Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/y3gu1HiCnt4qodJ6xvPCX4BaQPA.roa
File:                     y3gu1HiCnt4qodJ6xvPCX4BaQPA.roa (raw, json)
Hash identifier:          Bz/5Csgrayr9hM+piwbNaGWj34sEFeXWn3QMm6dOMh8=
Subject key identifier:   CB:78:2E:D4:78:82:9E:DE:2A:A1:D2:7A:C6:F3:C2:5F:80:5A:40:F0
Certificate issuer:       /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial:       018571309C3798AAAD5EE6968CD1468C708E
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/y3gu1HiCnt4qodJ6xvPCX4BaQPA.roa
Signing time:             Mon 02 Jan 2023 06:34:49 +0000
ROA not before:           Mon 02 Jan 2023 06:34:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        95.161.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:30:9c:37:98:aa:ad:5e:e6:96:8c:d1:46:8c:70:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
        Validity
            Not Before: Jan  2 06:34:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb782ed478829ede2aa1d27ac6f3c25f805a40f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:13:78:cf:24:95:db:6a:b9:a6:65:c2:a4:cd:
                    26:69:8c:ad:35:17:b7:ae:ec:d5:1e:3b:4d:d0:fc:
                    fd:ae:fa:29:da:d7:bd:69:7a:e1:41:c0:38:10:9f:
                    45:02:82:ea:1c:97:91:3b:dd:f5:35:ea:6c:19:2c:
                    c9:02:30:fd:5a:42:03:2b:d9:d3:e2:fb:1b:ea:da:
                    71:85:b3:eb:49:fd:ce:65:60:e9:c3:05:d1:25:64:
                    8b:bb:63:22:46:19:cc:35:f3:42:e7:74:02:61:b5:
                    ba:68:ea:2f:7f:f2:9d:48:58:42:6d:e5:dd:b2:27:
                    0f:89:29:c1:04:a0:61:1f:57:94:37:7a:34:9e:68:
                    d2:87:26:1d:bd:08:c4:7c:47:93:6d:40:78:e3:94:
                    8e:50:25:53:2f:ba:9e:0f:76:61:13:55:c6:0e:fa:
                    3e:62:fd:26:e7:80:a0:40:da:ed:35:38:35:aa:be:
                    7d:65:05:f4:57:d7:2a:00:81:d7:30:a9:87:ed:45:
                    68:5e:1f:92:63:5e:59:56:d2:d9:8b:06:8a:6b:1e:
                    85:00:ae:c0:98:da:aa:eb:e0:de:c0:50:77:db:da:
                    65:4d:ef:28:71:f6:0a:8f:68:af:2c:64:e9:ef:71:
                    5e:70:5e:56:f3:00:b5:e4:ff:58:fe:34:9b:05:86:
                    70:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:78:2E:D4:78:82:9E:DE:2A:A1:D2:7A:C6:F3:C2:5F:80:5A:40:F0
            X509v3 Authority Key Identifier:
                keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/y3gu1HiCnt4qodJ6xvPCX4BaQPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.161.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:c3:9e:90:82:0f:04:d2:61:42:e0:5f:66:b7:dc:f0:23:77:
         66:31:76:09:24:8b:12:4d:4c:66:9e:ef:00:88:f9:94:3b:87:
         c3:57:eb:40:45:b1:ad:06:93:e8:24:f7:1f:94:81:e8:57:c2:
         07:49:59:01:25:83:e3:93:6b:72:3b:80:6b:c8:15:61:02:81:
         0f:6b:e5:58:08:2e:54:92:9a:e1:ff:f6:fd:89:a2:13:60:92:
         59:93:55:08:b5:04:8e:e1:5c:f8:97:5c:8c:7b:55:03:b8:62:
         1a:17:bb:15:b0:81:96:dc:02:06:b2:d4:a1:ed:80:e5:27:0f:
         eb:47:9e:74:04:0b:c7:8a:30:d6:d8:77:81:83:e5:a1:25:a5:
         a8:c2:f2:f8:03:32:85:30:63:00:6e:03:34:9a:a6:ee:61:66:
         bb:d4:30:2b:dc:55:d4:c9:93:4f:d0:3d:fd:60:96:fd:58:d1:
         67:3c:cb:da:70:07:71:dd:7b:fd:44:19:c2:8d:9e:95:56:40:
         63:fa:09:e9:d2:19:9e:5c:ef:95:21:ae:80:13:b3:fc:7b:2c:
         9d:3f:b3:2b:41:c1:34:f2:23:61:60:1e:a8:e0:f9:9b:b2:7d:
         c1:15:7f:bc:c6:d5:d4:05:51:0f:4c:6a:ab:9f:2a:f8:3f:d1:
         44:cb:13:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMJw3mKqtXuaWjNFGjHCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwMTAyMDYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjc4MmVkNDc4ODI5ZWRlMmFhMWQyN2FjNmYzYzI1ZjgwNWE0MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRN4zySV22q5pmXCpM0maYytNRe3
ruzVHjtN0Pz9rvop2te9aXrhQcA4EJ9FAoLqHJeRO931NepsGSzJAjD9WkIDK9nT
4vsb6tpxhbPrSf3OZWDpwwXRJWSLu2MiRhnMNfNC53QCYbW6aOovf/KdSFhCbeXd
sicPiSnBBKBhH1eUN3o0nmjShyYdvQjEfEeTbUB445SOUCVTL7qeD3ZhE1XGDvo+
Yv0m54CgQNrtNTg1qr59ZQX0V9cqAIHXMKmH7UVoXh+SY15ZVtLZiwaKax6FAK7A
mNqq6+DewFB329plTe8ocfYKj2ivLGTp73FecF5W8wC15P9Y/jSbBYZwpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMt4LtR4gp7eKqHSesbzwl+AWkDwMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEveTNndTFIaUNudDRxb2RKNnh2UENYNEJhUVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6FRMA0G
CSqGSIb3DQEBCwUAA4IBAQBww56Qgg8E0mFC4F9mt9zwI3dmMXYJJIsSTUxmnu8A
iPmUO4fDV+tARbGtBpPoJPcflIHoV8IHSVkBJYPjk2tyO4BryBVhAoEPa+VYCC5U
kprh//b9iaITYJJZk1UItQSO4Vz4l1yMe1UDuGIaF7sVsIGW3AIGstSh7YDlJw/r
R550BAvHijDW2HeBg+WhJaWowvL4AzKFMGMAbgM0mqbuYWa71DAr3FXUyZNP0D39
YJb9WNFnPMvacAdx3Xv9RBnCjZ6VVkBj+gnp0hmeXO+VIa6AE7P8eyydP7MrQcE0
8iNhYB6o4Pmbsn3BFX+8xtXUBVEPTGqrnyr4P9FEyxN9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:56 2024 by rpki-client on console-fra.rpki-client.org