Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d6dbd8-6466-48d0-a597-3ec447310dfb/1/_PmwOFd6jQ3M1TbIVNuyr1p_wU4.roa
File:                     _PmwOFd6jQ3M1TbIVNuyr1p_wU4.roa (raw, json)
Hash identifier:          7Klwg+ijd9MO5QmJSzYU2TzGtngQPuIxK1VYVYREfw0=
Subject key identifier:   FC:F9:B0:38:57:7A:8D:0D:CC:D5:36:C8:54:DB:B2:AF:5A:7F:C1:4E
Certificate issuer:       /CN=5f82ae9a304ac082c18a2891666f64cee81d5ca8
Certificate serial:       01856DD41ED9BFF76E55C08AD77DE3EF7E04
Authority key identifier: 5F:82:AE:9A:30:4A:C0:82:C1:8A:28:91:66:6F:64:CE:E8:1D:5C:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X4KumjBKwILBiiiRZm9kzugdXKg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d6dbd8-6466-48d0-a597-3ec447310dfb/1/_PmwOFd6jQ3M1TbIVNuyr1p_wU4.roa
Signing time:             Sun 01 Jan 2023 14:54:56 +0000
ROA not before:           Sun 01 Jan 2023 14:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35773
IP address blocks:        195.214.248.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:1e:d9:bf:f7:6e:55:c0:8a:d7:7d:e3:ef:7e:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f82ae9a304ac082c18a2891666f64cee81d5ca8
        Validity
            Not Before: Jan  1 14:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fcf9b038577a8d0dccd536c854dbb2af5a7fc14e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5e:da:fa:fa:cf:fe:c6:65:a7:d1:90:db:a8:
                    a9:ed:19:37:89:10:96:14:60:7d:3a:02:6a:55:0f:
                    b5:6c:90:16:68:14:72:bd:ab:16:32:b5:95:cb:69:
                    bf:18:37:61:9e:15:78:04:49:02:ab:bd:1e:4f:ff:
                    ab:dd:46:9c:8f:4a:8d:45:11:cd:ec:33:c7:d2:27:
                    89:44:61:c9:af:2b:bd:34:5f:3f:1b:25:d0:05:5a:
                    e8:32:03:a7:2c:4d:f0:72:0b:73:4a:fa:00:95:bc:
                    43:04:2b:25:c7:bc:11:78:ba:2a:0f:04:7f:bb:5d:
                    6a:c6:c0:f4:25:74:91:a4:32:b7:46:13:33:0a:07:
                    9e:25:1e:45:e7:a0:e9:3d:f7:3a:07:92:15:99:07:
                    85:81:01:78:d5:8b:f1:2c:01:2b:5e:28:c5:54:d4:
                    67:fa:85:b8:a7:f4:3b:b6:48:2e:77:d6:3a:20:ae:
                    05:c9:d7:42:44:0d:a5:c3:e1:99:cc:f8:40:ee:99:
                    4d:57:6f:67:7a:34:95:e3:90:0c:fa:1c:3e:ab:6e:
                    20:de:47:bc:52:88:01:ee:b1:98:81:64:81:2f:98:
                    41:36:67:31:aa:70:1f:7c:9f:aa:f0:96:95:08:46:
                    ac:2a:c9:56:11:5b:d2:f2:5b:db:65:bb:12:b2:b3:
                    e0:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:F9:B0:38:57:7A:8D:0D:CC:D5:36:C8:54:DB:B2:AF:5A:7F:C1:4E
            X509v3 Authority Key Identifier:
                keyid:5F:82:AE:9A:30:4A:C0:82:C1:8A:28:91:66:6F:64:CE:E8:1D:5C:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X4KumjBKwILBiiiRZm9kzugdXKg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d6dbd8-6466-48d0-a597-3ec447310dfb/1/_PmwOFd6jQ3M1TbIVNuyr1p_wU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d6dbd8-6466-48d0-a597-3ec447310dfb/1/X4KumjBKwILBiiiRZm9kzugdXKg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.214.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2f:df:9f:15:a3:48:70:c7:d3:0c:52:79:6b:18:0f:75:b4:5f:
         50:cb:51:c8:5d:68:f8:ce:4c:5c:e2:ee:7c:6f:d1:77:4b:43:
         c0:55:09:7e:32:39:a9:23:c3:1a:f8:45:b8:02:84:78:de:f6:
         f8:23:43:04:08:3a:7c:2c:78:5c:da:c9:1f:e6:2b:ac:cb:58:
         46:95:49:0a:64:ae:f2:ec:fd:2c:1c:2c:6a:34:d3:80:4e:f4:
         23:1a:9c:5f:92:73:d4:d6:f1:4b:b5:e8:e8:63:73:12:a0:e3:
         60:f0:38:e8:a2:bc:9f:3a:d5:eb:95:79:b1:03:bf:e7:83:3e:
         1f:38:83:bc:a2:6b:8c:3e:ea:50:22:da:66:71:a8:0c:cf:47:
         a5:a3:ec:08:61:04:a8:a2:e7:e4:4c:33:43:8a:2a:82:3b:e0:
         30:d7:a0:d8:cb:15:fc:0d:49:3e:23:7c:d9:48:34:17:3b:6a:
         de:47:4b:55:f5:c3:3e:86:02:b5:d8:d6:ad:04:9d:b5:18:5f:
         ee:94:c8:8d:35:cd:2c:61:3a:ad:8d:b6:8b:64:e7:07:fe:37:
         56:f6:ea:d9:b7:52:1c:22:1a:d6:d0:9d:29:95:d0:e2:45:52:
         05:4b:f9:bb:94:85:ad:26:d4:85:d8:89:eb:e2:3b:72:76:34:
         35:a1:42:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1B7Zv/duVcCK133j734EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmODJhZTlhMzA0YWMwODJjMThhMjg5MTY2NmY2NGNlZTgx
ZDVjYTgwHhcNMjMwMTAxMTQ1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y5YjAzODU3N2E4ZDBkY2NkNTM2Yzg1NGRiYjJhZjVhN2ZjMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV7a+vrP/sZlp9GQ26ip7Rk3iRCW
FGB9OgJqVQ+1bJAWaBRyvasWMrWVy2m/GDdhnhV4BEkCq70eT/+r3Uacj0qNRRHN
7DPH0ieJRGHJryu9NF8/GyXQBVroMgOnLE3wcgtzSvoAlbxDBCslx7wReLoqDwR/
u11qxsD0JXSRpDK3RhMzCgeeJR5F56DpPfc6B5IVmQeFgQF41YvxLAErXijFVNRn
+oW4p/Q7tkgud9Y6IK4FyddCRA2lw+GZzPhA7plNV29nejSV45AM+hw+q24g3ke8
UogB7rGYgWSBL5hBNmcxqnAffJ+q8JaVCEasKslWEVvS8lvbZbsSsrPgsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPz5sDhXeo0NzNU2yFTbsq9af8FOMB8GA1UdIwQY
MBaAFF+CrpowSsCCwYookWZvZM7oHVyoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDRLdW1qQkt3SUxCaWlpUlptOWt6dWdkWEtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNmRiZDgtNjQ2Ni00OGQwLWE1OTct
M2VjNDQ3MzEwZGZiLzEvX1Btd09GZDZqUTNNMVRiSVZOdXlyMXBfd1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNmRiZDgtNjQ2Ni00OGQwLWE1OTctM2VjNDQ3MzEwZGZi
LzEvWDRLdW1qQkt3SUxCaWlpUlptOWt6dWdkWEtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw9b4MA0G
CSqGSIb3DQEBCwUAA4IBAQAv358Vo0hwx9MMUnlrGA91tF9Qy1HIXWj4zkxc4u58
b9F3S0PAVQl+MjmpI8Ma+EW4AoR43vb4I0MECDp8LHhc2skf5iusy1hGlUkKZK7y
7P0sHCxqNNOATvQjGpxfknPU1vFLtejoY3MSoONg8DjooryfOtXrlXmxA7/ngz4f
OIO8omuMPupQItpmcagMz0elo+wIYQSooufkTDNDiiqCO+Aw16DYyxX8DUk+I3zZ
SDQXO2reR0tV9cM+hgK12NatBJ21GF/ulMiNNc0sYTqtjbaLZOcH/jdW9urZt1Ic
IhrW0J0pldDiRVIFS/m7lIWtJtSF2Inr4jtydjQ1oULf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:21 2024 by rpki-client on console-ams.rpki-client.org