Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iG9t2bNellKlBRYkNL7IIKJ6tww.roa
File:                     iG9t2bNellKlBRYkNL7IIKJ6tww.roa (raw, json)
Hash identifier:          3EysRpiNTfV2ZyeakqIgopTiO725Q07I/AONhEef2I4=
Subject key identifier:   88:6F:6D:D9:B3:5E:96:52:A5:05:16:24:34:BE:C8:20:A2:7A:B7:0C
Certificate issuer:       /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial:       0189CC5D1195A4AE54B53A380F62BA51EEB4
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iG9t2bNellKlBRYkNL7IIKJ6tww.roa
Signing time:             Sun 06 Aug 2023 19:39:58 +0000
ROA not before:           Sun 06 Aug 2023 19:39:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207911
IP address blocks:        95.161.240.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:cc:5d:11:95:a4:ae:54:b5:3a:38:0f:62:ba:51:ee:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
        Validity
            Not Before: Aug  6 19:39:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=886f6dd9b35e9652a505162434bec820a27ab70c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ab:41:25:39:9e:d8:9f:db:92:a8:3d:34:51:
                    43:bf:1d:0d:ed:ce:43:ef:ef:7b:41:69:4e:bc:8c:
                    2a:04:fb:9b:69:6e:68:2d:39:68:dd:d0:26:eb:cf:
                    2b:35:a7:c0:b4:ca:dc:99:72:1b:ec:94:0f:a9:8e:
                    b1:ee:a1:c4:3d:a8:11:48:9a:04:bb:5a:d1:e7:a1:
                    31:c5:64:67:cb:37:9a:58:ff:bc:12:08:96:8e:89:
                    1e:6b:6c:ea:fd:85:77:a4:90:c1:2f:ab:b4:e7:0a:
                    b6:6c:50:4b:85:bd:03:1c:80:b9:fc:f0:de:83:4f:
                    d1:57:46:fd:d1:4a:8b:05:0e:50:15:c8:f0:cb:20:
                    2d:76:0f:e9:b7:93:51:20:6c:9d:19:5c:af:f1:80:
                    93:ac:65:46:3e:7b:ca:14:51:1f:35:97:36:ac:f9:
                    70:58:be:45:d3:2a:d5:1f:d2:e1:5d:e8:1f:53:28:
                    42:55:03:7f:c4:60:be:f5:cc:bc:f3:8c:ae:fc:2a:
                    60:97:d8:db:1a:48:b6:5a:c5:80:cf:b4:fa:10:31:
                    bf:b2:17:14:46:c5:43:75:43:32:e1:d3:38:68:a5:
                    85:bb:68:1d:18:9c:d0:9b:65:4a:1c:07:3b:d7:6b:
                    48:f1:df:9a:ce:fc:52:ca:8a:32:7f:27:9a:87:59:
                    23:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:6F:6D:D9:B3:5E:96:52:A5:05:16:24:34:BE:C8:20:A2:7A:B7:0C
            X509v3 Authority Key Identifier:
                keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iG9t2bNellKlBRYkNL7IIKJ6tww.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.161.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:ca:8b:e8:91:ed:f6:6e:6c:07:91:70:09:4e:92:af:b5:b7:
         b7:27:89:cb:c3:a2:ce:61:ef:85:7f:4c:3e:19:38:4a:cc:5a:
         99:a4:36:00:d2:ef:92:3a:4e:21:0d:46:57:da:8c:e0:ca:f7:
         a7:b2:6f:3f:44:49:bb:c0:fc:73:0f:25:aa:a7:8f:12:5c:14:
         d3:be:cb:df:de:68:b3:b7:cf:59:c3:b1:e2:ef:6e:96:55:73:
         54:f1:62:12:04:76:ee:8e:23:a9:94:e6:8b:73:37:62:ed:a5:
         62:6c:5e:32:c3:ee:30:f0:65:b1:83:62:5f:ea:bf:dd:a4:2e:
         53:44:dc:5f:5e:4e:80:6e:6c:55:11:95:96:b4:2b:da:95:ed:
         08:9b:38:f2:88:9c:b7:a1:47:4b:77:61:91:fa:4b:e8:69:55:
         84:95:d6:dc:c2:1a:76:41:ce:ac:28:61:11:bb:df:c8:8c:ff:
         78:e7:37:62:3e:d7:2f:64:1b:f0:c8:bd:dc:98:cf:d3:ad:dc:
         2a:8a:8e:36:d4:d5:48:32:28:a0:1e:fc:b9:b3:80:eb:6f:b5:
         05:b2:f6:35:a6:94:0f:75:3d:d2:e9:c3:7c:9a:ca:c4:bf:d5:
         08:fd:15:96:66:77:ab:4a:ad:e0:17:7a:df:e6:18:07:61:20:
         ef:cc:98:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnMXRGVpK5UtTo4D2K6Ue60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwODA2MTkzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZmNmRkOWIzNWU5NjUyYTUwNTE2MjQzNGJlYzgyMGEyN2FiNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiatBJTme2J/bkqg9NFFDvx0N7c5D
7+97QWlOvIwqBPubaW5oLTlo3dAm688rNafAtMrcmXIb7JQPqY6x7qHEPagRSJoE
u1rR56ExxWRnyzeaWP+8EgiWjokea2zq/YV3pJDBL6u05wq2bFBLhb0DHIC5/PDe
g0/RV0b90UqLBQ5QFcjwyyAtdg/pt5NRIGydGVyv8YCTrGVGPnvKFFEfNZc2rPlw
WL5F0yrVH9LhXegfUyhCVQN/xGC+9cy884yu/Cpgl9jbGki2WsWAz7T6EDG/shcU
RsVDdUMy4dM4aKWFu2gdGJzQm2VKHAc712tI8d+azvxSyooyfyeah1kjMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhvbdmzXpZSpQUWJDS+yCCiercMMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvaUc5dDJiTmVsbEtsQlJZa05MN0lJS0o2dHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6HwMA0G
CSqGSIb3DQEBCwUAA4IBAQBryovoke32bmwHkXAJTpKvtbe3J4nLw6LOYe+Ff0w+
GThKzFqZpDYA0u+SOk4hDUZX2ozgyvensm8/REm7wPxzDyWqp48SXBTTvsvf3miz
t89Zw7Hi726WVXNU8WISBHbujiOplOaLczdi7aVibF4yw+4w8GWxg2Jf6r/dpC5T
RNxfXk6AbmxVEZWWtCvale0ImzjyiJy3oUdLd2GR+kvoaVWEldbcwhp2Qc6sKGER
u9/IjP945zdiPtcvZBvwyL3cmM/Trdwqio421NVIMiigHvy5s4Drb7UFsvY1ppQP
dT3S6cN8msrEv9UI/RWWZnerSq3gF3rf5hgHYSDvzJie
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:56 2024 by rpki-client on console-fra.rpki-client.org