa
Signing time:             Fri 17 Nov 2023 05:29:21 +0000
ROA not before:           Fri 17 Nov 2023 05:29:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        194.76.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 14:45:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:db:c1:51:91:5b:36:91:53:30:fa:dd:e6:db:29:94:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Nov 17 05:29:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=14d8cb99d6be2090b09441fcaf10d932572b86df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:7a:6e:4b:34:2a:01:3c:25:de:96:ad:f3:91:
                    ae:2e:9e:d4:4c:26:f8:b5:11:67:28:16:f0:47:33:
                    a6:eb:ab:6f:e1:42:d7:dd:db:a2:20:d2:f3:01:fb:
                    5f:82:e7:4e:a2:5e:83:cd:3b:9d:18:ab:bf:00:24:
                    6b:1e:96:be:98:05:17:5c:8e:d6:b8:67:21:f6:60:
                    19:89:a4:1c:71:5c:bd:90:8f:af:ea:85:5a:19:2f:
                    f1:3e:09:8b:02:a7:77:ba:bb:18:08:b0:d6:42:38:
                    d2:6d:80:eb:08:e1:e2:d2:12:bc:c0:97:ce:4d:0f:
                    35:b5:1e:58:d0:52:75:04:90:a6:76:e0:7b:05:67:
                    5d:c4:d6:68:eb:c0:be:3d:70:fb:09:10:ff:74:69:
                    e5:12:98:2f:9c:eb:3f:75:f8:ab:ea:68:f4:8f:b0:
                    03:bb:86:8c:8b:68:16:4b:ec:3c:3b:91:00:04:7d:
                    21:24:bb:da:82:29:1b:e2:2c:9f:6a:c6:2d:17:77:
                    86:f4:3d:67:0a:a5:60:09:1c:3e:dc:9e:00:8b:f5:
                    6e:d5:83:6d:4b:b6:95:83:40:ec:2b:85:a2:dd:93:
                    15:70:5d:53:2a:b5:83:02:5a:86:c6:a4:66:45:31:
                    18:6c:1b:ae:72:00:d0:a5:1a:14:72:c8:58:8d:66:
                    78:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D8:CB:99:D6:BE:20:90:B0:94:41:FC:AF:10:D9:32:57:2B:86:DF
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/FNjLmda-IJCwlEH8rxDZMlcrht8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:c2:ad:23:2c:bd:03:8a:aa:c9:f8:17:82:6f:19:ad:c9:ae:
         47:56:a2:8c:d1:22:06:d1:cf:5c:ef:94:d0:d6:18:24:95:33:
         5b:26:39:78:14:4b:5c:04:8a:b9:c5:e7:ea:f7:33:e8:94:fd:
         5c:ad:46:45:6f:75:0a:c4:53:86:50:c2:c2:70:bb:fa:06:d3:
         3c:27:6a:93:71:cb:62:94:3a:4a:2c:c3:66:64:78:47:11:e6:
         63:62:a2:f1:62:c5:da:94:37:dc:cb:60:75:91:23:bf:e0:5c:
         8b:51:31:96:b6:3d:cc:52:96:95:7a:f6:11:5d:82:4b:05:85:
         29:a3:a3:6e:1d:d9:4f:24:0f:dd:3c:20:ba:45:dc:96:af:69:
         4b:e0:fa:6e:51:61:9b:12:33:62:13:ae:3d:ea:08:32:b4:90:
         4c:e1:b7:2a:b1:b2:6a:77:14:54:33:11:6f:fc:c4:d5:15:ec:
         04:b3:b0:2a:f9:97:8b:89:e3:be:23:d5:38:a5:81:e2:7e:54:
         9a:ad:9d:dc:a6:e7:b4:0a:57:5d:17:9d:2d:c9:bc:be:63:8b:
         c4:10:ad:01:de:8b:d8:1f:86:c4:7c:c7:ca:87:23:e2:10:b7:
         44:8e:f0:07:10:49:21:1b:cf:87:26:e9:b0:9b:36:7c:84:82:
         e3:45:24:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvbwVGRWzaRUzD63ebbKZSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZWY5Njk0YWE0OGQ4MTI3OWU4ZWRlNDMwNzk1ZjI3Njhk
MmRkNTIwHhcNMjMxMTE3MDUyOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQ4Y2I5OWQ2YmUyMDkwYjA5NDQxZmNhZjEwZDkzMjU3MmI4NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3puSzQqATwl3pat85GuLp7UTCb4
tRFnKBbwRzOm66tv4ULX3duiINLzAftfgudOol6DzTudGKu/ACRrHpa+mAUXXI7W
uGch9mAZiaQccVy9kI+v6oVaGS/xPgmLAqd3ursYCLDWQjjSbYDrCOHi0hK8wJfO
TQ81tR5Y0FJ1BJCmduB7BWddxNZo68C+PXD7CRD/dGnlEpgvnOs/dfir6mj0j7AD
u4aMi2gWS+w8O5EABH0hJLvagikb4iyfasYtF3eG9D1nCqVgCRw+3J4Ai/Vu1YNt
S7aVg0DsK4Wi3ZMVcF1TKrWDAlqGxqRmRTEYbBuucgDQpRoUcshYjWZ4OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTYy5nWviCQsJRB/K8Q2TJXK4bfMB8GA1UdIwQY
MBaAFOHvlpSqSNgSeejt5DB5Xydo0t1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMt
YWRlZDFjNDY5ZWFmLzEvRk5qTG1kYS1JSkN3bEVIOHJ4RFpNbGNyaHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMtYWRlZDFjNDY5ZWFm
LzEvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkxzMA0G
CSqGSIb3DQEBCwUAA4IBAQBwwq0jLL0DiqrJ+BeCbxmtya5HVqKM0SIG0c9c75TQ
1hgklTNbJjl4FEtcBIq5xefq9zPolP1crUZFb3UKxFOGUMLCcLv6BtM8J2qTccti
lDpKLMNmZHhHEeZjYqLxYsXalDfcy2B1kSO/4FyLUTGWtj3MUpaVevYRXYJLBYUp
o6NuHdlPJA/dPCC6RdyWr2lL4PpuUWGbEjNiE6496ggytJBM4bcqsbJqdxRUMxFv
/MTVFewEs7Aq+ZeLieO+I9U4pYHiflSarZ3cpue0ClddF50tyby+Y4vEEK0B3ovY
H4bEfMfKhyPiELdEjvAHEEkhG8+HJumwmzZ8hILjRSTf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:07 2024 by rpki-client on console-ams.rpki-client.org