Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/2710b0-6c4a-4a94-b92a-b1cefc995379/1/Iq4pBxB5ehpqpjBl5P-DeDlHaT8.roa
File:                     Iq4pBxB5ehpqpjBl5P-DeDlHaT8.roa (raw, json)
Hash identifier:          bwcLyq38Mz1jDE9IXLhZucYf+R+hhBHjq0G4nnKLqzs=
Subject key identifier:   22:AE:29:07:10:79:7A:1A:6A:A6:30:65:E4:FF:83:78:39:47:69:3F
Certificate issuer:       /CN=3ec2c20d6b3acf84802c2b7ca0722deb72c670bb
Certificate serial:       0185E359E589F535BE1F63A0BDAD591C994F
Authority key identifier: 3E:C2:C2:0D:6B:3A:CF:84:80:2C:2B:7C:A0:72:2D:EB:72:C6:70:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PsLCDWs6z4SALCt8oHIt63LGcLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/2710b0-6c4a-4a94-b92a-b1cefc995379/1/Iq4pBxB5ehpqpjBl5P-DeDlHaT8.roa
Signing time:             Tue 24 Jan 2023 10:36:37 +0000
ROA not before:           Tue 24 Jan 2023 10:36:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        195.211.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 08:18:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e3:59:e5:89:f5:35:be:1f:63:a0:bd:ad:59:1c:99:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ec2c20d6b3acf84802c2b7ca0722deb72c670bb
        Validity
            Not Before: Jan 24 10:36:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22ae290710797a1a6aa63065e4ff83783947693f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:96:05:f5:dc:d8:d9:60:7b:46:e4:26:14:10:
                    74:8e:a0:4d:e8:73:c2:64:f5:02:4f:b6:e0:37:2c:
                    96:4b:90:18:f7:2c:0b:a6:50:bf:5d:67:08:cd:a8:
                    5f:c6:59:61:09:5f:de:00:7f:4e:87:92:ac:d0:f7:
                    52:fb:a2:b7:c4:30:16:f0:7e:14:cb:b3:84:2f:21:
                    92:e1:d1:2f:c5:b0:0b:10:66:aa:88:b6:47:5b:02:
                    c7:31:f6:d4:89:05:16:ab:06:35:54:d2:ea:55:d9:
                    91:9c:e3:be:52:ae:7b:0b:da:53:d0:e4:1d:46:98:
                    9a:97:de:b3:91:69:25:96:34:f7:59:f1:1e:c5:a1:
                    ec:92:49:12:52:8f:05:43:78:09:fb:9e:58:1a:45:
                    90:bc:ae:13:7c:22:52:4f:18:46:78:6c:c5:74:7c:
                    f7:7d:f0:a0:05:c1:03:4c:24:d2:ed:6e:cb:da:da:
                    6f:ef:9d:02:6a:13:f7:ef:26:51:5f:0b:4a:dd:9e:
                    89:21:6f:d9:68:94:2d:ad:78:1c:49:39:3f:ea:35:
                    e7:8d:63:00:4a:5a:a9:93:05:60:d9:32:59:41:d2:
                    15:da:21:ed:de:aa:7f:48:80:a3:f3:7a:98:ce:7f:
                    e9:b6:a6:e6:ae:87:fe:f8:9e:a7:a5:55:7b:4c:08:
                    59:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:AE:29:07:10:79:7A:1A:6A:A6:30:65:E4:FF:83:78:39:47:69:3F
            X509v3 Authority Key Identifier:
                keyid:3E:C2:C2:0D:6B:3A:CF:84:80:2C:2B:7C:A0:72:2D:EB:72:C6:70:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsLCDWs6z4SALCt8oHIt63LGcLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/2710b0-6c4a-4a94-b92a-b1cefc995379/1/Iq4pBxB5ehpqpjBl5P-DeDlHaT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/2710b0-6c4a-4a94-b92a-b1cefc995379/1/PsLCDWs6z4SALCt8oHIt63LGcLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.211.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:5d:3a:d6:b1:8a:4f:cb:52:ff:15:0d:28:98:d9:64:b3:37:
         d0:a3:a1:ce:63:c4:33:e1:7e:29:d6:d7:6b:af:30:f4:30:88:
         cb:f7:7a:b7:4d:eb:c0:55:ae:25:c6:76:26:50:05:8b:fa:9e:
         90:17:6b:0b:ce:91:6b:94:63:20:7f:55:4c:d1:50:eb:53:b9:
         80:d8:e8:b5:52:4c:8f:01:29:a9:f0:32:99:6d:26:f6:a1:46:
         f5:2a:36:db:bb:46:29:6e:91:f4:39:72:e8:2d:29:21:7a:1a:
         7a:2d:e2:d7:85:c3:d7:bb:dd:41:5a:8f:f8:3b:a1:27:04:af:
         34:af:b0:41:bf:20:83:8d:22:fc:03:07:a5:c5:f3:9f:54:f3:
         9d:8e:3a:dc:01:89:93:7f:f2:2a:fb:69:03:fd:e5:11:89:80:
         d2:9e:65:74:a4:e8:a7:3d:51:0d:0b:4e:16:85:ae:f6:46:1e:
         22:44:72:84:8b:e3:90:d1:e5:80:7b:ea:12:7b:74:28:14:d7:
         35:5c:21:aa:09:36:bd:b0:70:bf:ab:c3:fb:88:0f:8a:2a:eb:
         a9:df:d4:55:16:00:0f:cc:72:69:5f:4e:60:fb:21:92:96:5e:
         1e:e4:f2:c5:97:87:65:d2:91:4f:5d:12:d7:d6:4c:d6:68:3a:
         74:0e:6d:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXjWeWJ9TW+H2Ogva1ZHJlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzJjMjBkNmIzYWNmODQ4MDJjMmI3Y2EwNzIyZGViNzJj
NjcwYmIwHhcNMjMwMTI0MTAzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFlMjkwNzEwNzk3YTFhNmFhNjMwNjVlNGZmODM3ODM5NDc2OTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZYF9dzY2WB7RuQmFBB0jqBN6HPC
ZPUCT7bgNyyWS5AY9ywLplC/XWcIzahfxllhCV/eAH9Oh5Ks0PdS+6K3xDAW8H4U
y7OELyGS4dEvxbALEGaqiLZHWwLHMfbUiQUWqwY1VNLqVdmRnOO+Uq57C9pT0OQd
Rpial96zkWklljT3WfEexaHskkkSUo8FQ3gJ+55YGkWQvK4TfCJSTxhGeGzFdHz3
ffCgBcEDTCTS7W7L2tpv750CahP37yZRXwtK3Z6JIW/ZaJQtrXgcSTk/6jXnjWMA
SlqpkwVg2TJZQdIV2iHt3qp/SICj83qYzn/ptqbmrof++J6npVV7TAhZAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKuKQcQeXoaaqYwZeT/g3g5R2k/MB8GA1UdIwQY
MBaAFD7Cwg1rOs+EgCwrfKByLetyxnC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNMQ0RXczZ6NFNBTEN0OG9ISXQ2M0xHY0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yNzEwYjAtNmM0YS00YTk0LWI5MmEt
YjFjZWZjOTk1Mzc5LzEvSXE0cEJ4QjVlaHBxcGpCbDVQLURlRGxIYVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yNzEwYjAtNmM0YS00YTk0LWI5MmEtYjFjZWZjOTk1Mzc5
LzEvUHNMQ0RXczZ6NFNBTEN0OG9ISXQ2M0xHY0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9OnMA0G
CSqGSIb3DQEBCwUAA4IBAQClXTrWsYpPy1L/FQ0omNlkszfQo6HOY8Qz4X4p1tdr
rzD0MIjL93q3TevAVa4lxnYmUAWL+p6QF2sLzpFrlGMgf1VM0VDrU7mA2Oi1UkyP
ASmp8DKZbSb2oUb1Kjbbu0YpbpH0OXLoLSkhehp6LeLXhcPXu91BWo/4O6EnBK80
r7BBvyCDjSL8AwelxfOfVPOdjjrcAYmTf/Iq+2kD/eURiYDSnmV0pOinPVENC04W
ha72Rh4iRHKEi+OQ0eWAe+oSe3QoFNc1XCGqCTa9sHC/q8P7iA+KKuup39RVFgAP
zHJpX05g+yGSll4e5PLFl4dl0pFPXRLX1kzWaDp0Dm2Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org